| Bug ID | 1141435 |
|---|---|
| Summary | VUL-1: CVE-2019-1010011: abcm2ps: stack-based buffer overflow in functions get_key (parse.c) and delayed_output (music.c) |
| Classification | openSUSE |
| Product | openSUSE Distribution |
| Version | Leap 15.1 |
| Hardware | Other |
| URL | https://smash.suse.de/issue/237128/ |
| OS | Other |
| Status | NEW |
| Severity | Minor |
| Priority | P5 - None |
| Component | Other |
| Assignee | mvetter@suse.com |
| Reporter | abergmann@suse.com |
| QA Contact | security-team@suse.de |
| Found By | Security Response Team |
| Blocker | --- |
CVE-2019-1010011 moinejf abcm2ps 8.13.16 and after is affected by: CWE-121: Stack-based Buffer Overflow. The impact is: This vulnerability allows remote attackers to cause a denial of service via a crafted file. The component is: parse.c / function: get_key and music.c/ function: delayed_output. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010011 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010011 https://drive.google.com/drive/folders/1xiVrcB1lTE_mSd_mL7akjpscH4CUahYU?usp=sharing https://drive.google.com/drive/folders/1nAL-B_I5Y7SKX0AeIurGkTzNHMazoyzP?usp=sharing