oss-sec mailing list archives
CVE request: PHP MOPS-2010-56..60
From: Raphael Geissert <geissert () debian org>
Date: Wed, 30 Jun 2010 11:27:19 -0500
Hi, According to our tracker there are still some MOPS issues that don't have CVE ids. More specifically:
60: PHP Session Serializer Session Data Injection Vulnerability
http://svn.php.net/viewvc?view=revision&revision=298608
59: PHP php_mysqlnd_auth_write() Stack Buffer Overflow Vulnerability
http://svn.php.net/viewvc?view=revision&revision=298703
58: PHP php_mysqlnd_read_error_from_line() [Heap] Buffer Overflow
Vulnerability http://svn.php.net/viewvc?view=revision&revision=298703
57 PHP php_mysqlnd_rset_header_read() [Heap] Buffer Overflow Vulnerability
I think this is http://svn.php.net/viewvc?view=revision&revision=298235
56 PHP php_mysqlnd_ok_read() Information Leak Vulnerability
http://svn.php.net/viewvc?view=revision&revision=298703 Could CVE ids be assigned? Regards, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- CVE request: PHP MOPS-2010-56..60 Raphael Geissert (Jun 30)
- Re: CVE request: PHP MOPS-2010-56..60 Josh Bressers (Jun 30)