Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <547615CE.4000008@mozilla.com>
Date: Wed, 26 Nov 2014 10:02:54 -0800
From: Daniel Veditz <dveditz@...illa.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: firefox: integer overflow

On 11/24/2014 6:19 AM, Vasyl Kaigorodov wrote:
> And integer overflow was discovered in Firefox when processing a
> crafted webm files [1].
> Upstream commits are in [1] as well.
> 
> [1]: https://bugzilla.mozilla.org/show_bug.cgi?id=1090405
> 
> Can a CVE be assigned to this issue please?

Mozilla does not believe this is an exploitable security issue.

-Dan Veditz

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.