oss-sec mailing list archives

Re: CVE request: mutt: heap-based buffer overflow in mutt_substrdup()

From: cve-assign () mitre org
Date: Wed, 26 Nov 2014 23:14:17 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125

mutt segfaults when trying to show the attached message. (You might need
to disable header weeding to trigger the crash.)


Use CVE-2014-9116.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUdqNtAAoJEKllVAevmvmscpAH/jk/zrAJ6CLbMJFLajS5yni6
f71G0MEEcxN8cz0uf/POKU/h/Qc9C9icE72y6yJigqdsPiCuR2+FLb3Y1xnXXVRX
2OwWidx1wU7ZKXOr0pB3qVipJHKd2iWVAfFtFu0Bh045GMqikGXUOEaAYeMVrxTk
hPOXUnPhHcWmERU+5t+hMhvrBCJFj22vKFX4pTGJhhAvRVFy89hVsG18Nq8EckzC
at5yxo5s0o/iGZtEv5kIdXGq6aOIdfxBfgV4lFjIYrSgJmiBUxlQdQ7usTJrgV7x
KzYGepBbJ6VuUuninBlhBbllryFlccXyytAtN20r3XKOjm7H7H2BsS8FfPY+c2Q=
=u27J
-----END PGP SIGNATURE-----

Current thread:

CVE request: mutt: heap-based buffer overflow in mutt_substrdup() Murray McAllister (Nov 26)
- Re: CVE request: mutt: heap-based buffer overflow in mutt_substrdup() Murray McAllister (Nov 26)
  - Bug#771125: Info received ([oss-security] CVE request: mutt: heap-based buffer overflow in mutt_substrdup()) Debian Bug Tracking System (Nov 27)
    - CC'ing external lists/bugs (Re: [oss-security] Bug#771125: Info received ([oss-security] CVE request: mutt: heap-based buffer overflow in mutt_substrdup())) Solar Designer (Nov 27)
    - Re: CC'ing external lists/bugs Jakub Wilk (Nov 29)
- Re: CVE request: mutt: heap-based buffer overflow in mutt_substrdup() cve-assign (Nov 26)
- Re: Bug#771125: CVE request: mutt: heap-based buffer overflow in mutt_substrdup() Antonio Radici (Nov 27)