Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20101004110743.320a1f76@redhat.com>
Date: Mon, 4 Oct 2010 11:07:43 +0200
From: Tomas Hoger <thoger@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE requests: Poppler, Quassel, Pyfribidi,
 Overkill, DocUtils, FireGPG, Wireshark

On Fri, 1 Oct 2010 15:16:48 +0200 Tomas Hoger wrote:

> 2fe825deac Prevents use of random value for PDF object that is not of
> numeric type as expected.  This patch, however, does not seem to guard
> against invalid numeric values, so if some random value used due to an
> incorrect object type can cause crash later, I'd expect malicious
> numeric value to be able to achieve the same.

Oh, I was too focused on the value and missed OBJECT_TYPE_CHECK checks
that cause abort() when object is not numeric.  The impact is limited
to unexpected application termination.

-- 
Tomas Hoger / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.