Author: nion Date: 2007-09-21 18:02:41 +0000 (Fri, 21 Sep 2007) New Revision: 6667 Modified: data/CVE/list Log: mplayer note updated, no heap overflow possible Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-09-21 17:04:30 UTC (rev 6666) +++ data/CVE/list 2007-09-21 18:02:41 UTC (rev 6667) @@ -109,8 +109,7 @@ NOT-FOR-US: Media Player Classic CVE-2007-4938 (Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 ...) - mplayer <unfixed> (bug #443478; low) - NOTE: this should lead to an int overflow with glibc < 2.5 so maybe etch is - NOTE: affected to a heap overflow here and not just a NULL reference + NOTE: just a NULL pointer dereference. CVE-2007-4937 (CS Guestbook stores sensitive information under the web root with ...) NOT-FOR-US: CS Guestbook CVE-2007-4936 (Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has ...)