[Secure-testing-commits] r8785 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Mon May 12 17:16:40 UTC 2008
Author: nion
Date: 2008-05-12 17:16:39 +0000 (Mon, 12 May 2008)
New Revision: 8785
Modified:
data/CVE/list
Log:
CVE-2008-1552 is low, no code execution possible
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-05-12 17:02:07 UTC (rev 8784)
+++ data/CVE/list 2008-05-12 17:16:39 UTC (rev 8785)
@@ -1238,8 +1238,10 @@
CVE-2008-1553 (Directory traversal vulnerability in mod.php in TopperMod 1.0 allows ...)
NOT-FOR-US: TopperMod
CVE-2008-1552 (The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) ...)
- - libsilc 1.1.7-1 (medium)
+ - libsilc 1.1.7-1 (low)
- silc-client <not-affected> (links against libsilc)
+ NOTE: this can't result code execution but only in a crash as data_len - i always results
+ NOTE: in -1 and malloc will never succeed and thus not reaching any free
CVE-2008-1551 (SQL injection vulnerability in viewcat.php in the Photo 3.02 module ...)
NOT-FOR-US: RunCMS
CVE-2008-1550 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
More information about the Secure-testing-commits
mailing list