[Secure-testing-commits] r16110 - data/CVE

Sat Feb 12 05:26:48 UTC 2011

Author: geissert
Date: 2011-02-12 05:26:41 +0000 (Sat, 12 Feb 2011)
New Revision: 16110

Modified:
   data/CVE/list
Log:
new smarty issue
2 php5 issues are unimportant, 1 doesn't affect us, and 1 is low
(rather unimportant actually, but will be fixed via a DSA)


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-02-11 21:18:31 UTC (rev 16109)
+++ data/CVE/list	2011-02-12 05:26:41 UTC (rev 16110)
@@ -1,3 +1,9 @@
+CVE-2011-XXXX [incorrect handling of {$smarty.template} and {$smarty.current_dir}]
+	- smarty3 <unfixed>
+	- smarty <unfixed>
+	NOTE: http://www.smarty.net/forums/viewtopic.php?t=18815
+	NOTE: http://code.google.com/p/smarty-php/source/detail?r=3989
+	TODO: check
 CVE-2011-0985 (Google Chrome before 9.0.597.94 does not properly perform process ...)
 	TODO: check
 CVE-2011-0984 (Google Chrome before 9.0.597.94 does not properly handle plug-ins, ...)
@@ -1150,13 +1156,14 @@
 CVE-2011-0486 (Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM Cognos 8 ...)
 	NOT-FOR-US: IBM Cognos
 CVE-2010-4700 (The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the ...)
-	- php5 <unfixed>
+	- php5 <not-affected> (vuln code in mysqlnd, we use libmysqlclient)
 CVE-2010-4699 (The iconv_mime_decode_headers function in the Iconv extension in PHP ...)
-	- php5 <unfixed>
+	- php5 <unfixed> (unimportant)
 CVE-2010-4698 (Stack-based buffer overflow in the GD extension in PHP before 5.2.15 ...)
-	- libgd2 <undetermined>
+	- php5 <unfixed> (low)
 CVE-2010-4697 (Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 ...)
-	- php5 <unfixed>
+	- php5 <unfixed> (unimportant)
+	NOTE: requires attacker to be able to execute code already
 CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
 	NOT-FOR-US: Joomla 
 CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...)


