August 13, 2001

Debian advisory: Window Maker buffer overflow

Author: JT Smith

"Alban Hertroys found a buffer overflow in Window Maker (a popular window
manager for X). The code that handles titles in the window list menu did
not check the length of the title when copying it to a buffer. Since
applications will set the title using untrusted data (for example web
browsers will set the title of their window to the title of the web-page
being shown) this could be exploited remotely." Details posted at Linux Weekly News.


  • Linux
Click Here!