Author: nion Date: 2008-05-12 17:16:39 +0000 (Mon, 12 May 2008) New Revision: 8785 Modified: data/CVE/list Log: CVE-2008-1552 is low, no code execution possible Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-05-12 17:02:07 UTC (rev 8784) +++ data/CVE/list 2008-05-12 17:16:39 UTC (rev 8785) @@ -1238,8 +1238,10 @@ CVE-2008-1553 (Directory traversal vulnerability in mod.php in TopperMod 1.0 allows ...) NOT-FOR-US: TopperMod CVE-2008-1552 (The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) ...) - - libsilc 1.1.7-1 (medium) + - libsilc 1.1.7-1 (low) - silc-client <not-affected> (links against libsilc) + NOTE: this can''t result code execution but only in a crash as data_len - i always results + NOTE: in -1 and malloc will never succeed and thus not reaching any free CVE-2008-1551 (SQL injection vulnerability in viewcat.php in the Photo 3.02 module ...) NOT-FOR-US: RunCMS CVE-2008-1550 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)