Remotely triggerable crash

John Bailey rekkanoryo at
Fri Sep 17 18:29:37 EDT 2010

On 09/17/2010 06:18 PM, Daniel Atallah wrote:
> Do we need a CVE for this?

Since we know the Yahoo issue, at least, is a definite remote crasher, yes, we
do.  Since all the potential remote issues share the same root cause, we can
request a single blanket CVE, something along the lines of "Insufficient return
value checking leads to remotely triggerable denial of service" that indicates
the same problem exists in multiple locations.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the security mailing list