[Secure-testing-commits] r26308 - data/CVE

Thijs Kinkhorst thijs at moszumanska.debian.org
Fri Mar 28 07:24:40 UTC 2014


Author: thijs
Date: 2014-03-28 07:24:40 +0000 (Fri, 28 Mar 2014)
New Revision: 26308

Modified:
   data/CVE/list
Log:
flash, flash


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-03-28 07:04:41 UTC (rev 26307)
+++ data/CVE/list	2014-03-28 07:24:40 UTC (rev 26308)
@@ -4982,8 +4982,11 @@
 	RESERVED
 CVE-2014-0511
 	RESERVED
-CVE-2014-0510
+CVE-2014-0510 [heap overflow with a sandbox bypass]
 	RESERVED
+	- flashplugin-nonfree <unfixed>
+	[squeeze] - flashplugin-nonfree <no-dsa> (Contrib not supported)
+	[wheezy] - flashplugin-nonfree <no-dsa> (Contrib not supported)
 CVE-2014-0509
 	RESERVED
 CVE-2014-0508
@@ -21307,7 +21310,8 @@
 CVE-2013-1637 (Opera before 12.13 allows remote attackers to execute arbitrary code ...)
 	NOT-FOR-US: Opera
 CVE-2013-1636 (Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in ...)
-	TODO: check
+	- biomaj-watcher <unfixed> (low; bug #742859)
+	[wheezy] - biomaj-watcher <no-dsa> (Minor issue)
 CVE-2013-1635 (ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not ...)
 	{DSA-2639-1}
 	- php5 5.4.4-14 (unimportant; bug #702221)




More information about the Secure-testing-commits mailing list