Author: carnil Date: 2014-01-10 02:44:52 +0000 (Fri, 10 Jan 2014) New Revision: 25135
Modified: data/CVE/list Log: Add CVE-2013-7285/libxstream-java Modified: data/CVE/list =================================================================== --- data/CVE/list 2014-01-10 02:34:18 UTC (rev 25134) +++ data/CVE/list 2014-01-10 02:44:52 UTC (rev 25135) @@ -386,6 +386,11 @@ RESERVED CVE-2014-0790 RESERVED +CVE-2013-7285 [remote code execution via deserialization in XStream] + - libxstream-java <unfixed> + NOTE: http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html + NOTE: http://markmail.org/message/kfqoqdfj5fnup5co?q=list:org.codehaus.xstream.dev&page=3 + NOTE: initial patch: https://fisheye.codehaus.org/changelog/xstream?cs=2210 CVE-2013-7284 [libplrpc-perl remote code execution due to Storable] - libplrpc-perl <unfixed> (high; bug #734789) NOTE: Upstream appears dead. _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits