nion at alioth.debian.org
2008-Dec-07 15:59 UTC
[Secure-testing-commits] r10652 - data/CVE
Author: nion Date: 2008-12-07 15:59:45 +0000 (Sun, 07 Dec 2008) New Revision: 10652 Modified: data/CVE/list Log: CVE-2008-5238 fixed in xine-lib 1.1.14-3, some additional comments added Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-07 14:39:40 UTC (rev 10651) +++ data/CVE/list 2008-12-07 15:59:45 UTC (rev 10652) @@ -275,7 +275,10 @@ CVE-2008-5239 (xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not ...) TODO: check CVE-2008-5238 (Integer overflow in the real_parse_mdpr function in demux_real.c in ...) - TODO: check + - xine-lib 1.1.14-3 (low) + NOTE: code execution shouldn''t work here as if 0xff will be extended to 0xffffffff + NOTE: memcpy fails for copying from the complete addressable address space long before any code is executed + NOTE: the malloc check for type_specific_data is missing, minor issue filed as #508065 CVE-2008-5237 (Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and ...) TODO: check CVE-2008-5236 (Multiple heap-based buffer overflows in xine-lib 1.1.12, and other ...)