[Secure-testing-commits] r6434 - data/CVE
seanius at alioth.debian.org
seanius at alioth.debian.org
Wed Aug 29 22:30:06 UTC 2007
Author: seanius
Date: 2007-08-29 22:30:05 +0000 (Wed, 29 Aug 2007)
New Revision: 6434
Modified:
data/CVE/list
Log:
update on php-gd vuln actually in libt1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-29 19:49:33 UTC (rev 6433)
+++ data/CVE/list 2007-08-29 22:30:05 UTC (rev 6434)
@@ -1188,7 +1188,9 @@
CVE-2007-4034 (Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! ...)
NOT-FOR-US: Yahoo! Widgets
CVE-2007-4033 (Buffer overflow in php_gd2.dll in the gd (PHP_GD2) extension in PHP ...)
- - php5 <unfixed> (bug #439927)
+ - libt1 <unfixed> (bug #439927)
+ NOTE: originally posted as a php vuln, actually in libt1
+ NOTE: http://www.securityfocus.com/bid/25079 (particularly the discussions)
CVE-2007-4032 (Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote ...)
NOT-FOR-US: CrystalPlayer
CVE-2007-4031 (Directory traversal vulnerability in a certain ActiveX control in ...)
More information about the Secure-testing-commits
mailing list