[Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-1000773 and CVE-2017-1000600

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
53815e78 by Salvatore Bonaccorso at 2019-06-10T06:32:53Z
Update information on CVE-2018-1000773 and CVE-2017-1000600

According to the available information CVE-2017-1000600 has been fixed
(but without upstream details) in 4.9. As such we mark the first version
in unstable in the 4.9 series as fixed.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41727,7 +41727,8 @@ CVE-2018-1000801 (okular version 18.08 and earlier contains a Directory Traversa
 CVE-2018-1000800 (zephyr-rtos version 1.12.0 contains a NULL base pointer reference vuln ...)
 	NOT-FOR-US: zephyr-rtos
 CVE-2018-1000773 (WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...)
-	- wordpress <undetermined>
+	- wordpress <unfixed>
+	NOTE: This CVE exists due to an incomplete fix in 4.9 for CVE-2017-1000600.
 CVE-2018-1000673
 	REJECTED
 CVE-2018-1000671 (sympa version 6.2.16 and later contains a CWE-601: URL Redirection to  ...)
@@ -41763,11 +41764,14 @@ CVE-2018-1000659 (LimeSurvey version 3.14.4 and earlier contains a directory tra
 CVE-2018-1000658 (LimeSurvey version prior to 3.14.4 contains a file upload vulnerabilit ...)
 	- limesurvey <itp> (bug #472802)
 CVE-2017-1000600 (WordPress version <4.9 contains a CWE-20 Input Validation vulnerabi ...)
-	- wordpress <undetermined>
+	- wordpress 4.9.1+dfsg-1
 	NOTE: https://www.securityfocus.com/bid/105305/references
 	NOTE: https://www.theregister.co.uk/2018/08/20/php_unserialisation_wordpress_vuln/
 	NOTE: https://cdn2.hubspot.net/hubfs/3853213/us-18-Thomas-It's-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-....pdf
 	NOTE: https://twitter.com/_s_n_t/status/1030573635617124353
+	NOTE: Wordpress before 4.9 is vulnerable on its own. After 4.9 you need to have
+	NOTE: vulnerable module installed on the site as well. Due to an incomplete fix
+	NOTE: in 4.9 there exists CVE-2018-1000773.
 CVE-2018-16553
 	RESERVED
 CVE-2018-16552 (MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/ ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/53815e78266f831fbd98d99a05f9013561d3e2d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/53815e78266f831fbd98d99a05f9013561d3e2d6
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190610/5091eae1/attachment.html>