oss-sec mailing list archives
Re: CVE Request: imview
From: Sang Kil Cha <sangkilc () cmu edu>
Date: Wed, 6 Feb 2013 14:22:02 -0500
One can associate the program with ics file, but maybe it is not likely. Thank you for your help anyway. Best, -Sang Kil On Wed, Feb 6, 2013 at 1:38 PM, Kurt Seifried <kseifried () redhat com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/05/2013 02:59 PM, Sang Kil Cha wrote:It reads in .ics file (iCalendar). Typical scenario would be to share your schedule by sending the ics file to your friends. So someone can open a malicious calendar file from imview, and then crash. -Sang KilIs it loaded automatically somehow (e.g. ics file association?). It seems like causing this program to crash won't cause any harm (e.g. no lost data/etc. like you get when crashing a web browser/email client/server). Right now I'm leaning towards not assigning a CVE as it appears there is no real security related impact. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJREqMLAAoJEBYNRVNeJnmTwJgP+wVa+pIGBe/FerHCOAuFasLv m7jtS3epo021F/bpwYHCmAJjS89mx6uoU9XgUUeBOQQqN4W3BawqD4kRgLvQ9P7B BczWYmNmwWs/z7Ws+GBtK7ymt2fDfprRe7I3HYLCnV4M54LHzVCugn5RIZlmhcaq j+YkSdayV/+Rfx1ZR95EU1okAwiJ4Is6/QL/GGLQPiAZUMJWKb8gmHUThUPcWsbr 9so1bzN1Sidqst2FdsZtC88Cx+GGlIoIzU4h85Fo4Yu2ah4lXqeLUFUF8KHkf0HG qfQ3zvM2gRe9/6YKWZroqEA0oXYjuBMuJPqag/pmqB9cGN+t9F9TsYXAmdXY5vfd kSiVx2vXlvgLxyZrys784Tb2dfv8YCX8JTyV4BHMs0be6VuL/RcFPgJwhkpWAIYM dtGsBR5BG/+cKKHScIoeihroR6Po9t3ESdTdSNAWi/W/pE3yzN6yQNGjXwrAxcvW abw/rNZFB/KjWOEIRLgCrFMXeAfCoaOpih9jd3FVf6kP+mpGXn5MoTdQpsSb49e1 dXZyvbB3LyqC45zYhpZUnQgKhQ9aGgSvR7rCk6pLbtnjC5NtCJ3N4S3BYRMm6/XR C+ocy+HptomqtwSRFFkb+ktJmOr+CbAwZkh3WZvtNXrXf+nJLDCPNXSzIh1m7IVb e/4mxG4elhoBEdWxbef1 =TfWR -----END PGP SIGNATURE-----
Current thread:
- CVE Request: imview Sang Kil Cha (Feb 05)
- Re: CVE Request: imview Kurt Seifried (Feb 05)
- Re: CVE Request: imview Sang Kil Cha (Feb 05)
- Re: CVE Request: imview Kurt Seifried (Feb 06)
- Re: CVE Request: imview Sang Kil Cha (Feb 06)
- Re: CVE Request: imview gremlin (Feb 07)
- Re: CVE Request: imview Sang Kil Cha (Feb 05)
- Re: CVE Request: imview Kurt Seifried (Feb 05)