[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Month of PHP Security 2010 Issues
From:       "Steven M. Christey" <coley () linus ! mitre ! org>
Date:       2010-05-11 23:31:45
Message-ID: Pine.GSO.4.64.1005111927060.21091 () faron ! mitre ! org
[Download RAW message or body]


Here is the latest round of CVE assignments for MOPS advisories.

>MOPS-2010-021: PHP fnmatch() Stack Exhaustion Vulnerability

CVE-2010-1917


>MOPS-2010-020: Xinha WYSIWYG Plugin Configuration Injection Vulnerability
>MOPS-2010-019: Serendipity WYSIWYG Editor Plugin Configuration Injection

These two are combined into a single CVE:

CVE-2010-1916


>MOPS-2010-018: EFront ask_chat chatrooms_ID SQL Injection Vulnerability

CVE-2010-1918


>MOPS-2010-017: PHP preg_quote() Interruption Information Leak

CVE-2010-1915


>MOPS-2010-016: PHP ZEND_SR Opcode Interruption Address Information Leak 
>MOPS-2010-015: PHP ZEND_SL Opcode Interruption Address Information Leak 
>MOPS-2010-014: PHP ZEND_BW_XOR Opcode Interruption Address Information

These three are combined into a single CVE:

CVE-2010-1914


- Steve
[prev in list] [next in list] [prev in thread] [next in thread]