[Secure-testing-commits] r10564 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Mon Dec 1 15:14:06 UTC 2008
Author: thijs
Date: 2008-12-01 15:14:05 +0000 (Mon, 01 Dec 2008)
New Revision: 10564
Modified:
data/CVE/list
Log:
chm2pdf cves assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-01 14:58:39 UTC (rev 10563)
+++ data/CVE/list 2008-12-01 15:14:05 UTC (rev 10564)
@@ -1640,8 +1640,10 @@
NOT-FOR-US: EC-CUBE
CVE-2008-4534 (SQL injection vulnerability in EC-CUBE Ver2 2.1.2a and earlier, and ...)
NOT-FOR-US: EC-CUBE
-CVE-2008-XXXX [chm2pdf: insecure temp file usage]
+CVE-2008-5299 [chm2pdf: insecure temp file usage: DoS by precreating directories]
- chm2pdf 0.9.1-1.1 (low; bug #501959)
+CVE-2008-5298 [chm2pdf: insecure temp file usage: symlink attack]
+ - chm2pdf 0.9.1-1.1 (low; bug #501959)
CVE-2008-4533 (Cross-site scripting (XSS) vulnerability in Kantan WEB Server 1.8 and ...)
NOT-FOR-US: Kantan WEB Server
CVE-2008-4532 (Cross-site scripting (XSS) vulnerability in index.php in MaxiScript ...)
More information about the Secure-testing-commits
mailing list