oss-sec mailing list archives
Re: Month of PHP Security 2010 Issues
From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 11 May 2010 19:31:45 -0400 (EDT)
Here is the latest round of CVE assignments for MOPS advisories.
MOPS-2010-021: PHP fnmatch() Stack Exhaustion Vulnerability
CVE-2010-1917
MOPS-2010-020: Xinha WYSIWYG Plugin Configuration Injection Vulnerability MOPS-2010-019: Serendipity WYSIWYG Editor Plugin Configuration Injection
These two are combined into a single CVE: CVE-2010-1916
MOPS-2010-018: EFront ask_chat chatrooms_ID SQL Injection Vulnerability
CVE-2010-1918
MOPS-2010-017: PHP preg_quote() Interruption Information Leak
CVE-2010-1915
MOPS-2010-016: PHP ZEND_SR Opcode Interruption Address Information Leak MOPS-2010-015: PHP ZEND_SL Opcode Interruption Address Information Leak MOPS-2010-014: PHP ZEND_BW_XOR Opcode Interruption Address Information
These three are combined into a single CVE: CVE-2010-1914 - Steve
Current thread:
- Month of PHP Security 2010 Issues Eren Türkay (May 11)
- Re: Month of PHP Security 2010 Issues Moritz Muehlenhoff (May 11)
- Re: Month of PHP Security 2010 Issues Steven M. Christey (May 11)