Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Re: CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP
From: Yves-Alexis Perez <corsac () debian org>
Date: Wed, 01 Feb 2012 18:30:00 +0100

On mer., 2012-02-01 at 13:53 +0100, Berke Viktor wrote:
Hello,

Here are my notes:

- Apparently only Windows versions are affected, no Linux ones. I 
haven't tested Maemo but I'd be suprised if it would crash.
- Not all non-BMP characters crash, only a specific range. See the
patch 
you linked for details. 

It did crash Maemo clients, that's where the report came from.
-- 
Yves-Alexis

Attachment: signature.asc
Description: This is a digitally signed message part


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]