Bug 810802 - (CVE-2012-2106) CVE-2012-2106 Csound: Integer overflow leading to buffer overflow in pv_import
CVE-2012-2106 Csound: Integer overflow leading to buffer overflow in pv_import
Status: CLOSED CURRENTRELEASE
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20120119,repor...
: Security
Depends On: 812721
Blocks: 810821
  Show dependency treegraph
 
Reported: 2012-04-09 04:39 EDT by Huzaifa S. Sidhpurwala
Modified: 2016-01-21 04:50 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-01-20 09:06:16 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Huzaifa S. Sidhpurwala 2012-04-09 04:39:01 EDT
An integer overflow, leading to a heap-based buffer overflow was found in pv_import utility. If a specially crafted CSV file was opened by the pv_import utility, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running pv_import

Reference:
http://secunia.com/secunia_research/2012-7/

Patch:
http://csound.git.sourceforge.net/git/gitweb.cgi?p=csound/csound5.git;a=blobdiff;f=util/pv_import.c;h=4766dbff22510675a444dd242d432292893949c9;hp=811fccf0a04ec39964710fae509b601fdc330852;hb=7d617a9551fb6c552ba16874b71266fcd90f3a6f;hpb=5fbf93d9f6dc21b9e4e085b26b724ba73c2f1c01

and

http://csound.git.sourceforge.net/git/gitweb.cgi?p=csound/csound5.git;a=commitdiff;h=61d1df45ca9a52bab62892a3c3a13c41e6384505#patch3
Comment 1 Huzaifa S. Sidhpurwala 2012-04-16 01:29:52 EDT
Created csound tracking bugs for this issue

Affects: fedora-all [bug 812721]
Comment 2 Kurt Seifried 2012-04-16 15:33:25 EDT
Assigned CVE as per http://www.openwall.com/lists/oss-security/2012/04/16/9
Comment 3 Peter Robinson 2016-01-20 09:06:16 EST
csound 6 is in all current releases (from GA)

Note You need to log in before you can comment on or make changes to this bug.