[libcdio] [CVE-2007-6613] stack-based buffer overflow
Bug #191216 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libcdio (Ubuntu) |
Fix Released
|
Low
|
Emanuele Gentili | ||
Dapper |
Fix Released
|
Low
|
Emanuele Gentili | ||
Edgy |
Fix Released
|
Low
|
Emanuele Gentili | ||
Feisty |
Fix Released
|
Low
|
Emanuele Gentili | ||
Gutsy |
Fix Released
|
Low
|
Emanuele Gentili | ||
Hardy |
Fix Released
|
Low
|
Emanuele Gentili |
Bug Description
References:
MDVSA-2008:037 (http://
Quoting:
"A stack-based buffer overflow was discovered in libcdio that allowed
context-dependent attackers to cause a denial of service (core dump)
and possibly execute arbitrary code via a disk or image file that
contains a long joliet file name.
In addition, a fix for failed UTF-8 conversions that would cause a
segfault on certain ISOs was also fixed."
CVE References
Changed in libcdio: | |
importance: | Undecided → Low |
importance: | High → Low |
importance: | Undecided → Low |
importance: | Undecided → Low |
importance: | Undecided → Low |
Changed in libcdio: | |
status: | In Progress → Fix Released |
status: | In Progress → Fix Released |
To post a comment you must log in.
hardy patched by debian people.