oss-sec mailing list archives
Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read
From: Gustavo Grieco <gustavo.grieco () gmail com>
Date: Mon, 7 Nov 2016 15:29:37 -0300
Hopefully, CVE-2016-9109 should be fixed in this commit: http://git.ghostscript.com/?p=mujs.git;h=a0ceaf5050faf419401fe1b83acfa950ec8a8a89 2016-10-30 16:49 GMT-03:00 <cve-assign () mitre org>:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256Despite CVE-2016-7563 looks fixed in the mujs bug tracker, it was not properly patched: http://bugs.ghostscript.com/show_bug.cgi?id=697136#c4AddressSanitizer: heap-buffer-overflow READ of size 1Use CVE-2016-9109 for the issue of an incomplete fix for CVE-2016-7563. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYFkuiAAoJEHb/MwWLVhi2RYQP/RUxITs9d7YwygKvsonPO6KY G0w5aAZSoJQq5SuQHFpU5B6CBfMfGB4iSWTrdLhu71hSBHlFMoca8Q4Rlirnnefh mrK2dUlB4ZeY9iAu/WAsi7svdMhbsaNWD4FchYdm8PTBP10Q0pHCilPAmJI4/fev vZIeSeHl0KcYD104MtYD2ek6bOUm56Dxuf2nBTRfVJNBZa/q1FRS62cg+Nkwo4Hx sfvepzy26nE0PzCFn1GcPu3H0SuWe1nkgfSwgZjFSDAg+OwueJLAFnm/Y+xloUWv lD3WiHU1cESxY4SyH3UgUa2QgNTI0zauLxLzcwLOYMF2rh8UlACG2DqOckgI9Bkk GYetbtkGbnZOmwBTEFPdKfFISEo5dBBPRWTxFXnepCnwjU/Gl1gLt07s4/90UM/7 +w+kXl0boDt7W7PUYxyn6lkYUbT6Irodxvk1QDe5LcI5eyU8+QN2yNW1t8sp7qAi 578PKtcezerFo0L9WHSvNcV3+CM9mO00LdI6ZxCEy8qmc5s5yrnbtIElaNdJfOek 1riKd3yPvz3T/2EGbpVXE/9gkpz4My37e+bhhkBhzScp6pcM6tOcycBvSzM1LKls HNh0uzMpzadWQA474KQsCoXAZ+M3N1ViBmUs0KUCGs9NAqxjYV/pKtONiKUqTHbJ 4cNzu7H/SxrQp0e6nt3h =vKjs -----END PGP SIGNATURE-----
Current thread:
- Re: Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read Gustavo Grieco (Oct 30)
- Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read cve-assign (Oct 30)
- Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read Gustavo Grieco (Nov 07)
- Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read cve-assign (Oct 30)