oss-sec mailing list archives
Re: CVE request - integer overflow and crash parsing regex in mujs
From: <cve-assign () mitre org>
Date: Sun, 30 Oct 2016 15:48:27 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
an integer overflow somewhere affecting function js_regcomp (line 843 in regexp.c) in mujs
Argument 'size' of function malloc has a fishy (possibly negative) value: -5152
js_regcomp (in /home/g/Work/Code/mujs/build/mujs)
Invalid write of size 2
Use CVE-2016-9108. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYFkudAAoJEHb/MwWLVhi2RBgP/RF0bMlb+4D26ZDZ2QWwajjj 3QerG0bwV1cKaE+emQXe2T0fMeeSNm0B8+SSkLEtbfFSFnQhJgP3cn2xoYOdl0+j J72oJMrTay+NRMiSyCoHQ0lXy2K3z1BhvXDTMDCrRtov4curUVQ8Zk35rNDr+DGP tUpumfoguit3TrcrlQT19AiKUUJYiXBgD7k6CsGVdZ2ReY3Bi3MwhyHfZ+cNvx71 hwxAwtvYIU+h/+kUX0fjLQ5w8VadUr4pwYtQNvo6x52QiOFyw5iw2JsJX7q0K72X bteIFYG8byQqMJXyYzLwxN4FpWzEW7uPusRjE7I0X62y0rl/RV0AdpFL5+QBLYdC 5bIDcVbRpcjoQimDk6nP3iVTvaetOvyJHDQxv2UP13pkwW1Y1t4rlI45F/8FVsUz jILRhjiW1ITLew+zCmQtirdAsh+pkPRlZCdWKzDdlY/Pxeb0Nqp3kyIZ0kQSpogr xjNpJJV9ss7aXjzwYSDR3R9U/91QnPqJ2wagxds6AsnZB6zKG6V01edmgKpMTYue vmIFeSY/nul7xAUMl0BYrLoJkwag+aitbQ5FVjU1UaO442W9iraM8Sp5afecXjWD kU2CHD7BPP41K1e6Cw/HI2HfNBkhJVdz96SaNq4jA3uwtjkuWaeZ1HnqTxX5yE5V niwZyF8JncAPwN2NX7CQ =GE43 -----END PGP SIGNATURE-----
Current thread:
- CVE request - integer overflow and crash parsing regex in mujs Gustavo Grieco (Oct 30)
- Re: CVE request - integer overflow and crash parsing regex in mujs cve-assign (Oct 30)