[Secure-testing-commits] r29912 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2014-11-08 04:59:41 +0000 (Sat, 08 Nov 2014)
New Revision: 29912

Modified:
   data/CVE/list
Log:
Add CVE-2014-7146/mantis added

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-08 04:44:12 UTC (rev 29911)
+++ data/CVE/list	2014-11-08 04:59:41 UTC (rev 29912)
@@ -3330,8 +3330,13 @@
 	RESERVED
 CVE-2014-7147
 	RESERVED
-CVE-2014-7146
+CVE-2014-7146 [XmlImportExport plugin PHP Code Injection]
 	RESERVED
+	- mantis <unfixed>
+	NOTE: http://www.mantisbt.org/bugs/view.php?id=17725
+	NOTE: http://www.mantisbt.org/bugs/view.php?id=17780
+	NOTE: https://github.com/mantisbt/mantisbt/commit/bed19db9 (1.2.x branch)
+	NOTE: https://github.com/mantisbt/mantisbt/commit/84017535 (master)
 CVE-2014-7140 (Unspecified vulnerability in the management interface in Citrix ...)
 	NOT-FOR-US: Citrix NetScaler
 CVE-2014-7139 (Multiple cross-site scripting (XSS) vulnerabilities in the Contact ...)