CVE-2015-2675

Name of the Vulnerable Software and Affected Versions librest versions prior to 0.7.93

Description The issue is related to the OAuth implementation in librest, which incorrectly truncates a pointer returned by the rest proxy call get url function. This can be exploited by remote attackers to cause a denial of service, resulting in an application crash. The attack can be performed by running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account.

Recommendations For versions prior to 0.7.93, update to version 0.7.93 or later to resolve the issue.