Date: Wed, 5 Aug 2009 14:59:33 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com cc: coley@...re.org Subject: Re: CVE request: XEmacs Multiple Integer Overflows ====================================================== Name: CVE-2009-2688 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2688 Reference: MISC:http://tracker.xemacs.org/XEmacs/its/issue534 Reference: CONFIRM:https://bugs.gentoo.org/show_bug.cgi?id=275397 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=511994 Reference: BID:35473 Reference: URL:http://www.securityfocus.com/bid/35473 Reference: OSVDB:55298 Reference: URL:http://osvdb.org/55298 Reference: SECUNIA:35348 Reference: URL:http://secunia.com/advisories/35348 Reference: VUPEN:ADV-2009-1666 Reference: URL:http://www.vupen.com/english/advisories/2009/1666 Reference: XF:xemacs-jpeg-bo(51334) Reference: URL:http://xforce.iss.net/xforce/xfdb/51334 Reference: XF:xemacs-png-bo(51333) Reference: URL:http://xforce.iss.net/xforce/xfdb/51333 Reference: XF:xemacs-tiff-bo(51332) Reference: URL:http://xforce.iss.net/xforce/xfdb/51332 Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the png_instantiate function processing a crafted PNG file, and (3) the jpeg_instantiate function processing a crafted JPEG file, all which trigger a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.