Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 25 Oct 2016 01:29:09 -0400 (EDT)
From: cve-assign@...re.org
To: ago@...too.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: libwmf: memory allocation failure in wmf_malloc (api.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> AddressSanitizer failed to allocate 0xfe769000 bytes of LargeMmapAllocator

> 0x7f7173b4d337 in wmf_malloc ... libwmf-0.2.8.4/src/api.c:482
> 0x7f7173b5d2f8 in wmf_scan ... libwmf-0.2.8.4/src/player.c:143
> 0x7f7173d6dcf7 in ReadWMFImage ... ImageMagick-7.0.3-0/coders/wmf.c:2675:13

Use CVE-2016-9011.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYDu1AAAoJEHb/MwWLVhi2VPwP/20e47SxBDB94G3os2r/E/rD
Us+bIZe+GEusNpuUoKn+Ykh9Y9/OBgUxkSacTLhETbWwInWSZcwv5Tntl/+SYQPU
e623sugwiN9TrlAAPnBstCD6lx0CndQar4mkdVrvdHqLxnGXz34D/vfdseIKpmLK
fMnAMpD3mLDF2BuwVqPdqVgoDV7ieD9rSZ8JWIJFsJIHm1qxtjMoAOKcyddBtYo9
kJa+LEtQGJebL8Dh5r8nEsimINscI17h803D5//U8o57BOLpleztKKDk4wVGKNJe
7L92xplVIGQ2a84SnjCcOPPAc2p4gSz1C3CQjDKTh3kmnuFzLB/VVOIgzwLtpeBN
oF6LUK5WLx36/V9RW4Yrk7ilFudIFzW+kg/1cE4P4+zE/LItwPSGF4y5PfvLsEQB
2deI2cV+pIzNBLIUOtx4M+4d0+vjzXW+NmrVUCKmdoBAKtvXi1OBmDjN/NN8U1A5
dBugmmfZ95Yzw2Yv96UVQ7YNxzUjjQxcP2I6ufKAOa99oKm/mWUAsb2p8bgrnNZ6
kUPMfUyKrVmrgkxUSHaT5AldPm9K/JYCsiyuoU7HDCE/HSKHUKYypUK5hwEMK4xV
N3XK4Ex1wVb3drCRwXniVMpwrpGyPxSNg3T5okHmmHDn01Q600GunzzJorRDkNIV
MO66uFXEbfDaT3Gz2hd2
=Xe0u
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.