Florian Weimer <[EMAIL PROTECTED]> writes:

> * Christian Marillat:
>
>>> | Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the
>>> | zvbi-ntsc-cc tool in Zapping VBI Library (ZVBI) before 0.2.25 allows
>>> | attackers to cause a denial of service (application crash) and
>>> | possibly execute arbitrary code via long data during a reception
>>> | error. NOTE: some of these details are obtained from third party
>>> | information.
>>>
>>> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3121>
>>>
>>> I don't know what zvbi-ntsc-cc does, so this might not be a security
>>> issue after all.  Please investigate.  Thanks!
>>
>> What to do with this bug report ? CVE is still a canditate after more
>> than 2 months.
>
> This doesn't mean anything, as I tried to explain in my June 16
> message:

CVE expert are not able to decide if this "vulnerability" is one or not ?

Christian


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to