Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <081AF1E16E81CF4EB0B01F4D39B2D2A14B4EBFF8@EXMBX-TJ008.tencent.com>
Date: Thu, 6 Apr 2017 08:47:13 +0000
From: rudykewang(王永科) <rudykewang@...cent.com>
To: oss-security <oss-security@...ts.openwall.com>
Subject: CVE Request: Interger overflow vulnerability in
 ptp_unpack_EOS_CustomFuncEx function of  libmtp (version 1.1.12 and below)

Hi,
    I find an interger overflow vulnerability in ptp-pack.c(ptp_unpack_EOS_CustomFuncEx function) of  libmtp (version 1.1.12 and below) and have reported it to http://libmtp.sourceforge.net.<http://libmtp.sourceforge.net./>
    The fix is here: https://sourceforge.net/p/libmtp/mailman/message/35735992/
    Could you assign a CVE number for this? This is Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com).

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.