oss-sec mailing list archives

Re: CVE request: libmodplugin stack-buffer overflow

From: Josh Bressers <bressers () redhat com>
Date: Mon, 2 May 2011 15:33:35 -0400 (EDT)



----- Original Message -----

Some details and exploit at:
http://www.exploit-db.com/exploits/17222/

From an initial look, it seems that applications embedding libmodplug,
sp gstreamer-plugins may not be affected, since it seems to be doing
some parameter checking before hand.

Can a CVE be assigned to this please?


Please use CVE-2011-1761

Thanks.

-- 
    JB

Current thread:

CVE request: libmodplugin stack-buffer overflow Huzaifa Sidhpurwala (May 01)
- Re: CVE request: libmodplugin stack-buffer overflow Josh Bressers (May 02)