[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: CVE request: pngcrush-1.3.35 through 1.7.88 segfault when run with "-loco" option
From: Glenn Randers-Pehrson <glennrp () gmail ! com>
Date: 2015-12-31 21:35:49
Message-ID: CA+PdXctz7Cw884CLQ_i7_079uR_yO-74dDjSNav2hDa2P9E7oA () mail ! gmail ! com
[Download RAW message or body]
On Thu, Dec 31, 2015 at 3:33 PM, <cve-assign@mitre.org> wrote:
>
> Our understanding is that pngcrush is a command-line program, and that
> the bug is largely equivalent to a scenario in which the "-loco"
> functionality had not been implemented.
>
There are web services that compress PNG files, using pngcrush
as their compression engine. I haven't found any that allow users
to specify the "-loco" option, though.
> We probably would need a threat model in which the victim cannot
> recover from the attack by simply avoiding all subsequent use of the
> "-loco" option, e.g., a segfault that realistically could lead to code
> execution.
>
OK, I'm withdrawing the request for a CVE number.
Glenn
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic