oss-sec mailing list archives
Re: CVE request: PHP MOPS-2010-56..60
From: Josh Bressers <bressers () redhat com>
Date: Wed, 30 Jun 2010 14:45:11 -0400 (EDT)
I'm going to leave these for MITRE. They handled all the other MOPS bugs, it's possible these have IDs and we just don't know. Thanks. -- JB ----- "Raphael Geissert" <geissert () debian org> wrote:
Hi, According to our tracker there are still some MOPS issues that don't have CVE ids. More specifically:60: PHP Session Serializer Session Data Injection Vulnerabilityhttp://svn.php.net/viewvc?view=revision&revision=29860859: PHP php_mysqlnd_auth_write() Stack Buffer OverflowVulnerability http://svn.php.net/viewvc?view=revision&revision=29870358: PHP php_mysqlnd_read_error_from_line() [Heap] Buffer OverflowVulnerability http://svn.php.net/viewvc?view=revision&revision=29870357 PHP php_mysqlnd_rset_header_read() [Heap] Buffer OverflowVulnerability I think this is http://svn.php.net/viewvc?view=revision&revision=29823556 PHP php_mysqlnd_ok_read() Information Leak Vulnerabilityhttp://svn.php.net/viewvc?view=revision&revision=298703 Could CVE ids be assigned? Regards, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- CVE request: PHP MOPS-2010-56..60 Raphael Geissert (Jun 30)
- Re: CVE request: PHP MOPS-2010-56..60 Josh Bressers (Jun 30)