Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 26 Aug 2015 14:31:00 +0530
From: Dis close <disclose@...ersecurityworks.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE Request : Serenity Media Player Buffer Overflow

Hi List:


This issue was disclosed and was acknowledged as public disclosure on
http://openwall.com/lists/oss-security/2015/08/24/2

We request for a CVE on the below mentioned vulnerability.

Below is the detailed information about the exploit code and POC video.

Exploit code and stack trace:
https://github.com/cybersecurityworks/Diclosed/blob/master/Serenity%20audio%20Player%203.2.3%20SEH%20Buffer%20Overflow
<https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fcybersecurityworks%2FDiclosed%2Fblob%2Fmaster%2FSerenity%2520audio%2520Player%25203.2.3%2520SEH%2520Buffer%2520Overflow&sa=D&sntz=1&usg=AFQjCNF6zuK_VDbA7UI72gJoxHFlzV7LpA>


Exploit Video POC
https://youtu.be/ZMC-URZagMg


Note : Vulnerability was discovered by below mentioned person and
organization. Credit for this vulnerability is requested for following :

*Discover Credit:*
*Arjun Basnet from Cyber Security Works Pvt Ltd*


*----*
Thanks in advance

Team CSW

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.