oss-sec mailing list archives
Re: CVE Request: imview
From: Sang Kil Cha <sangkilc () cmu edu>
Date: Tue, 5 Feb 2013 16:59:41 -0500
It reads in .ics file (iCalendar). Typical scenario would be to share your schedule by sending the ics file to your friends. So someone can open a malicious calendar file from imview, and then crash. -Sang Kil On Tue, Feb 5, 2013 at 4:44 PM, Kurt Seifried <kseifried () redhat com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/05/2013 12:23 PM, Sang Kil Cha wrote:Hi, I am requesting a CVE for " http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699820". Thanks, Sang KilHow do you get the crashing input to imview? does it get used in web browsers or email clients to load images automatically or something? - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJREX0gAAoJEBYNRVNeJnmT4CoP/RJbC/ri3ZQkHyYCSzsiWdSz mybDB3J7NRpMeqVcOWK0M65EYmImV9VhH+pjDvDzuFCncpzWQqGFsRg4fWnD3CpU 85JOl1bXmcsOqWyzev0ulariGpf/zgvKsA3iigEA+DlVy7amCTs9vRdnh+b7vyEg X49iEJ7uy5nGZ+SOMYzA5pDcCY4gpDvA/JWlqCoMmI2WDG/t7+Uph0t5yco0bg8v 4UsFskUgZnLWMN9nNmdvJX0/1Bhlz5UXpNgf22Ie+3erH5196IuhbFmCy6AG8FtA u8FRg4dB0mMeVJlsVg768uFygVSP1+W/vSHtkaTznuttLSA78lamhou9bgRiLNh0 76nzcFxcp9IRph4BV31sh4Vic9BmYplCEzmYac0tTHrpFVrV7gI+DEdrtcDhUkIP RFYXJeM+0ZaOWIWjWItxY4MGIRDLLofVjyMeiWZAE+2TCUysL38d6YXahj4WKVaf XjviwS4p1dP/f9VHRQveTuQxCsnNQORPT76h9Vn4t5f/v66UxbqlF6c1hMUmblcy BrKdJEUvQmBHK0Yw2YeVGFJ5FUT+GFP7cH3gsmV9tvMGQyD9RYBPp5aZUpopTbSK Twouuh3UEB4/wI2uvU/QHC5wNAGXWsoC9UUIi8pRat2cdBvNR16jDBjRuuPO2vtP PLk4ZkV4mZ5li5WvPG6B =2eMT -----END PGP SIGNATURE-----
Current thread:
- CVE Request: imview Sang Kil Cha (Feb 05)
- Re: CVE Request: imview Kurt Seifried (Feb 05)
- Re: CVE Request: imview Sang Kil Cha (Feb 05)
- Re: CVE Request: imview Kurt Seifried (Feb 06)
- Re: CVE Request: imview Sang Kil Cha (Feb 06)
- Re: CVE Request: imview gremlin (Feb 07)
- Re: CVE Request: imview Sang Kil Cha (Feb 05)
- Re: CVE Request: imview Kurt Seifried (Feb 05)