seanius at alioth.debian.org
2007-Aug-29 22:30 UTC
[Secure-testing-commits] r6434 - data/CVE
Author: seanius Date: 2007-08-29 22:30:05 +0000 (Wed, 29 Aug 2007) New Revision: 6434 Modified: data/CVE/list Log: update on php-gd vuln actually in libt1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-29 19:49:33 UTC (rev 6433) +++ data/CVE/list 2007-08-29 22:30:05 UTC (rev 6434) @@ -1188,7 +1188,9 @@ CVE-2007-4034 (Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! ...) NOT-FOR-US: Yahoo! Widgets CVE-2007-4033 (Buffer overflow in php_gd2.dll in the gd (PHP_GD2) extension in PHP ...) - - php5 <unfixed> (bug #439927) + - libt1 <unfixed> (bug #439927) + NOTE: originally posted as a php vuln, actually in libt1 + NOTE: http://www.securityfocus.com/bid/25079 (particularly the discussions) CVE-2007-4032 (Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote ...) NOT-FOR-US: CrystalPlayer CVE-2007-4031 (Directory traversal vulnerability in a certain ActiveX control in ...)