thr3ads.net - Secure testing commits - [Secure-testing-commits] r10204

If this information is useful, please help other people find it:
Share via:

thijs at alioth.debian.org

2008-Oct-29 19:29 UTC

[Secure-testing-commits] r10204 - data/CVE

Author: thijs
Date: 2008-10-29 19:29:57 +0000 (Wed, 29 Oct 2008)
New Revision: 10204

Modified:
   data/CVE/list
Log:
pma issue is exploitable with rg=0


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-10-29 19:28:38 UTC (rev 10203)
+++ data/CVE/list	2008-10-29 19:29:57 UTC (rev 10204)
@@ -65,8 +65,7 @@
 CVE-2008-XXXX [balazar3: insecure temp file handling]
 	- balazar3 0.1-2 (bug #503750)
 CVE-2008-4775 [XSS in phpmyadmin via db parameter in pmd_pdf.php]
-	- phpmyadmin <unfixed> (unimportant)
-	NOTE: relies on register_globals being on which is not supported by Debian
+	- phpmyadmin <unfixed> (low)
 	NOTE: http://www.securityfocus.com/archive/1/497815
 CVE-2008-XXXX [programming error in blender can cause arbitrary code execution]
 	- blender 2.46+dfsg-5 (bug #503632)

Secure testing commits - Oct 2008 - r10204 - data/CVE

[Secure-testing-commits] r10204 - data/CVE