white at alioth.debian.org
2008-Oct-27 12:46 UTC
[Secure-testing-commits] r10181 - data/CVE
Author: white Date: 2008-10-27 12:46:29 +0000 (Mon, 27 Oct 2008) New Revision: 10181 Modified: data/CVE/list Log: Same mplayer issue has two CVE ids for different vectors Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-27 11:31:49 UTC (rev 10180) +++ data/CVE/list 2008-10-27 12:46:29 UTC (rev 10181) @@ -272,6 +272,7 @@ NOT-FOR-US: PHP Arsivimiz Php Ziyaretci Defteri CVE-2008-4610 (MPlayer allows remote attackers to cause a denial of service ...) - mplayer <unfixed> (low; bug #407010) + NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities CVE-2008-4609 (The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ...) TODO: check CVE-2008-4608 @@ -307,7 +308,8 @@ CVE-2008-4593 (Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled ...) NOT-FOR-US: Apple iPhone 2.1 with firmware 5F136 CVE-2007-6718 (MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of ...) - TODO: check + - mplayer <unfixed> (low; bug #407010) + NOTE: http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities CVE-2008-4654 (Stack-based buffer overflow in the parse_master function in the Ty ...) - vlc <not-affected> (bug #502726) NOTE: code in 0.8.6.i-2 does not have this flaw, experimental version (0.9.4 is vulnerable)