[Git][security-tracker-team/security-tracker][master] Add CVE-2018-2059{2,3}/mxml issues

Tue, 01 Jan 2019 08:10:46 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9cb92ff7 by Salvatore Bonaccorso at 2019-01-01T16:09:32Z
Add CVE-2018-2059{2,3}/mxml issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -282,9 +282,19 @@ CVE-2018-20595 (A CSRF issue was discovered in ...)
 CVE-2018-20594 (An issue was discovered in hsweb 3.0.4. It is a reflected XSS 
...)
        NOT-FOR-US: hsweb
 CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer 
overflow in ...)
-       TODO: check
+       - mxml <unfixed>
+       NOTE: 
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2971_1.txt
+       NOTE: 
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2971_1.txt.err
 (error output)
+       NOTE: 
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2987_1.txt
+       NOTE: 
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2987_1.txt.err
 (error output)
+       NOTE: https://github.com/michaelrsweet/mxml/issues/237
 CVE-2018-20592 (In Mini-XML (aka mxml) v2.12, there is a use-after-free in the 
mxmlAdd ...)
-       TODO: check
+       - mxml <unfixed>
+       NOTE: 
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_1.txt
+       NOTE: 
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_1.txt.err
 (error output)
+       NOTE: 
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_2.txt
+       NOTE: 
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_2.txt.err
 (error output)
+       NOTE: https://github.com/michaelrsweet/mxml/issues/237
 CVE-2018-20591 (A heap-based buffer over-read was discovered in decompileJUMP 
function ...)
        - ming <removed>
        NOTE: https://github.com/libming/libming/issues/168



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9cb92ff73e764f6ace01d2e91f4e0a59b0470f51

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9cb92ff73e764f6ace01d2e91f4e0a59b0470f51
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to