Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 26 Aug 2015 14:31:00 +0530
From: Dis close <disclose@...ersecurityworks.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE Request : Serenity Media Player Buffer Overflow

Hi List:


This issue was disclosed and was acknowledged as public disclosure on
http://openwall.com/lists/oss-security/2015/08/24/2

We request for a CVE on the below mentioned vulnerability.

Below is the detailed information about the exploit code and POC video.

Exploit code and stack trace:
https://github.com/cybersecurityworks/Diclosed/blob/master/Serenity%20audio%20Player%203.2.3%20SEH%20Buffer%20Overflow
<https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fcybersecurityworks%2FDiclosed%2Fblob%2Fmaster%2FSerenity%2520audio%2520Player%25203.2.3%2520SEH%2520Buffer%2520Overflow&sa=D&sntz=1&usg=AFQjCNF6zuK_VDbA7UI72gJoxHFlzV7LpA>


Exploit Video POC
https://youtu.be/ZMC-URZagMg


Note : Vulnerability was discovered by below mentioned person and
organization. Credit for this vulnerability is requested for following :

*Discover Credit:*
*Arjun Basnet from Cyber Security Works Pvt Ltd*


*----*
Thanks in advance

Team CSW

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ