oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: MUJS null pointer dereference and Heap buffer overflow write

From: <cve-assign () mitre org>
Date: Thu, 12 Jan 2017 21:42:49 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


1. Null pointer dereference in regexp.c

    The return value from malloc is not properly checked before
dereferencing it which can result in a crash.

https://bugs.ghostscript.com/show_bug.cgi?id=697381
http://git.ghostscript.com/?p=mujs.git;h=fd003eceda531e13fbdd1aeb6e9c73156496e569


Use CVE-2016-10132 for all of
fd003eceda531e13fbdd1aeb6e9c73156496e569.



2. Heap buffer overflow write in jsrun.c: js_stackoverflow()

    There was a logical error in the code which can be used to trigger a
heap overflow write.

https://bugs.ghostscript.com/show_bug.cgi?id=697401
http://git.ghostscript.com/?p=mujs.git;a=commit;h=77ab465f1c394bb77f00966cd950650f3f53cb24


Use CVE-2016-10133.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYeD4KAAoJEHb/MwWLVhi2tNQP+gO/jAYeCK8O03qGyZW4HR9K
LeI+GjI0nU1ZD6VY5ynAl+4bXTGSNjpL7sh6nPdI3RKtEFpCpiQBlfiUfAB93Cae
YlINFDpjEH24fFSlmVrIGoisR3SodhuUjOqwTkhtw9SnxbnkpXtJzyJnwLgjic6f
c0BsAAirhQ0WiEMG0XJPgbdhNixH8xj5JP8iEbB3nGAiIkQb5CjCW74iuXNsZjOW
ZcYM67PyEGs1CoXYlaWMYSLZSHu5U6eAqQ7oE8HYZQgBMEpCKgkhH54ex0otWk9Y
Xt/8RIzY3WR10kQa7aisGydnfz0eAcRR91KOsSr3wcZ23Tihvg+O+kuMA+VjChG1
UnB2mroYPlFEEghSY8kqECWQ0nvGnKDZ4RvsEZzaMBms4K/4thDtnfBo3TVVJvAl
otYqNIeIMelKOi8Fev4bipAJmGn3JNbaTgOeBSp+TgetI+wCZmBsUZoVn9nxD/Dt
A3XgmZBguPRTrMUl1TYys0Vl8iIHZdn/NJiplKy3utFmGuTeL5vwVg5tN4b6zqvY
5Em05T0+o+vL8H0/qV9oGLKeEUvrj2sGVZe6UcWvc8Q3BLmeKcXLt+9f+0wUIxf3
35d5soiyf1OCaxBx5C3vXFabVMeK1vA4xQ/mDaAVoDd8TgXz1vZx69xIVqPTg/g0
Df8IDTbCR7C260PXUsv6
=g88C
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: