Data center: Ashburn, VA

Telegram Chat : MBHH_x86

Email Us:

Mobile Hacker For Hire

Full Disclosure: Re: HNS-2022-01 – HN Security Advisory

Table of Contents

From: Marco Ivaldi <raptor () 0xdeadbeef info>
Date: Sat, 21 Jan 2023 07:58:25 +0100

Hello again,

Just a quick update. Mitre has assigned the following additional CVE IDs:

* CVE-2023-24039 - Stack-based buffer overflow in libXm ParseColors
* CVE-2023-24040 - Printer name injection and heap memory disclosure

We have updated the advisory accordingly:


On Wed, Jan 18, 2023 at 9:48 AM Marco Ivaldi <raptor () 0xdeadbeef info> wrote:

Dear Full Disclosure,

Find attached a security advisory that details multiple
vulnerabilities we discovered in Oracle Solaris CDE dtprintinfo, Motif
libXm, and X.Org libXpm.

* Title: Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm
* Products: Common Desktop Environment 1.6, Motif 2.1, X.Org libXpm < 3.5.15
* OS: Oracle Solaris 10 (CPU January 2021)
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2023-01-18
* Oracle vulnerability tracking numbers:
  * S1597707 - Arbitrary printer name injection
  * S1597724 - Heap memory disclosure via long printer names
  * S1597711 - Memory corruption via malformed icon files
  * S1597730 - Stack-based buffer overflow in libXm ParseColors
* CVE IDs:
  * CVE-2022-46285 - Infinite loop on unclosed comments in Xorg libXpm
* Advisory URLs:
* Exploit URLs:

For additional information, please refer to our vulnerability writeup:

PS. No, HNS-2022-01 is not a typo. Check out the disclosure timeline
in the advisory and you'll understand why we used this label.

Marco Ivaldi
"When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl."
Sent through the Full Disclosure mailing list
Web Archives & RSS:

Current thread:

Leave a Reply

Your email address will not be published. Required fields are marked *

error: Content is protected !!