Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 10 Dec 2012 13:59:52 -0500 (EST)
From: cve-assign@...re.org
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE-2012-6303 WaveSurfer and Snack Sound Toolkit buffer overflows

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We have assigned CVE-2012-6303 to these multiple buffer overflows in
WaveSurfer and Snack Sound Toolkit:

Disclosures:    http://www.exploit-db.com/exploits/19772/
                http://secunia.com/advisories/49889/
Product source: http://www.speech.kth.se/snack/
                http://wavesurfer.svn.sourceforge.net/viewvc/wavesurfer/trunk/wavesurfer/
                (The www.speech.kth.se site refers to "Snack v2.2.10
                 released December 01 Bug fix release" but this is
                 apparently about December 01 2004 -- not about a 2012
                 release.)

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (SunOS)

iQEcBAEBAgAGBQJQxi9YAAoJEGvefgSNfHMdrCcH/jKtUz094PCrTXbrtpNhih4j
zi1zyqdybNMAdmcGGZYs/5pgBym8a1avhRxsSfDsnSC6/1F/bKgw9LzHOprFT9bt
wn/TleyhHY+5sDcatxLUtwsLsoHCuQPOW4qe2EPXZu22zWOOwrS+ZX0rSE6iGHF2
2K0my22Dx49ARL/uUIvtCS0B5C8f3EM3NnMg6bNgLQXgmD1FuAqD2WgQ2iIvdcx/
9JH6xeEOBfA7AsNPIwHWQaIK3KTUEWxOr6Gp9L321TzBIUVsxjrEFgwGD7cRPvNk
JoAIUOqITXRcocKCsoz9TdwXK2mkFWrW5Dt6ieTAH8itAlDQBHZsE4Fs0WD8Sac=
=B8hW
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ