oss-sec mailing list archives

CVE-request: plow buffer overflow vulnerability

From: Henri Salo <henri () nerv fi>
Date: Wed, 11 Jul 2012 15:32:57 +0300

Can you assign 2012 CVE-identifier for plow buffer overflow issue reported in here: 
http://seclists.org/bugtraq/2012/Jul/22

After discussion with Pereira I checked several versions of the code and affected code is at least in versions 0.0.1, 
0.0.2. Sorry but I was unable to find proper version control commits. Version 0.0.1 is still suggested at least in 
sourceforge page http://sourceforge.net/projects/plow.berlios/

I am unable to compile this software in my Debian stable or unstable system so I can't verify these using the PoC.

- Henri Salo

Current thread:

CVE-request: plow buffer overflow vulnerability Henri Salo (Jul 11)
- Re: CVE-request: plow buffer overflow vulnerability Kurt Seifried (Jul 11)