Undocumented Matlab vulnerability
in [Matlab]
|
Prev: fasted way to calcluate min value in A(:,2)for every possibleA(1,:)
Next: 3-phase Induction motor (solver)
From: Yair Altman on 9 Jan 2010 11:18 In yesterday's post on http://www.isdpodcast.com/2010/01/08/episode-42/ , it was mentioned that: "Matlab R2009b is subject to an Array Overrun (code execution) vulnerability. The main problem exist in dtoa implementation. Matlab has the same dtoa as Mozilla, OpenBSD, MacOS, Google, Opera etc. PoC code is available." Does anyone have access to the PoC (Proof-of-Concept code) or to details pertaining Matlab? Also, is MathWorks planning a hotfix patch? Yair Altman http://UndocumentedMatlab.com
From: Oleg Komarov on 9 Jan 2010 11:51 "Yair Altman" > In yesterday's post on http://www.isdpodcast.com/2010/01/08/episode-42/ , it was mentioned that: > > "Matlab R2009b is subject to an Array Overrun (code execution) vulnerability. The main problem exist in dtoa implementation. Matlab has the same dtoa as Mozilla, OpenBSD, MacOS, Google, Opera etc. PoC code is available." > > Does anyone have access to the PoC (Proof-of-Concept code) or to details pertaining Matlab? Also, is MathWorks planning a hotfix patch? > > Yair Altman > http://UndocumentedMatlab.com I found this link: http://seclists.org/fulldisclosure/2010/Jan/124 Oleg
From: Jan Simon on 9 Jan 2010 18:38 Dear Oleg, Yair! > I found this link: > http://seclists.org/fulldisclosure/2010/Jan/124 > Oleg This kills 2008b and 2009a also. Thanks! Is it necessary to send a bug report? Jan
From: Bobby Cheng on 20 Jan 2010 16:57
Here it is. Sorry for the delay. http://www.mathworks.com/support/bugreports/ Bug report number 611546 ---Bob. "Jan Simon" <matlab.THIS_YEAR(a)nMINUSsimon.de> wrote in message news:hib40q$mnh$1(a)fred.mathworks.com... > Dear Oleg, Yair! > >> I found this link: >> http://seclists.org/fulldisclosure/2010/Jan/124 >> Oleg > > This kills 2008b and 2009a also. > Thanks! Is it necessary to send a bug report? Jan > |