[Secure-testing-commits] r9356 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Wed Jul 16 19:26:13 UTC 2008
Author: thijs
Date: 2008-07-16 19:26:11 +0000 (Wed, 16 Jul 2008)
New Revision: 9356
Modified:
data/CVE/list
Log:
pma issue mostly allows to annoy a user
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-16 19:18:50 UTC (rev 9355)
+++ data/CVE/list 2008-07-16 19:26:11 UTC (rev 9356)
@@ -3,7 +3,10 @@
NOTE: this code was never present in a released wordpress version
NOTE: http://www.openwall.com/lists/oss-security/2008/07/15/5
CVE-2008-3197 [phpmyadmin CSRF PMASA-2008-5]
- - phpmyadmin 4:2.11.7.1-1
+ - phpmyadmin 4:2.11.7.1-1 (low)
+ [etch] - phpmyadmin <no-dsa> (low impact issue)
+ NOTE: this only allows via csrf to create an empty database.
+ NOTE: this would take a lot of work to get it only to the 'annoying' level, let alone a DoS
CVE-2008-3186 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog ...)
NOT-FOR-US: Chipmunk Blog
CVE-2008-3185 (SQL injection vulnerability in index.php in Relative Real Estate ...)
More information about the Secure-testing-commits
mailing list