[Secure-testing-commits] r6666 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Fri Sep 21 17:04:30 UTC 2007
Author: nion
Date: 2007-09-21 17:04:30 +0000 (Fri, 21 Sep 2007)
New Revision: 6666
Modified:
data/CVE/list
Log:
CVE-2007-4938 mplayer (bug #443478; low), see NOTE
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-21 16:17:21 UTC (rev 6665)
+++ data/CVE/list 2007-09-21 17:04:30 UTC (rev 6666)
@@ -108,8 +108,9 @@
CVE-2007-4939 (Heap-based buffer overflow in mplayerc.exe in Media Player Classic ...)
NOT-FOR-US: Media Player Classic
CVE-2007-4938 (Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 ...)
- - mplayer <unfixed>
- TODO: report bug
+ - mplayer <unfixed> (bug #443478; low)
+ NOTE: this should lead to an int overflow with glibc < 2.5 so maybe etch is
+ NOTE: affected to a heap overflow here and not just a NULL reference
CVE-2007-4937 (CS Guestbook stores sensitive information under the web root with ...)
NOT-FOR-US: CS Guestbook
CVE-2007-4936 (Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has ...)
More information about the Secure-testing-commits
mailing list