Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 26 Aug 2015 13:02:28 -0400 (EDT)
From: cve-assign@...re.org
To: disclose@...ersecurityworks.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE Request : Serenity Media Player Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://github.com/cybersecurityworks/Diclosed/blob/master/Serenity%20audio%20Player%203.2.3%20SEH%20Buffer%20Overflow

> SEH Local buffer overflow in Serenity Audio Player 3.2.3 (earlier known as Malx Media Player)

> BUG_TITLE:Exploitable - Privileged Instruction Violation starting at image00400000+0x0000000000000055 (Hash=0x5e212578.0x3a4f4f12)
> EXPLANATION:A privileged instruction exception indicates that the attacker controls execution flow.

http://malsmith.kyabram.biz/serenity/serenity-3.2.3-src.zip
src/plgui.c
MplayInputFile

CHAR szTemp[MAX_PATH];
_ftscanf(fp, _T("%h[^\n]%*hc"), szTemp)

Are your exploit and the exploit referenced from
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4097 both about
this one vulnerable _ftscanf call? If so, then the same CVE ID of
CVE-2009-4097 is applicable to both exploits.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIbBAEBCAAGBQJV3fB0AAoJEL54rhJi8gl5BCcP90nDaLz5Aw1s/pvBxB/KVZqa
nhN+JuVY/8SR+K3qCP1XT6365UzV0+i4A9QQXVS8PS6Dn8j9Q7Y1Cq2m/K5HiehW
ghAMtul96DRS2Ti1OkgM1dmmO9RPv5eMzKiC2MbLIvWziyeg5W/y9SlAP95aZiqN
WV9Ii4HjrZV9LIWRL3sOEXSlCJ7Ez2lPWaosItuamScU9ZHOskmn+hl7xNzFvCyn
hqTCIPT2KQ9DSh00TGyalx5Qwu38j0XzsKkA+6B8g+VsRCq4yJpitF0L4MCBOQHr
f2jgKw9OktUN/de3Qx0dzg3X00jkcrM7RrDNGW83Gb2FDa9TZLVh+Dio0znTre6K
AyfIhtPDAXQnx5NsXcSsRh/1VLOuP1eRvGzWnnd5LeVODNCJ+nJNGiHQ3FQNOzJj
mBuGI17mFRCNlYsatpTpMGoSlxHdJPOr7rFZNX0Y7TG1N+GZUb6DVrfsprTCHNle
Pq+seeT5xwrXo4CI57KVvXC11KCHU87f2ldtVjspO50lzyRASzUJhEsHsZ35CbX7
Uc6ZksJls9vs3TvHx8cw6e3iPeThMLCsBx7pcXcbHbFXz4eNCPa2VPkV1Bfa8nKx
gtXXq6b0pvyK+2mvhLy7wQM0JmVP+Cwjim/3VHcM8F5SOfbRMwcA2vGAAnp5/tMR
5oBhIuKDZ2obycQoZ+E=
=8zwy
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.