Date: Thu, 2 Jun 2016 12:18:14 -0400 (EDT) From: cve-assign@...re.org To: gustavo.grieco@...il.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE request: DoS in phantomjs 2.1.1 rasterizing websites -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > A denegation of service vulnerability was found in phantomjs when it > is processing a particular svg file. This crash caused by a null > pointer dereference can be easily used by a malicious website to > avoid rasterizing when it is crawled using phantomjs 2.1.1. Previous > versions like 1.9.x are not affected. A reproducer is available here: > > https://github.com/ariya/phantomjs/issues/14244 Please provide more information about the threat model. Do you mean that a single PhantomJS process is commonly used to access a series of independently operated web sites, and the operator of any one web site could disrupt this use case by placing the crafted SVG file on their site? Or, do you mean that the only known impact is that one web-site operator could prevent PhantomJS access (e.g., screenshotting) of their own web site by using the crafted SVG file -- in other words, the crash would not realistically disrupt any use of PhantomJS by the same client to access other web sites? Is ongoing use of PhantomJS disrupted only in the http://phantomjs.org/api/webserver/ case? In other words, any one web-site operator could crash the web server within PhantomJS, and there would be an outage until the web server within PhantomJS is manually restarted? - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXUFvYAAoJEHb/MwWLVhi2qSAP/ieu7bSO3I9bPOqkc5+5YkI3 /rjZASGY/nV5BCoDv0F7uv3AAKQYd+EzKoa9Nu6soOo2LCnhE4TdFL9VhdJQcSLk UwGcx+Iqk/s44igsWML2GnTOsSldxzLHKP9a1IDYj+lU+kZ07yYXytUlx1bbKJNZ w2nzT2+sn4V0pHkRMx0a8YkugzTJzD2MGkYxDsLUh0aTDvbA/U53S20obYe7wJjq xwinllQRW8cE/Rf0yglxbJpBeV3/dsdOcKC/lnNYbvGMDYWe3t8DIpqVdDXM7nlg NfqfDU7pl9q31FpEmxnSzTi7MmnWimgQbxAT/Jpi59sGIx0+XE9KqNdwPpj4YQYT FCUujyJBNNdU0+yLHi5NHb6fsT65Wq3AaTK/10220siLAfFfNU11bT/nIUv572Aa j81M04BwotyzuQE76MRrXZKswncHyYJZPY5LCvr4KfBntwBfxwJx/xxdSPOtQA59 mkV1gvVBbL+ANJUZOPuiRNTi95UCTi4z9CEfNgIONCMxtLIvCJZ65QGDGvL+kV8o ko8+W5/7FWR2j53AhxGYICoiXlLc/v3OVektEx5LwFxp6Mc6IFqhbsnIy6m+p8NU JQVoDfj1NLy+oRzh+7aysYFOUxqAMU20fQLReZNfBmvjRz9DPiYnsZcmd8igYP6K 4QzOCYC0rF1y6PbhjAd0 =2USQ -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.