oss-sec mailing list archives
Re: CVE Request -- HTMLDOC
From: Alex Legler <a3li () gentoo org>
Date: Sun, 26 Jul 2009 09:24:30 +0200
On Sa, 2009-07-25 at 15:31 +0200, Nico Golde wrote:
Did you check: htmllib.cxx: if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%s", &width, glyph) != 2) ps-pdf.cxx: if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%s", &width, glyph) != 2) as well? Looks like a similar issue to me.
Indeed it is the same issue. I could cause an overflow with a crafted AFM font file. I have added these two to the upstream bug report. Regards, Alex
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- CVE Request -- HTMLDOC Jan Lieskovsky (Jul 18)
- Re: CVE Request -- HTMLDOC Nico Golde (Jul 25)
- Re: CVE Request -- HTMLDOC Alex Legler (Jul 26)
- Re: CVE Request -- HTMLDOC Alex Legler (Sep 01)
- Re: CVE Request -- HTMLDOC Steven M. Christey (Sep 02)
- Re: CVE Request -- HTMLDOC Nico Golde (Jul 25)