[Secure-testing-commits] r12407 - data/CVE
Luciano Bello
luciano at alioth.debian.org
Sat Jul 25 01:35:16 UTC 2009
Author: luciano
Date: 2009-07-25 01:35:16 +0000 (Sat, 25 Jul 2009)
New Revision: 12407
Modified:
data/CVE/list
Log:
CVE-2009-1725 affects to webkit, qt4-x11, kdelibs and kde4libs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-24 21:34:40 UTC (rev 12406)
+++ data/CVE/list 2009-07-25 01:35:16 UTC (rev 12407)
@@ -2174,7 +2174,12 @@
CVE-2009-1726
RESERVED
CVE-2009-1725 (WebKit in Apple Safari before 4.0.2 does not properly handle numeric ...)
- TODO: check
+ - webkit <unfixed> (medium; bug #538346)
+ - qt4-x11 <unfixed> (medium; bug #538347)
+ - kdelibs <unfixed> (medium; bug #538350)
+ - kde4libs <unfixed> (medium; bug #538349)
+ NOTE: patch http://trac.webkit.org/changeset/44799/
+ NOTE: PoC https://cevans-app.appspot.com/static/webkitentityoffbyone.html
CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
TODO: check
CVE-2009-1723
More information about the Secure-testing-commits
mailing list