Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat,  1 Oct 2016 16:58:13 -0400 (EDT)
From: cve-assign@...re.org
To: marco.gra@...il.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: imagemagick mogrify global buffer overflow

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://github.com/ImageMagick/ImageMagick/issues/280
> https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa
> 
> AddressSanitizer: global-buffer-overflow
> READ of size 4

>> MagickCore/profile.c

Use CVE-2016-7799 for this buffer over-read issue.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX8CJPAAoJEHb/MwWLVhi2P6EQALYfi29fmCoymW+3x38u8m+3
mrC+hPMgq8i729ec/SaUaSqy70Nixu2QoG/5uz8+M4sTuB9eQQpB4Hq1zM4dW4EB
I0J9/wC4nGII32c3lusuN3UZ5tM0jEfiUlYJFIRm95KDaYkH8g9+NNcj2zkO9yLK
I3s/PSilLuEsiHM/CLQDEoY3uXScELKq2RLCVwowl79Gs7fX3JNajH9Q87PS730e
S7IcJmRkwo+VyIWfIA3vu+mVLp+esUuBdvmj1CNMZaNGsqFvdAjUvSGtyOOdNfvD
y0J9n07GUxEl6BEoysBaZa4PEdOUuqTKzy7rfSMC16cxvEiix6LX96Znx9/59k73
0CbjUZOrEMmXyornJszwl0iXcb4lviv2AcpcW9oDO+Ud96MDLlAfwdAqczyk15dS
YIPZ0s8jtAJKP8Tl5oHTtDDU2t2h9iYeZCic1dTWloCzRkYoGEL2pPRdIqmIxrMp
uf+3rCkN0uU4gU1U3p/hUbyiepi5ukHFmAvn9+llQ3Um+8v4Ki/yzOOolAyVl5aQ
FZTlzn/1LLQYlrPsyNeJkCLDOcM1o0tRMYhCwagDF20KuU3J0zM/D+LwpSxchNIC
C7D74ub/3Lw4YfRv+UYK8l0NgfkiFhTuro7AjoB1dKjmmQW/sy8LnG4IOF/PIUFX
T/7CPx8PmTGY5SISkkMn
=v71F
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ