[Secure-testing-commits] r5853 - data/CVE

seanius at alioth.debian.org seanius at alioth.debian.org
Wed May 16 21:31:06 UTC 2007


Author: seanius
Date: 2007-05-16 21:31:05 +0000 (Wed, 16 May 2007)
New Revision: 5853

Modified:
   data/CVE/list
Log:
yeah, another php nfu!

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-05-16 21:29:39 UTC (rev 5852)
+++ data/CVE/list	2007-05-16 21:31:05 UTC (rev 5853)
@@ -1534,9 +1534,7 @@
 CVE-2007-1891 (Stack-based buffer overflow in the GetPrivateProfileSectionW function ...)
 	NOT-FOR-US: Akamai
 CVE-2007-1890 (Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and ...)
-	- php4 <unfixed> (unimportant)
-	- php5 <unfixed> (unimportant)
-	NOTE: local code execution only, possibly only on FreeBSD
+	NOT-FOR-US: according to MOPB-43 not linux exploitable
 CVE-2007-1889 (Integer signedness error in the _zend_mm_alloc_int function in the ...)
 	{DSA-1283-1}
 	- php5 5.2.0-11 (medium)




More information about the Secure-testing-commits mailing list