'[oss-security] CVE assignment php NULL pointer dereference - CVE-2011-3182'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE assignment php NULL pointer dereference - CVE-2011-3182
From:       Josh Bressers <bressers () redhat ! com>
Date:       2011-08-22 18:39:32
Message-ID: 1231476421.212930.1314038372136.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

This message was sent to the full-disclosure mailing list:
http://marc.info/?l=full-disclosure&m=131373057621672&w=2

From what I can tell, this is a plausible problem. The advisory doesn't
show any specific places where this could be exploited, but there are quite
a few unchecked calls to malloc(). Rather than go through them all, I'm
assigning the ID CVE-2011-3182 to be safe.

Thanks.

-- 
    JB
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic