oss-sec mailing list archives
Re: CVE request: PHP MOPS-2010-56..60
From: Tomas Hoger <thoger () redhat com>
Date: Thu, 19 Aug 2010 15:04:55 +0200
Hi Steven! This seems to have slipped through the cracks. On Wed, 30 Jun 2010 11:27:19 -0500 Raphael Geissert wrote:
Hi, According to our tracker there are still some MOPS issues that don't have CVE ids. More specifically:60: PHP Session Serializer Session Data Injection Vulnerabilityhttp://svn.php.net/viewvc?view=revision&revision=29860859: PHP php_mysqlnd_auth_write() Stack Buffer Overflow Vulnerabilityhttp://svn.php.net/viewvc?view=revision&revision=29870358: PHP php_mysqlnd_read_error_from_line() [Heap] Buffer OverflowVulnerability http://svn.php.net/viewvc?view=revision&revision=29870357 PHP php_mysqlnd_rset_header_read() [Heap] Buffer Overflow VulnerabilityI think this is http://svn.php.net/viewvc?view=revision&revision=29823556 PHP php_mysqlnd_ok_read() Information Leak Vulnerabilityhttp://svn.php.net/viewvc?view=revision&revision=298703 Could CVE ids be assigned?
-- Tomas Hoger / Red Hat Security Response Team
Current thread:
- Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger (Aug 19)
- Re: CVE request: PHP MOPS-2010-56..60 Moritz Muehlenhoff (Aug 19)
- Re: CVE request: PHP MOPS-2010-56..60 Steven M. Christey (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 23)
- Re: CVE request: PHP MOPS-2010-56..60 Moritz Muehlenhoff (Aug 23)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 23)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 23)
- <Possible follow-ups>
- Re: CVE request: PHP MOPS-2010-56..60 pierre.php () gmail com (Aug 19)
- Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye (Aug 20)
- Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger (Aug 20)