Re: CVE request: XEmacs Multiple Integer Overflows

[Vincent Danen <vdanen () redhat com>]

* [2009-08-05 13:53:50 +0200] Thomas Biege wrote:

> Hello,
> was a CVE-ID allocated for this issue in the meanwhile?

I don't believe so.  We've not seen one, at any rate.

> On Thu, Jul 16, 2009 at 09:25:41AM +0200, Alex Legler wrote:
> > Hi,
> >
> > I don't think we have a CVE for this/these issue(s) yet, so please
> > assign one/some:
> >
> > The {tiff,png,jpeg}_instantiate() functions in glyphs-eimage.c contain
> > an integer overflow, possibly leading to a heap-based buffer overflow.
> >
> > References:
> > Filed upstream as: http://tracker.xemacs.org/XEmacs/its/issue534
> >
> > http://secunia.com/advisories/35348
> > http://www.vupen.com/english/advisories/2009/1666
> > https://bugs.gentoo.org/show_bug.cgi?id=275397
> > https://bugzilla.redhat.com/show_bug.cgi?id=511994

--
Vincent Danen / Red Hat Security Response Team