oss-sec mailing list archives
Re: CVE request: PHP MOPS-2010-56..60
From: "Steven M. Christey" <coley () linus mitre org>
Date: Fri, 20 Aug 2010 12:59:15 -0400 (EDT)
Apologies to everyone, especially Moritz who pinged me on this privately a while ago.
Some of these CVEs are SPLIT based on very narrow distinctions between types of buffer overflows, where others might have merged. This is one area where there can be some variability in CVE assignments depending on the amount of available information.
CVE-2010-3062 - MOPS-2010-056, MOPS-2010-057 - buffer overflow with untrusted length CVE-2010-3063 - MOPS-2010-058 - buffer overflow with calculation error CVE-2010-3064 - MOPS-2010-059 - classic overflow CVE-2010-3065 - MOPS-2010-060 - session deserializer data injection - Steve
Current thread:
- Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger (Aug 19)
- Re: CVE request: PHP MOPS-2010-56..60 Moritz Muehlenhoff (Aug 19)
- Re: CVE request: PHP MOPS-2010-56..60 Steven M. Christey (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 23)
- Re: CVE request: PHP MOPS-2010-56..60 Moritz Muehlenhoff (Aug 23)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 23)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 23)
- <Possible follow-ups>
- Re: CVE request: PHP MOPS-2010-56..60 pierre.php () gmail com (Aug 19)
- Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Thomas Biege (Aug 24)
- Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger (Aug 20)