Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.64.1005111927060.21091@faron.mitre.org>
Date: Tue, 11 May 2010 19:31:45 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
Subject: Re: Month of PHP Security 2010 Issues


Here is the latest round of CVE assignments for MOPS advisories.

>MOPS-2010-021: PHP fnmatch() Stack Exhaustion Vulnerability

CVE-2010-1917


>MOPS-2010-020: Xinha WYSIWYG Plugin Configuration Injection Vulnerability
>MOPS-2010-019: Serendipity WYSIWYG Editor Plugin Configuration Injection

These two are combined into a single CVE:

CVE-2010-1916


>MOPS-2010-018: EFront ask_chat chatrooms_ID SQL Injection Vulnerability

CVE-2010-1918


>MOPS-2010-017: PHP preg_quote() Interruption Information Leak

CVE-2010-1915


>MOPS-2010-016: PHP ZEND_SR Opcode Interruption Address Information Leak 
>MOPS-2010-015: PHP ZEND_SL Opcode Interruption Address Information Leak 
>MOPS-2010-014: PHP ZEND_BW_XOR Opcode Interruption Address Information

These three are combined into a single CVE:

CVE-2010-1914


- Steve

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.