[SECURITY] [DSA-1971-1] New libthai packages fix arbitrary code execution
Package : libthai
Vulnerability : integer overflow
Problem type : local (remote)
Debian-specific : no
CVE Id : CVE-2009-4012
Tim Starling discovered that libthai, a set of Thai language support routines, is vulnerable of integer/heap overflow. This vulnerability could allow an attacker to run arbitrary code by sending a very long string.
For the oldstable distribution (etch), this problem has been fixed in version 0.1.6-1+etch1.
For the stable distribution (lenny), this problem has been fixed in version 0.1.9-4+lenny1.
For the testing distribution (squeeze), and the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your libthai package.
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!