Author: sf Date: 2010-01-17 10:14:53 +0000 (Sun, 17 Jan 2010) New Revision: 13844 Modified: data/CVE/list Log: new apache 1.3 issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-17 09:37:10 UTC (rev 13843) +++ data/CVE/list 2010-01-17 10:14:53 UTC (rev 13844) @@ -1413,8 +1413,12 @@ - uzbl 0.0.0~git.20100105-1 (medium) NOTE: http://www.uzbl.org/news.php?id=22 NOTE: maintainer is aware of it -CVE-2010-0010 +CVE-2010-0010 [Apache httpd 1.3 mod_proxy integer overflow on 64bit archs] RESERVED + - apache <unfixed> (low) + NOTE: Exploitability is fairly limited: Can only be exploited by a malicious server, + NOTE: not by a client. No sane person uses apache 1.3 as forward proxy and in reverse + NOTE: proxy situations, the backend server is usually trusted, anyway. CVE-2010-0009 RESERVED CVE-2010-0008