Bug#792420: zsnes: emulator escape vulnerability
Paul Wise
pabs at debian.org
Tue Jul 14 16:14:09 UTC 2015
Package: zsnes
Severity: important
Tags: security
X-Debbugs-CC: security at debian.org, sergio_br2 at yahoo.com.br
According to this Youtube video and forum post, there are at least 3
vulnerabilities in zsnes that allow ROMs to escape the zsnes emulator
and execute arbitrary code on the host running zsnes. The known issues
will be fixed in 1.52 but there may be more issues. This may or may not
be related to the cppcheck warnings from bug #610313.
https://www.youtube.com/watch?v=Q3SOYneC7mU
http://www.smwcentral.net/?p=viewthread&t=79058
https://bugs.debian.org/610313
--
bye,
pabs
https://wiki.debian.org/PaulWise
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-games-devel/attachments/20150715/bad61909/attachment.sig>
More information about the Pkg-games-devel
mailing list