Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 21 May 2010 10:18:59 -0500
From: Jamie Strandboge <>
Subject: CVE Request: off by one DoS in pe_icons.c

Though the bug report and patch have very little details, our clamav
maintainer confirmed with upstream that the following commit fixes a DoS
via off by one error. It only affects 0.96 (code not present in earlier
versions). A quick look at the code and patch suggests an out of bounds
access on the dynamically allocated *imagedata array.;a=commit;h=7f0e3bbf77382d9782e0189bf80f5f59a95779b3

Jamie Strandboge             |

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ