Buffer Overflow Vulnerability in OpenSAML Affecting Internet2 Shibboleth Service Provider
CVE-2009-3476

Currently unrated

Key Information:

Vendor

Internet2

Status
Shibboleth-sp
Opensaml
Vendor
CVE Published:
29 September 2009

What is CVE-2009-3476?

A buffer overflow vulnerability exists in OpenSAML prior to version 1.1.3 and XMLTooling prior to version 1.2.2, as integrated into Internet2 Shibboleth Service Provider versions 1.3.x preceding 1.3.4 and 2.x preceding 2.2.1. This flaw enables remote attackers to potentially cause a denial of service and, under certain conditions, execute arbitrary code by supplying a malformed encoded URL.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/36870
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/36514
vdb-entryx_refsource_BID
http://secunia.com/advisories/36869
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.