Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Apr 2017 08:47:13 +0000
From: rudykewang(王永科) <rudykewang@...cent.com>
To: oss-security <oss-security@...ts.openwall.com>
Subject: CVE Request: Interger overflow vulnerability in
 ptp_unpack_EOS_CustomFuncEx function of  libmtp (version 1.1.12 and below)

Hi,
    I find an interger overflow vulnerability in ptp-pack.c(ptp_unpack_EOS_CustomFuncEx function) of  libmtp (version 1.1.12 and below) and have reported it to http://libmtp.sourceforge.net.<http://libmtp.sourceforge.net./>
    The fix is here: https://sourceforge.net/p/libmtp/mailman/message/35735992/
    Could you assign a CVE number for this? This is Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com).

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ