Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 4 Dec 2016 22:16:15 -0500
From: <cve-assign@...re.org>
To: <ago@...too.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: libming: listswf: heap-based buffer overflow in parseSWF_DEFINEFONT (parser.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-parseswf_definefont-parser-c

> AddressSanitizer: heap-buffer-overflow
> WRITE of size 2

Use CVE-2016-9829.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYRNjVAAoJEHb/MwWLVhi2d0YP+wcOS+S9vSCcY76UvnIOJkAo
vIyF0ZwUuYqNT0iWRgTlBNVVwFylyT45t+NX7kIOrrMh1gZ5OitoeQLv0aTte2nG
fhkcMJGAQLAlq+3zeT+Zb6Gm5KIW2hZjZPrJLfhltMmYq5VQ9JO6mRYitvn4xqeW
nUUy/upc/4fE5LoxnA9PnVwoeV2R3e5huS5FcFQUe2ZvKcYfm5itd8QmSu60t0Jg
gcEH038p71InHVXOEwcGBpfq1lk+uoLJct+Ipj4uEsQQ924pfOml2+P9UQ/KNtKn
deQrCfL3qepypJVrD1BO2I6EEsUkI1csJFqHLKR3V1CVKZ5/oLisl56/+wwletv0
3pnoJ7G6bUb027BgTAn4TJYoFTcDDvyZstOagEqlYi2gpbdjlpgzXd+2IJhe2q4C
v/3/hefJN7OwoGs0outsCexxbFX31TlzhW4IT0XYnx4kPbdXsNiqJCZUWxU+VMWk
qAGSZSdq3Ok1F6mTyuMwTSRw0bbk9u+Hb74s7Q0RyqJWjFqFRmpsC70Qlpj2QzGR
0SCecFC4RMGhDqBqAdCO7phloHqvcFHFcJuzhWxtSHDyLlSaNldy9ucw3a5UdVnQ
op2wZ5J0uPDfys7h+1Ld5pTYazNQiZZPHPDf3YBbJ4+ru45pyIVsjfcZ/XGNejDA
ACXv1ZczHVgTagzYE+c6
=+k3D
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ