oss-sec mailing list archives
Re: CVE request: libsndfile 1.0.25 heap overflow
From: cve-assign () mitre org
Date: Tue, 3 Nov 2015 13:52:26 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/ https://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html https://www.exploit-db.com/exploits/38447/ The blog post mentions MITRE was notified but I don't see a CVE anywhere for this issue. Has a CVE been assigned to this flaw yet?
Actually, yes, a CVE was assigned a while ago: CVE-2015-7805. We realize that the www.nemux.org URL says "09 Oct 2015 Mitre.org contacted (no response)"; however, we actually did respond on that day. (The person who wanted a CVE ID wrote to us from two e-mail addresses, one of which did not work for us. The person wrote to us a few weeks ago confirming that they did receive the CVE ID. We will follow up.) - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWOQHDAAoJEL54rhJi8gl57v0QAKvk5hbqh4TEIa59vXyRZPKS Uo9lRR7nfzQvyFz39bA3mXjpFCjgVouNG22gYGsdTSLd7LI6vkM5Sd2MEyHaECo1 6NjlfMDMRsHODW8m0aqdQ3y2stGuq/OHjN4e0JMzFyEaJoA8Eu7+6Ro9W1JNgtiQ z6Zzmko92WCoCzM5cBuI73vewSk9J5INgnESQdNHTcmX1qridbFs3msiONFGk662 b43JNA2P0ZuVV0XZkaNYdbzSM+amv0fzRtULNIZfexs3q5kZrWFag/qavaThzg9w Tqph8mQUCAgZrIBPSWSgF/9rT3YAoIZoaXEbxVZf8hN424dwxlcK0ev2A2mPDNrF flItMzePSSzlRkOAz32EBJhSLBMlEiVVYElfiLR2/OkKPyg2FquU0uM8IUqRR0zR AO1RHpt8RczaxxXPlR/hmVlt/jhkc8mulErEXKLxE8ie+zvRKAlTB/OreU1KZrKP DZ6pLaokp+uTsvLbobbbiUNF6p3EL7pJanHFxQr9AQyjPuJUKKacmwMASCDlB0YQ i1nU5y2Ki0tJU5NsmVMcqpMPObkuEOY2ISsDSGOUObCSLm1X6+pCa0vBUoUK9gtX 0D41ZWr9dM+RPvvIw3M6DTx2OUTY9s7O4J+Zq1TBAug8ady1edgYnA6ejJ+zIxvv pvMRRZ9PmSBDK3RF3TqK =j8S/ -----END PGP SIGNATURE-----
Current thread:
- CVE request: libsndfile 1.0.25 heap overflow Martin Prpic (Nov 03)
- Re: CVE request: libsndfile 1.0.25 heap overflow Hanno Böck (Nov 03)
- Re: CVE request: libsndfile 1.0.25 heap overflow cve-assign (Nov 03)
- Re: Re: CVE request: libsndfile 1.0.25 heap overflow gauri (Nov 05)
- Re: CVE request: libsndfile 1.0.25 heap overflow cve-assign (Nov 03)
- Re: CVE request: libsndfile 1.0.25 heap overflow cve-assign (Nov 03)
- Re: CVE request: libsndfile 1.0.25 heap overflow Hanno Böck (Nov 03)