[v2.7] libmms: heap-based buffer overflow in the get_answer function (CVE-2014-2892)
Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:[oss-security] 20140418 Re: libmms heap-based buffer overflow
fix
•URL: http://www.openwall.com/lists/oss-security/2014/04/18/14
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog
•BID:66933
•URL: http://www.securityfocus.com/bid/66933
•SECUNIA:57875
•URL: http://secunia.com/advisories/57875
•XF:libmms-getanswer-bo(92640)
•URL: http://xforce.iss.net/xforce/xfdb/92640
(from redmine: issue id 2910, created on 2014-05-20, closed on 2014-05-23)
- Relations:
- parent #2907 (closed)
- Changesets:
- Revision fb608dbe by Natanael Copa on 2014-05-21T13:37:40Z:
main/libmms: security upgrade to 0.6.4 (CVE-2014-2892)
fixes #2910