Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 11 Aug 2010 12:37:27 +0200
From: Jan Lieskovsky <>
To: "Steven M. Christey" <>
CC: oss-security <>,
        Caolan McNamara <>,
        David Tardon <>,
        Malte Timmermann <>
Subject: CVE Request -- [two ids]: 1, integer truncation error
 2, short integer overflow

Hi Steve, vendors,

   two security flaws have been reported against's Impress tool:

A, an integer truncation error, leading to heap-based buffer overflow when
    processing dictionary property items of the input *.ppt file:


B, a short integer overflow, leading to heap-based buffer overflow, when processing
    *.ppt document with too big polygons


Could you allocate CVE ids for these two issues?

Thanks && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ