BugTraq
Back to list
|
Post reply
xine-lib NES Sound Format Demuxer Buffer Overflow
Apr 23 2008 07:05PM
laurent gaffie gmail com
(1 replies)
Hi there
Original advisory:
http://milw0rm.com/exploits/5458
There's another stack-based buffer overflow in demux_nfs.c
line 111:
this->copyright = strdup(&header[0x4E]);
line 189:
char copyright[100];
line 208:
sprintf(copyright, "(C) %s", this->copyright);
Regards Laurent Gaffié
[ reply ]
Re: xine-lib NES Sound Format Demuxer Buffer Overflow
Apr 23 2008 10:21PM
Guido Landi (lists keamera org)
Privacy Statement
Copyright 2010, SecurityFocus
Original advisory:
http://milw0rm.com/exploits/5458
There's another stack-based buffer overflow in demux_nfs.c
line 111:
this->copyright = strdup(&header[0x4E]);
line 189:
char copyright[100];
line 208:
sprintf(copyright, "(C) %s", this->copyright);
Regards Laurent Gaffié
[ reply ]