Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun,  2 Oct 2016 11:45:41 -0400 (EDT)
From: cve-assign@...re.org
To: marco.gra@...il.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: imagemagick mogrify use after free

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://github.com/ImageMagick/ImageMagick/issues/281
> https://github.com/ImageMagick/ImageMagick/commit/d63a3c5729df59f183e9e110d5d8385d17caaad0

>> AddressSanitizer: heap-use-after-free
>> READ of size 4

>> magick/attribute.c

Use CVE-2016-7906.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX8SsRAAoJEHb/MwWLVhi2lOoP/3hkMq06zT1dP90mnGALwTqX
nwKllShGOAfGlGdtJi7LiE+CeSfgXcyMOc666VG26dQb19Aj6moFemWIEZ4GVC5v
WNNGrSVRJvZAlW1LEN1tVwenv4kuevJI5KhoPRWXmUYkbsxdRwKS8pkPKyoYvs5v
c5ttxtdooyvRky2YvRReJ6Qgci0A61D3w8j47qC7yMcI3LJhX0us9WbWTnaLG7x8
ZF+DqtLBUcAgc08RTw1nUUDqxVNeGLAwnu8Ak+f5GQCudd9g570wXjL0UPznLOnC
Wz4fAFfU5NSayq3S/GiileILeDTHJ79ObkOiC9WIjltoRn8iercvs/6tXpvMAWFo
J2WlfitHrepRrK3R517kpnxSTmJyYU6pEu1DtA10DjHo0KFYOLy0+D/N6r8IufNj
mNCKPgtJO6JdNsHrhNBC/dYxkB/3QiGOWayF3dK/MxhD8irfr7gR2w5q2PfTAn+/
dJ4MLvZl+nMPh6Hb7gtIWHHVmryJtoVCwSJIEO3JpNvVnViyGw9iRhRutdDL5rbK
0JEz/2wJ0eDXJ9J/fI+K1Z/Dcc9rgXBeTuAdirkuJWnAd/6ngChoJYHKd0lAIFzT
tyP+64xEg+XYbG7Cj3MrXrQjaDJdGW/b9uW5rwqgqduWEXvUQS91O/r3CERu6cLu
7dpxAcUqkCcF0KlNm7HU
=C5KK
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ