oss-sec mailing list archives
CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow
From: Andres Gomez <agomez () fluidsignal com>
Date: Mon, 29 Oct 2012 10:12:22 -0500
Hi, Could a CVE be assigned to this issue? Name: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Software: PLIB 1.8.5 Software link: http://plib.sourceforge.net/ Vulnerability Type: Stack Based Buffer overflow References: http://www.exploit-db.com/exploits/21831/ http://www.securityfocus.com/bid/55839 Vulnerability Details: Plib is prone to stack based Buffer overflow in the error function in ssg/ssgParser.cxx when it loads 3d model files as X (Direct x), ASC, ASE, ATG, and OFF, if a very long error message is passed to the function, in line 68: // Output an error void _ssgParser::error( const char *format, ... ) { char msgbuff[ 255 ]; va_list argp; char* msgptr = msgbuff; if (linenum) { msgptr += sprintf ( msgptr,"%s, line %d: ", path, linenum ); } va_start( argp, format ); 68 vsprintf( msgptr, format, argp ); va_end( argp ); ulSetError ( UL_WARNING, "%s", msgbuff ) ; } Thanks, Andres Gomez. -- -- AVISO DE CONFIDENCIALIDAD: Esta transmisión se entiende para uso del destinatario o la entidad a la que va dirigida y puede contener información confidencial o protegida por la ley. Si el lector de este mensaje no fuera el destinatario, considérese por este medio informado que la retención, difusión, o copia de este correo electrónico está estrictamente prohibida. Si recibe este mensaje por error, por favor notifique inmediatamente al emisor y destruya el original. Gracias -- CONFIDENTIALITY NOTICE: This transmission is intended for the use of the individual or entity to which it is addressed, and it may contain information that is confidential or privileged under law. If the reader of this message is not the intended recipient, you are hereby notified that retention, dissemination, distribution or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please notify the sender immediately and destroy the original. Thank you.
Current thread:
- CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Andres Gomez (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Kurt Seifried (Oct 29)
- <Possible follow-ups>
- CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Andrés Gómez Ramírez (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Kurt Seifried (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Vincent Danen (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Andrés Gómez Ramírez (Oct 29)
- Re: CVE Request: PLIB 1.8.5 ssg/ssgParser.cxx Buffer Overflow Vincent Danen (Oct 31)