keescook-guest at alioth.debian.org
2007-Jul-05 15:21 UTC
[Secure-testing-commits] r6097 - data/CVE
Author: keescook-guest Date: 2007-07-05 15:21:44 +0000 (Thu, 05 Jul 2007) New Revision: 6097 Modified: data/CVE/list Log: NFUs: 1; unfixed, fixed, and not-affected: libgd2 Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-05 12:14:11 UTC (rev 6096) +++ data/CVE/list 2007-07-05 15:21:44 UTC (rev 6097) @@ -73,19 +73,26 @@ CVE-2007-3479 (Stack-based buffer overflow in PCSoft WinDEV 11 (01F110053p) allows ...) NOT-FOR-US: PCSoft WinDEV CVE-2007-3478 (Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in ...) - TODO: check + - libgd2 <not-affected> + NOTE: this is a crash, and does not seem to be attacker controlled. CVE-2007-3477 (The (a) imagearc and (b) imagefilledarc functions in GD Graphics ...) - TODO: check + - libgd2 <unfixed> (low) + NOTE: CPU consumption DoS CVE-2007-3476 (Array index error in gd_gif_in.c in the GD Graphics Library (libgd) ...) - TODO: check + - libgd2 <unfixed> (low) + NOTE: can write a 0 to a 4k window in heap, very unlikely to be controllable. CVE-2007-3475 (The GD Graphics Library (libgd) before 2.0.35 allows user-assisted ...) - TODO: check + - libgd2 <not-affected> + NOTE: out-of-band memory read, does not appear attacker controlled. CVE-2007-3474 (Multiple unspecified vulnerabilities in the GIF reader in the GD ...) - TODO: check + - libgd2 <not-affected> + NOTE: appears to be prophylactic dup of CVE-2007-3476. CVE-2007-3473 (The gdImageCreateXbm function in the GD Graphics Library (libgd) ...) - TODO: check + - libgd2 <not-affected> + NOTE: this is only a NULL deref crash (same as CVE-2007-3472) CVE-2007-3472 (Integer overflow in gdImageCreateTrueColor function in the GD Graphics ...) - TODO: check + - libgd2 <not-affected> + NOTE: this is only a NULL deref crash. CVE-2007-3471 (Buffer overflow in the dtsession Common Desktop Environment (CDE) ...) NOT-FOR-US: Sun Solaris dtsession CVE-2007-3470 (Multiple unspecified vulnerabilities in the KSSL kernel module in Sun ...) @@ -113,7 +120,7 @@ CVE-2007-3459 (A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech Avax ...) TODO: check CVE-2007-3458 (The libsldap library in Sun Solaris 8, 9, and 10 allows local users to ...) - TODO: check + NOT-FOR-US: Sun Solaris libsldap CVE-2007-3457 RESERVED CVE-2007-3456 @@ -6112,9 +6119,8 @@ - evolution <unfixed> [sarge] - evolution <not-affected> (Vulnerable code not present) CVE-2007-1001 (Multiple integer overflows in the (1) createwbmp and (2) readwbmp ...) - - libgd2 <unfixed> (medium) - NOTE: Although reported initially for PHP5, this needs to be fixed in gd2, our - NOTE: PHP5 links dynamically + - libgd2 2.0.33-1 (medium) + NOTE: This has been fixed in libgd2 for a while, and php is linked against libgd2. CVE-2007-1000 (The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the ...) - linux-2.6 2.6.18.dfsg.1-12 (medium) CVE-2007-0999 (Format string vulnerability in Ekiga 2.0.3, and probably other ...)