From: Dom Lachowicz (domlachowicz@yahoo.com)
Date: Sun Dec 29 2002 - 11:35:27 EST
David Endler <DEndler@iDefense.com> found an exploit
in wv with respect to how it handles date and time
fields. Via a little malicious hacking and ingenuity,
one can cause a buffer overrun because a bit of code
uses strcat. Using this, one can get wvHtml and
possibly other things that use this function to
execute arbitrary bytecode. I have committed what I
believe is an adequate workaround for the problem at
hand. Bonsai has the relevant files and lines changed.
Alternate suggestions and solutions welcomed,
especially in cvs diff -u format.
Dom
CVS:
----------------------------------------------------------------------
CVS: Enter Log. Lines beginning with `CVS:' are
removed automatically
CVS:
CVS: Committing in .
CVS:
CVS: Modified Files:
CVS: field.c
CVS:
----------------------------------------------------------------------
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
This archive was generated by hypermail 2.1.4 : Sun Dec 29 2002 - 11:38:39 EST