Author: geissert Date: 2009-11-24 05:16:58 +0000 (Tue, 24 Nov 2009) New Revision: 13363 Modified: data/CVE/list Log: new php-net-ping issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-11-24 05:10:27 UTC (rev 13362) +++ data/CVE/list 2009-11-24 05:16:58 UTC (rev 13363) @@ -1,3 +1,9 @@ +CVE-2009-XXXX [Net_Ping PEAR module argument injection] + - php-net-ping <unfixed> + TODO: check + NOTE: http://pear.php.net/advisory20091114-01.txt + NOTE: the fix by upstream should be double checked, + NOTE: escapeshellcmd might not be the most appropriate function either CVE-2009-4046 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) 2.2.x ...) NOT-FOR-US: FrontAccounting CVE-2009-4045 (Multiple SQL injection vulnerabilities in FrontAccounting (FA) before ...)