Author: thijs Date: 2010-04-17 08:14:30 +0000 (Sat, 17 Apr 2010) New Revision: 14505 Modified: data/CVE/list Log: tcpdf copies in moodle and phpmyadmin too old to have vulnerability Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-04-16 23:02:05 UTC (rev 14504) +++ data/CVE/list 2010-04-17 08:14:30 UTC (rev 14505) @@ -443,11 +443,12 @@ CVE-2010-1245 RESERVED CVE-2010-XXXX [tcpdf code execution via tcpdf tag] - - moodle <undetermined> - - phpmyadmin <undetermined> + - moodle <not-affected> (Vulnerable code not present) + - phpmyadmin <not-affected> (Vulnerable code not present) - tcpdf <itp> (bug #495985) TODO: check NOTE: http://sourceforge.net/projects/tcpdf/files/CHANGELOG.TXT/view + NOTE: http://seclists.org/fulldisclosure/2010/Apr/104 NOTE: setting K_TCPDF_CALLS_IN_HTML to false mitigates the problem CVE-2010-XXXX [xmail insecure temp files handling] - xmail <undetermined>