Author: nion Date: 2009-06-19 19:28:04 +0000 (Fri, 19 Jun 2009) New Revision: 12170 Modified: data/CVE/list Log: adjust impact of CVE-2009-2042, rather obscure "exploit" scenario Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-06-19 19:09:20 UTC (rev 12169) +++ data/CVE/list 2009-06-19 19:28:04 UTC (rev 12170) @@ -156,8 +156,7 @@ TODO: check when MFSA is issued - xulrunner <unfixed> (low) CVE-2009-2042 (libpng before 1.2.37 does not properly parse 1-bit interlaced images ...) - - libpng 1.2.37-1 (medium; bug #533676) - NOTE: medium-urgency since possibly remotely exploitable + - libpng 1.2.37-1 (low; bug #533676) CVE-2009-2041 (Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab ...) NOT-FOR-US: activeCollab CVE-2009-2040 (admin/options.php in Grestul 1.2 does not properly restrict access, ...)
Michael S. Gilbert
2009-Jun-19 19:34 UTC
[Secure-testing-team] [Secure-testing-commits] r12170 - data/CVE
On Fri, 19 Jun 2009 19:28:05 +0000, Nico Golde wrote:> Author: nion > Date: 2009-06-19 19:28:04 +0000 (Fri, 19 Jun 2009) > New Revision: 12170 > > Modified: > data/CVE/list > Log: > adjust impact of CVE-2009-2042, rather obscure "exploit" scenarioagreed. worst that can happen is a read of sensitive memory, not code injection.
Nico Golde
2009-Jun-19 20:37 UTC
[Secure-testing-team] [Secure-testing-commits] r12170 - data/CVE
Hi, * Michael S. Gilbert <michael.s.gilbert at gmail.com> [2009-06-19 21:44]:> On Fri, 19 Jun 2009 19:28:05 +0000, Nico Golde wrote: > > Author: nion > > Date: 2009-06-19 19:28:04 +0000 (Fri, 19 Jun 2009) > > New Revision: 12170 > > > > Modified: > > data/CVE/list > > Log: > > adjust impact of CVE-2009-2042, rather obscure "exploit" scenario > > agreed. worst that can happen is a read of sensitive memory, not code > injection.This should be bad enough but in this case you probably only get memory from the webserver and the leaked data is pretty small from what I see. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20090619/8631d4bd/attachment.pgp>