atomo64-guest at alioth.debian.org
2008-Dec-16 05:00 UTC
[Secure-testing-commits] r10703 - data/CVE
Author: atomo64-guest Date: 2008-12-16 04:59:59 +0000 (Tue, 16 Dec 2008) New Revision: 10703 Modified: data/CVE/list Log: new lot of mediawiki issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-15 21:35:53 UTC (rev 10702) +++ data/CVE/list 2008-12-16 04:59:59 UTC (rev 10703) @@ -636,14 +636,18 @@ RESERVED CVE-2008-5253 RESERVED -CVE-2008-5252 +CVE-2008-5252 [CSRF vulnerability affecting the Special:Import feature] RESERVED + - mediawiki <unfixed> (bug #508870) CVE-2008-5251 RESERVED -CVE-2008-5250 +CVE-2008-5250 [local script injection vulnerabilities on MediaWiki installations with uploads enabled] RESERVED -CVE-2008-5249 + - mediawiki <unfixed> (bug #508869) +CVE-2008-5249 [XSS vulnerability affecting all MediaWiki installations between 1.13.0 and 1.13.2] RESERVED + - mediawiki <not-affected> (vulnerable code was introduced in 1.13.0) + TODO: [experimental] - mediawiki <unfixed> (bug #508868) CVE-2008-5276 (Integer overflow in the ReadRealIndex function in real.c in the Real ...) - vlc <not-affected> (vulnerable code not present) NOTE: affected versions are >= 0.9.x (experimental)