Описание
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-8869
- https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74#diff-a97df53e3ebc59bb457191b496c90762
- https://access.redhat.com/errata/RHSA-2016:1296
- https://security.gentoo.org/glsa/201702-15
- http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184507.html
- http://lists.opensuse.org/opensuse-updates/2016-05/msg00081.html
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00037.html
- http://rhn.redhat.com/errata/RHSA-2016-2576.html
- http://rhn.redhat.com/errata/RHSA-2017-0564.html
- http://rhn.redhat.com/errata/RHSA-2017-0565.html
- http://www.openwall.com/lists/oss-security/2016/04/29/1
- http://www.openwall.com/lists/oss-security/2016/04/29/6
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/89318
Связанные уязвимости
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
OCaml before 4.03.0 does not properly handle sign extensions, which al ...
