Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: libao memory corruption vulnerability

From: Henri Salo <henri () nerv fi>
Date: Mon, 31 Jul 2017 12:22:30 +0300
On Mon, Jul 31, 2017 at 02:26:36PM +0800, qflb.wu wrote:

libao memory corruption vulnerability

./mpg321 libao_1.2.0_memory_corruption.mp3

CVE-2017-11548


Did you also test this with the latest version of the library? Issues like
these might not be fixed by backporting in distros. Did you report this to the
upstream?

-- 
Henri Salo

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: