oss-sec mailing list archives
CVE request: libcdaudio
From: Thomas Biege <thomas () suse de>
Date: Wed, 5 Nov 2008 09:07:23 +0100
Hello,
we need a CVE-ID for a buffer overflow in libcdaudio.
It is a remotely exploitable heap-based buffer overflow.
--- src/cddb.c
+++ src/cddb.c
@@ -1679,7 +1679,7 @@ cddb_read_disc_data(int cd_desc, struct disc_data
*outdata)
free(file);
while(!feof(cddb_data)) {
- fgets(inbuffer, 512, cddb_data);
+ fgets(inbuffer, 256, cddb_data);
cddb_process_line(inbuffer, data);
}
--
Bye,
Thomas
--
Thomas Biege <thomas () suse de>, SUSE LINUX, Security Support & Auditing
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
Hamming's Motto:
The purpose of computing is insight, not numbers.
-- Richard W. Hamming
Current thread:
- CVE request: libcdaudio Thomas Biege (Nov 04)
- Re: CVE request: libcdaudio Tomas Hoger (Nov 07)
- Re: CVE request: libcdaudio Thomas Biege (Nov 11)
- Re: CVE request: libcdaudio Steven M. Christey (Nov 10)
- Re: CVE request: libcdaudio Tomas Hoger (Nov 11)
- Re: CVE request: libcdaudio Thomas Biege (Nov 11)
- Re: CVE request: libcdaudio Tomas Hoger (Nov 11)
- Re: CVE request: libcdaudio Tomas Hoger (Nov 07)