FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libsoup -- stack based buffer overflow

Affected packages
libsoup < 2.52.2_1

Details

VuXML ID 8e7bbddd-8338-11e7-867f-b499baebfeaf
Discovery 2017-08-17
Entry 2017-08-17
Modified 2017-08-20

Tobias Mueller reports:

libsoup is susceptible to a stack based buffer overflow attack when using chunked encoding. Regardless of libsoup being used as a server or client.

References

CVE Name CVE-2017-2885
URL http://seclists.org/oss-sec/2017/q3/304