[Secure-testing-commits] r6667 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Fri Sep 21 18:02:42 UTC 2007
Author: nion
Date: 2007-09-21 18:02:41 +0000 (Fri, 21 Sep 2007)
New Revision: 6667
Modified:
data/CVE/list
Log:
mplayer note updated, no heap overflow possible
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-21 17:04:30 UTC (rev 6666)
+++ data/CVE/list 2007-09-21 18:02:41 UTC (rev 6667)
@@ -109,8 +109,7 @@
NOT-FOR-US: Media Player Classic
CVE-2007-4938 (Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 ...)
- mplayer <unfixed> (bug #443478; low)
- NOTE: this should lead to an int overflow with glibc < 2.5 so maybe etch is
- NOTE: affected to a heap overflow here and not just a NULL reference
+ NOTE: just a NULL pointer dereference.
CVE-2007-4937 (CS Guestbook stores sensitive information under the web root with ...)
NOT-FOR-US: CS Guestbook
CVE-2007-4936 (Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has ...)
More information about the Secure-testing-commits
mailing list