On Fri, Dec 15, 2017 at 05:28:45AM -0500, Stiepan wrote:
> Nice job! By the way, when is back-porting of the fix to the current
> stable version(s) envisioned? (I doubt most oss OS distributions use
> the "HEAD of the VLC master branch", nor that most Windows or Mac
> users use the latest bleeding-
About
=
A type conversion vulnerability exist in the MP4 demux module in VLC
<=2.2.8. This issue has been assigned CVE-2017-17670 and it could be
used to cause an arbitrary free.
Details
===
MP4 is a container format for video, audio, subtitles and images. The
various parts of an .mp4
sue in the underlying bzip2
library[3].
Footnotes
_
[1] [https://secure.php.net/manual/en/function.bzread.php]
[2] [https://github.com/dyntopia/exploits/tree/master/CVE-2016-5399]
[3] [https://bugs.php.net/bug.php?id=72613]
--
Hans Jerry Illikainen
___
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
}
| ?>
`
Solution
This issue has been fixed in php 7.0.6.
Footnotes
_
[1] [https://github.com/dyntopia/exploits/tree/master/CVE-2016-3078]
--
Hans Jerry Illikainen
___
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
has been fixed in git HEAD [4].
Footnotes
_
[1] [http://libgd.org/]
[2] [https://en.wikipedia.org/wiki/Libgd]
[3] [https://github.com/dyntopia/exploits/tree/master/CVE-2016-3074]
[4]
[https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19]
--
Hans Jerry
ff,
| 0x00, 0x02, 0x11, 0xff,
| 0x00, 0x02, 0x00, 0xff,
|
| /*
| * absolute mode (0x00, 0x03..0xff) followed by the value that's
| * bmp_fread_fn() to *crt_row
| */
| 0x00, 0xff, 0x44, 0x33, 0x22, 0x11
| };
`
Solution
This issue has been ass
1,
|
| /* tif->tif_nextdiroff */
| 0x00, 0x00, 0x00, 0x00,
|
| /* bits per sample */
| 0x08, 0x00,
| 0x08, 0x00,
| 0x08, 0x00,
| };
`
This issue has been assigned CVE-2015-7554 and it has yet to be fixed.
--
Hans Jerry Illikainen
ge.Width */
| 0x01, 0x00, /* GifFile->Image.Height */
| 0x00, /* BitsPerPixel = (this & 0x07) + 1 */
|
| /* DGifSetupDecompress() */
| 0x00, /* CodeSize */
|
| /* end of image data */
| 0x00,
|
| /* end of gif */
| 0x3b
| };
`
Solut
0, 0x00, 0x00, /* x coordinate of blue endpoint */
| 0x00, 0x00, 0x00, 0x00, /* y coordinate of blue endpoint */
| 0x00, 0x00, 0x00, 0x00, /* z coordinate of blue endpoint */
| 0x00, 0x00, 0x00, 0x00, /* gamma red coordinate scale value */
| 0x00, 0x00, 0x00, 0x00, /* gamma green coordinate scale value */
| 0x00, 0x00, 0x00, 0x00, /* gamma blue coordinate scale value */
| 0xff, 0xff, 0xff, 0x00 /* bmp->colour_table[0] */
| };
`
Solution
Both vulnerabilities are fixed in git HEAD[2].
Footnotes
_
[1] [http://www.netsurf-browser.org/projects/libnsbmp/]
[2] [http://source.netsurf-browser.org/libnsbmp.git/]
Hans Jerry Illikainen
___
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
/* flags */
| 0x0c, /* code size */
| 0x0d, /* block_size */
|
| /* image data */
| 0x10, 0xcb,
| 0x41, 0xf3,
| 0xf3, 0xf3,
| 0xf3, 0xf3,
| 0xf3, 0xf3,
| 0xf3, 0xf3,
| 0xf3,
|
| /* end of image data */
| 0x00,
|
| /* end o
10 matches
Mail list logo