OVAL Reference oval:org.opensuse.security:def:20123461

Oval Definition:

oval:org.opensuse.security:def:20123461

Revision Date:	2022-05-20	Version:	1
Title:	CVE-2012-3461
Description:	The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_data_read_flags and (3) otrl_proto_accept_data functions in src/proto.c; and (4) decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a denial of service (application crash) via a message with the value "?OTR:===.", which triggers a heap-based buffer overflow.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2012-3461 Mitre CVE-2012-3461 SUSE CVE-2012-3461 openSUSE-SU-2012:1525-1 openSUSE-SU-2012:1525-1 openSUSE-SU-2013:0155-1 openSUSE-SU-2013:0155-1 SUSE-SU-2012:1578-1 SUSE-SU-2012:1578-1
Platform(s):	openSUSE 12.1 openSUSE 12.1 Update openSUSE 12.2 Update SLE SDK 10 SP4 for IBM iSeries and IBM pSeries SLE SDK 10 SP4 for IBM zSeries SLE SDK 10 SP4 for IPF SLE SDK 10 SP4 for x86 SLE SDK 10 SP4 for X86-64 SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP4 for x86 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4	Product(s):
Definition Synopsis
sles10-sp4-sdk is installed AND Package Information libotr-devel less than 3.0.0-16.9.1 OR libotr less than 3.0.0-16.9.1
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND libotr2-3.2.0-10.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND libotr-devel-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libotr-devel-3.2.0-10.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND libotr-devel-3.2.0-10.3.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND libotr-devel-3.2.0-10.3.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed OR SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed OR SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libotr-devel-3.2.0-10.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed OR SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed OR SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed OR SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libotr-devel-3.2.0-10.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed OR SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP4 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libotr-devel-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND libotr-devel-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Desktop 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP4 is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed AND libotr2-3.2.0-10.3.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed AND libotr2-3.2.0-10.3.1 is installed

BACK