[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [FD] libao memory corruption vulnerability
From: Henri Salo <henri () nerv ! fi>
Date: 2017-07-31 9:22:30
Message-ID: 20170731092230.v6eqj55lsvpnrnz7 () tunkki
[Download RAW message or body]
On Mon, Jul 31, 2017 at 02:26:36PM +0800, qflb.wu wrote:
> libao memory corruption vulnerability
>
> ./mpg321 libao_1.2.0_memory_corruption.mp3
>
> CVE-2017-11548
Did you also test this with the latest version of the library? Issues like
these might not be fixed by backporting in distros. Did you report this to the
upstream?
--
Henri Salo
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic