[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE id request: nasm off-by-one
From: "Steven M. Christey" <coley () linus ! mitre ! org>
Date: 2008-06-16 22:06:18
Message-ID: Pine.GSO.4.51.0806161806091.16840 () faron ! mitre ! org
[Download RAW message or body]
======================================================
Name: CVE-2008-2719
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2719
Reference: CONFIRM:http://repo.or.cz/w/nasm.git?a=commit;h=76ec8e73db16f4cf1453a142d03bcc74d528f72f
Reference: CONFIRM:https://sourceforge.net/tracker/?func=detail&atid=106208&aid=1942146&group_id=6208
Reference: MLIST:[oss-security] 20080611 CVE id request: nasm off-by-one
Reference: URL:http://www.openwall.com/lists/oss-security/2008/06/11/4
Reference: FRSIRT:ADV-2008-1811
Reference: URL:http://www.frsirt.com/english/advisories/2008/1811
Off-by-one error in the ppscan function (preproc.c) in Netwide
Assembler (NASM) 2.02 allows context-dependent attackers to cause a
denial of service (crash) and possibly execute arbitrary code via a
crafted file that triggers a stack-based buffer overflow.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic