oss-sec mailing list archives
CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability
From: Stefan Cornelius <scorneli () redhat com>
Date: Mon, 15 Feb 2016 10:44:58 +0100
Hi, A buffer-overflow vulnerability was discovered in the unhtmlify() function of foomatic-rip. The function did not properly calculate buffer sizes, possibly leading to a heap-based memory corruption. A remote, unauthenticated attacker could exploit this flaw to cause foomatic-rip to crash or possibly execute arbitrary code. This is a rather old bug, which was fixed upstream a long time ago. Fixed in: rev 239 of the HEAD branch and rev 225 of the 4.0.x branch References: Upstream bug: https://bugs.linuxfoundation.org/show_bug.cgi?id=515 RH bug: https://bugzilla.redhat.com/show_bug.cgi?id=1218297 Thanks, -- Stefan Cornelius / Red Hat Product Security
Current thread:
- CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability Stefan Cornelius (Feb 15)
- Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability cve-assign (Feb 15)