oss-sec mailing list archives
Re: libmms heap-based buffer overflow fix
From: cve-assign () mitre org
Date: Fri, 18 Apr 2014 15:17:43 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
It seems libmms has fixed a buffer overflow in a recent 0.6.4 version with the following commit. http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8 This may be triggered via an overly long line of a MMSH (MMS over HTTP) server response, effectively overflowing the buffer which has a static size (defined as BUF_SIZE
src/mmsh.c Fix a possible heap memory overrun in get_answer().
Use CVE-2014-2892. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTUXoSAAoJEKllVAevmvmss0gH/0vYli0OTHfn5+VRZ1jCCrTB gHiUolfzOBtGGahIBycVR5Su4CTnoyy7/UgzU4xADoqD7cnVFyXN81oCvVg/ZVga BkuUG3mDFfzVqWvqapBqWvG2U5dQyr4+mObhUexu0L+qUgYbdBXbbTtYFBgmHZKT mlnRzxcQUzvK3lwtF5oPNgtBIhCsXIfSxmuFyQXVRLDUAJpnggTigE1khT7MAE54 IxJvx5/t+FfxJ5d3Fe6UZPj1+TtOKRTj2KFZ09E90svsoFzFYg97qODvYEvhx3l4 n/a3CkE0YDl70Ap+D+jd2bX8bbIKn+SOoWcBVNVrqrsYMFnv+ExN6SQRDlcXlDE= =ImP2 -----END PGP SIGNATURE-----
Current thread:
- libmms heap-based buffer overflow fix Źmicier Januszkiewicz (Apr 16)
- Re: libmms heap-based buffer overflow fix cve-assign (Apr 18)