[Secure-testing-commits] r15346 - data/CVE
Giuseppe Iuculano
iuculano at alioth.debian.org
Sat Sep 18 14:32:27 UTC 2010
Author: iuculano
Date: 2010-09-18 14:32:25 +0000 (Sat, 18 Sep 2010)
New Revision: 15346
Modified:
data/CVE/list
Log:
CVE-2010-2790 fixed
some details for CVE-2010-1807
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-17 21:42:11 UTC (rev 15345)
+++ data/CVE/list 2010-09-18 14:32:25 UTC (rev 15346)
@@ -1621,7 +1621,7 @@
CVE-2010-2791 (mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, ...)
- apache2 2.2.10-1 (low)
CVE-2010-2790 (Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery ...)
- - zabbix <unfixed> (bug #594304)
+ - zabbix 1:1.8.3-1 (bug #594304)
NOTE: https://support.zabbix.com/browse/ZBX-2326
[lenny] - zabbix <no-dsa> (Minor issue)
CVE-2010-2789 [mediawiki "register_globals arbitrary inclusion"]
@@ -4223,8 +4223,13 @@
CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
NOT-FOR-US: Apple Mac OS X
CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 does not ...)
- - webkit <undetermined>
- - chromium-browser <undetermined>
+ - webkit <unfixed>
+ - chromium-browser <not-affected>
+ NOTE: don't know the changeset, but the problem is that the standard-library strtod()
+ NOTE: parses "NAN(payload)" as a NaN with a user-defined payload, which is bad for the nan-boxing
+ NOTE: scheme used by webkit (and mozilla). The fix is not to accept "NAN(payload)".
+ NOTE: test-case: -parseFloat("NAN(ffffeeeeeff0f)")
+ NOTE: reproduced with epiphany
CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...)
- webkit <undetermined>
- chromium-browser 5.0.375.127~r55887-1
More information about the Secure-testing-commits
mailing list