cve-2013-6489-00

Summary Buffer overflow in MXit emoticon parsing
Date 2014-01-28
CVE Number CVE-2013-6489
Discovered By Yves Younan and Pawel Janic of Sourcefire VRT
Fixed In Release 2.10.8

Description

A specially crafted emoticon value could cause an integer overflow which could lead to a buffer overflow.

Mitigation

Use an unsigned integer and enforce a maximum size.

We've launched the new site. Think we're missing something?
Read the blog post or Go to the old site