oss-sec mailing list archives

Re: CVE request: use-after-free in libunity-webapps

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 29 Oct 2012 12:14:30 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/28/2012 09:37 AM, Chris Coulson wrote:

Hi,

libunity-webapps provides functionality shared between browser
addons that are available for Firefox and Chromium. A
use-after-free bug was found in libunity-webapps which could
potentially be exploited to crash the users browser or run
arbitrary code.

Reference:

https://launchpad.net/bugs/1068495

Could you please allocate a CVE for this?

Thanks, Chris


Please use CVE-2012-4551 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQjseGAAoJEBYNRVNeJnmTlCQP/1pToxUTlJrFOQtcX7IUTiqp
hob1GFoPJqhJkIK5vi6At1IGaiR6KhcTPywRP/2JCkwou03N+7yVXuCzN2mZEz5D
ponCurDUmHJOHetzvoWRf3LvZKMv/hwUE3nzLgzrw0n7PeRTqhHOHxCfqjPQMolM
qr+AMpRmHtkV2ljA84FNT+GiwnakoFpE+DjmmoTNiQj0fTa3gdVHqDKRnBG4k4s3
hg7jcMCzKzShw0NQpgGvSEC42RrDmrgeTkxeZngKkhvy/wfaNhwasffSI6YFBFAO
ehnF7x/1FsN1PzhnWjETEqHr0DiiWNsOKK/LeoSVGTQRki4NK7srZyKLd2MPzt+D
cZIK4uPpq9I6JM+yUXxhvHcL3cqZWGQc08CxI/WfeORNFcyZyikr9OQdB6HjshE2
SaJn0pY7MhPOb/x4rPInIwCw97bBuHstug3ojfri/jLjMRUNRKll0+EWYVminqzI
PZ8WIU1ttktlC82EcRtPTggRsEOQS6GNYC3oVBh1WJBz8l3WzndqZUnxQ7plvxNP
n6IHchAicI7S6K4xROgZJIt8Vdc44sGM09MGMLzYmpo5yKo60IPSVf4LSfKP8aJc
uxv0EAPAqNK4ieHa6jTCaJD1YeKcHQ1S3ZgkVNOW59P5EiaWaAmizwP/VFSyPo6r
3df3NFGiV62QpR0gwR5g
=UJTz
-----END PGP SIGNATURE-----

Current thread:

CVE request: use-after-free in libunity-webapps Chris Coulson (Oct 28)
- Re: CVE request: use-after-free in libunity-webapps Kurt Seifried (Oct 29)