Florian Weimer <[EMAIL PROTECTED]> writes: > Package: zvbi > Tags: security > Severity: grave > > A security bug has been reported in zvbi: > > | Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the > | zvbi-ntsc-cc tool in Zapping VBI Library (ZVBI) before 0.2.25 allows > | attackers to cause a denial of service (application crash) and > | possibly execute arbitrary code via long data during a reception > | error. NOTE: some of these details are obtained from third party > | information. > > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3121> > > I don't know what zvbi-ntsc-cc does, so this might not be a security > issue after all. Please investigate. Thanks!
What to do with this bug report ? CVE is still a canditate after more than 2 months. Christian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
