Author: nion Date: 2010-01-07 17:58:01 +0000 (Thu, 07 Jan 2010) New Revision: 13748 Modified: data/CVE/list Log: cveify pidgin, add todo, there is probably an issue left to be disclosed Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-07 12:16:11 UTC (rev 13747) +++ data/CVE/list 2010-01-07 17:58:01 UTC (rev 13748) @@ -215,11 +215,6 @@ - sendmail <unfixed> TODO: check NOTE: http://www.sendmail.org/releases/8.14.4 -CVE-2009-XXXX [pidgin local file disclosure vuln] - - pidgin <unfixed> (medium; bug #563206) - - gaim <removed> - TODO: check stable and oldstable (i.e. gaim) - NOTE: http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdf CVE-2009-4458 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 ...) - freepbx <itp> (bug #464926) CVE-2009-4457 (Multiple unspecified vulnerabilities in the Vsftpd Webmin module ...) @@ -697,8 +692,13 @@ RESERVED CVE-2010-0014 RESERVED -CVE-2010-0013 +CVE-2010-0013 [pidgin local file disclosure vuln] RESERVED + - pidgin <unfixed> (medium; bug #563206) + - gaim <removed> + TODO: check stable and oldstable (i.e. gaim) + TODO: check for the memory corruption in slp also mentioned in the paper + NOTE: http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdf CVE-2010-0012 [transmission directory traversal when processing .torrent files] RESERVED - transmission 1.77-1 (low)