[Secure-testing-commits] r58591 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 15 07:47:15 UTC 2017
Author: carnil
Date: 2017-12-15 07:47:15 +0000 (Fri, 15 Dec 2017)
New Revision: 58591
Modified:
data/CVE/list
Log:
Add CVE-2017-17670/vlc
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-15 07:45:24 UTC (rev 58590)
+++ data/CVE/list 2017-12-15 07:47:15 UTC (rev 58591)
@@ -2039,8 +2039,11 @@
TODO: check
CVE-2017-17671 (vBulletin through 5.3.x on Windows allows remote PHP code execution ...)
TODO: check
-CVE-2017-17670
+CVE-2017-17670 [type conversion vulnerability]
RESERVED
+ - vlc <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2017/12/15/1
+ NOTE: POC: https://gist.github.com/dyntopia/194d912287656f66dd502158b0cd2e68
CVE-2017-17669 (There is a heap-based buffer over-read in the ...)
- exiv2 <undetermined>
NOTE: https://github.com/Exiv2/exiv2/issues/187
More information about the Secure-testing-commits
mailing list