Florian Weimer <[EMAIL PROTECTED]> writes: > * Christian Marillat: > >>> | Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the >>> | zvbi-ntsc-cc tool in Zapping VBI Library (ZVBI) before 0.2.25 allows >>> | attackers to cause a denial of service (application crash) and >>> | possibly execute arbitrary code via long data during a reception >>> | error. NOTE: some of these details are obtained from third party >>> | information. >>> >>> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3121> >>> >>> I don't know what zvbi-ntsc-cc does, so this might not be a security >>> issue after all. Please investigate. Thanks! >> >> What to do with this bug report ? CVE is still a canditate after more >> than 2 months. > > This doesn't mean anything, as I tried to explain in my June 16 > message:
CVE expert are not able to decide if this "vulnerability" is one or not ? Christian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

