Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 4 Oct 2010 15:11:23 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE requests: Poppler, Quassel, Pyfribidi,
 Overkill, DocUtils, FireGPG, Wireshark

----- "Tomas Hoger" <thoger@...hat.com> wrote:

According to Tomas, only the first three things needs IDs:


> 
> e853106b58 is uninitialized pointer use flaw.  Pointer value may be
> controlled by PDF content, hence if pointed to attacker-controlled
> memory, code execution may be possible via virtual method call.  This
> should date back to very old xpdf versions.

http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf

Use CVE-2010-3702

> 
> bf2055088a seems similar to the above one.  Pointer is to the class that
> has not virtual methods, but may be used to corrupt memory.  This should
> only affect poppler versions after b1d4efb082.

http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f

Use CVE-2010-3703
> 
> 39d140bfc0 array indexing error / underflow.  On platforms where atoi can
> return negative result, this can allow out-of-array-bounds write.  Code
> appears in old xpdf versions too.

http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473

Use CVE-2010-3704

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ