oss-sec mailing list archives
CVE request: XEmacs Multiple Integer Overflows
From: Alex Legler <a3li () gentoo org>
Date: Thu, 16 Jul 2009 09:25:41 +0200
Hi,
I don't think we have a CVE for this/these issue(s) yet, so please
assign one/some:
The {tiff,png,jpeg}_instantiate() functions in glyphs-eimage.c contain
an integer overflow, possibly leading to a heap-based buffer overflow.
References:
Filed upstream as: http://tracker.xemacs.org/XEmacs/its/issue534
http://secunia.com/advisories/35348
http://www.vupen.com/english/advisories/2009/1666
https://bugs.gentoo.org/show_bug.cgi?id=275397
https://bugzilla.redhat.com/show_bug.cgi?id=511994
Thanks,
Alex
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- CVE request: XEmacs Multiple Integer Overflows Alex Legler (Jul 16)
- Re: CVE request: XEmacs Multiple Integer Overflows Thomas Biege (Aug 05)
- Re: CVE request: XEmacs Multiple Integer Overflows Vincent Danen (Aug 05)
- Re: CVE request: XEmacs Multiple Integer Overflows Steven M. Christey (Aug 05)
- Re: CVE request: XEmacs Multiple Integer Overflows Vincent Danen (Aug 05)
- Re: CVE request: XEmacs Multiple Integer Overflows Thomas Biege (Aug 05)