|
|
CVE Reference: CVE-2007-3962 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3962 |
|
|
Description: Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 might allow remote attackers to execute arbitrary code via (1) a long filename that is not properly handled by the fsp_readdir_native function when MAXNAMLEN is greater than 255, or (2) a long d_name directory (dirent) field in the fsp_readdir function. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA26184 Secunia Advisory: SA26378 Secunia Advisory: SA27501 OSVDB 38569 38570 MISC http://fsp.cvs.sourceforge.net/fsp/fsplib/fsplib.c?r1=1.21&r2=1.22 http://fsp.cvs.sourceforge.net/fsp/fsplib/fsplib.c?r1=1.17&r2=1.18 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:018 GENTOO http://security.gentoo.org/glsa/glsa-200711-01.xml CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=188252 http://fsp.cvs.sourceforge.net/fsp/fsplib/ChangeLog?revision=1.17&view=markup BID 25034 |
|
| Return to the previous page. |
