Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 4 Dec 2016 22:19:29 -0500
From: <cve-assign@...re.org>
To: <ago@...too.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: libming: listswf: heap-based buffer overflow in parseSWF_RGBA (parser.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-parseswf_rgba-parser-c

> AddressSanitizer: heap-buffer-overflow
> WRITE of size 1

Use CVE-2016-9831.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYRNjhAAoJEHb/MwWLVhi2dhUQALeGIrOTW5OKs4VJBWqDtrQD
NfNa39M/wFkBbw840ipCJ3X2QCcUjfHrYFTRxewTYDLGKsZ47vMVMviAJ0dKEkeY
cNx6H3RoAj23YcEtDW8kNGru2Yzt/Kn5edMzSJ+AX9vBiS3vn03gA9GRP6nCyqmL
dnyt0pLeORVTx5S8X21fzgVEwOJVOJ7cJdQwDluGq6AHlUb71tCUqKkaXFUEhKDr
yKBryzrMTfdOhqtAZ+yhzWm2nhhXUN1si86CX7XfSKoHDWm+bJnqgUWo+Yfa28EZ
FcMHLTl1rZX1883N98wMgPiZWi4Jbqcx/He6Q2bc2tOMh/QIIPUSV9E8V64R1fxI
3LKb2V/0NU54QcY3UCXwoPGsufxFf0Nixl3vW0oXVdlpvBz2sw576Zd/yQ1KUOm1
LqqpjTOoArB4w6CVn8ScfM2AxguTvslZxASGpfDg/oErjm9pZKYHrg8F+qM101cD
cHJEGddHsdVLLowSQO+378pLqD20fhrx2ZZf41bKiea0fQ9SOOAVy0oVhO3gjlUH
E5vzkPH6YmzHCU4tLtmacon42OWDGPONS8aNrF2/aKLmsZ0J7lSMDpgYjU4g8jhj
UOL5nhT+Ikj5ghMsRgmD5JzZ8VJtTGnQtnT2vpIp1H10P+jC6xxUbDx/G/Ij/r/t
V2VmydnzAYmtT/E/Nrhn
=GVTw
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ