Date: Mon, 4 Oct 2010 15:11:23 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark ----- "Tomas Hoger" <thoger@...hat.com> wrote: According to Tomas, only the first three things needs IDs: > > e853106b58 is uninitialized pointer use flaw. Pointer value may be > controlled by PDF content, hence if pointed to attacker-controlled > memory, code execution may be possible via virtual method call. This > should date back to very old xpdf versions. http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf Use CVE-2010-3702 > > bf2055088a seems similar to the above one. Pointer is to the class that > has not virtual methods, but may be used to corrupt memory. This should > only affect poppler versions after b1d4efb082. http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f Use CVE-2010-3703 > > 39d140bfc0 array indexing error / underflow. On platforms where atoi can > return negative result, this can allow out-of-array-bounds write. Code > appears in old xpdf versions too. http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 Use CVE-2010-3704 Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ