ZDI-CAN-338: libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
Josh Bressers
bressers at redhat.com
Fri Jun 27 10:01:39 EDT 2008
On 26 June 2008, Josh Bressers wrote:
> On 26 June 2008, "Mark Doliner" wrote:
> > On Thu, 26 Jun 2008 13:51:30 -0400, Josh Bressers wrote
> > >
> > > I'll see about CVE ids hopefully later today. I've been terribly bogged
> > > down with other things and I've not found time for this yet. Sorry.
> >
> > That would be great.
> >
>
> OK, I took a look at things, and the way I see it we have at least three
> things (three CVE ids).
>
> * XML memory leak
> * UPnP arbitrary file download (maybe not a flaw)
> * msn integer overflow
>
It looks like the MSN issue is public now:
http://marc.info/?l=bugtraq&m=121449329530282&w=4
Does anyone know the impact of this issue? Can any random MSN user trigger
this flaw? If so that's obviously not good.
Thanks.
--
JB
More information about the Packagers
mailing list