oss-sec mailing list archives
Re: Re: strings / libbfd crasher
From: mancha <mancha1 () zoho com>
Date: Wed, 5 Nov 2014 21:31:11 +0000
On Tue, Nov 04, 2014 at 04:39:09AM -0500, cve-assign () mitre org wrote:
Four of the main factors that affect libbfd CVE assignments are: 1. existence of a "multi-session" use case 2. discussion of exploitability of a specific attack vector 3. likelihood of exploitability of classes of observed behavior 4. actual or expected volume of distinct discoveries We'll try to give an example of each of these.
[SNIP] Very interesting read. Thank you for taking the time to write it up. --mancha
Attachment:
_bin
Description:
Current thread:
- Re: Re: strings / libbfd crasher, (continued)
- Re: Re: strings / libbfd crasher Michal Zalewski (Nov 11)
- Re: Re: strings / libbfd crasher Michal Zalewski (Nov 11)
- Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 15)
- Re: Re: strings / libbfd crasher Michal Zalewski (Nov 15)
- Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 15)
- Re: Re: strings / libbfd crasher mancha (Nov 03)
- Re: Re: strings / libbfd crasher Michal Zalewski (Nov 03)
- Re: Re: strings / libbfd crasher mancha (Nov 03)
- Re: strings / libbfd crasher cve-assign (Nov 04)
- Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 04)
- Re: Re: strings / libbfd crasher mancha (Nov 05)
- Re: Re: strings / libbfd crasher Alexander Cherepanov (Nov 04)
- Re: strings / libbfd crasher cve-assign (Nov 12)
- Re: Re: strings / libbfd crasher Michal Zalewski (Oct 26)
- Re: Re: strings / libbfd crasher Michal Zalewski (Oct 27)
- Re: Re: strings / libbfd crasher Jakub Wilk (Oct 27)