Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9cb92ff7 by Salvatore Bonaccorso at 2019-01-01T16:09:32Z Add CVE-2018-2059{2,3}/mxml issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -282,9 +282,19 @@ CVE-2018-20595 (A CSRF issue was discovered in ...) CVE-2018-20594 (An issue was discovered in hsweb 3.0.4. It is a reflected XSS ...) NOT-FOR-US: hsweb CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in ...) - TODO: check + - mxml <unfixed> + NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2971_1.txt + NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2971_1.txt.err (error output) + NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2987_1.txt + NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2987_1.txt.err (error output) + NOTE: https://github.com/michaelrsweet/mxml/issues/237 CVE-2018-20592 (In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd ...) - TODO: check + - mxml <unfixed> + NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_1.txt + NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_1.txt.err (error output) + NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_2.txt + NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_2.txt.err (error output) + NOTE: https://github.com/michaelrsweet/mxml/issues/237 CVE-2018-20591 (A heap-based buffer over-read was discovered in decompileJUMP function ...) - ming <removed> NOTE: https://github.com/libming/libming/issues/168 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9cb92ff73e764f6ace01d2e91f4e0a59b0470f51 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9cb92ff73e764f6ace01d2e91f4e0a59b0470f51 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits