|
Message-Id: <20151028133258.10C9E6C0252@smtpvmsrv1.mitre.org> Date: Wed, 28 Oct 2015 09:32:58 -0400 (EDT) From: cve-assign@...re.org To: scorneli@...hat.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE request: libxslt xsltStylePreCompute() type confusion DoS -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > https://bugzilla.redhat.com/show_bug.cgi?id=1257058 > https://bugzilla.redhat.com/show_bug.cgi?id=1257962 > https://bugzilla.redhat.com/attachment.cgi?id=1086465 > > we found that the first parameter "ctxt->myDoc" is a xmlDocPtr, but it > will be teated as a xmlNodePtr. Obviously, xmlDoc and xmlNode have > different structure. This is why "xmlDocPtr->children->parent->ns" get > a invalid value(0xffffffff), this value comes from > xmlDoc->compression. Use CVE-2015-7995. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWMM4nAAoJEL54rhJi8gl56jgP/jH24rdlvYqdDtbzqoi8+Asm 3PyBgEJIrEOM0GH2t1C6FtE0KtDDbuVjnisZAcZ9sKAljXJ4PJKt0gwU3bN71BB9 r+OGwONCdDkdJNduiYHUoUGfMo/01W6Wel5XG2E9q1pRVAzKtyjx/y+5hB7xoDZ5 z7zMcTzvaiFiaYliy2jhXGCqhqKZf1lArMw9cM8svjXJZaEXmH8BVKBuY/vZcvKv VW5sR0HeOl1IzSkU+ZQFgs9sCuEsH45vLnJlMtq4k0scQ0dPkTUf0MhL7hn0TBCH xjYS8JfVXYGf/4yBqL8fg9tmOi7T2pLFlLE0xVRzPMsR9ch5E0V/0VxM8jkUdtfs jHuc4XydiAb6biqI8N3/AY0nM8dBBIgZu2UDzid+clMCvA8LABkO2GXZ4R2PRpQF kMf4yXbLdcfGlGaMkgVP7An2CBJy858ozXJqlIK6K8FVzlcnz7MhbWC95r156zpI IDseAeg1TFuzreOi8sBDJ9qdvSOR8o4aOrTKqd6SmhHPOkZ5pEgqANtjkfdq4cVk Ir75375Kgq2N22R8j48FPthdTVpXzKStLN1i/LgnpIwDMyvHCDB46n2hIIcVOVnm 8yr7djvteU/K+y12lCuopqyKiXgM9m4Xlx+I7GLnrcRYzp+0XzwrkrYG5ZwAxFE5 YNJ6E1DCWMTJk7WvaOuL =KCgJ -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.