[Secure-testing-commits] r56780 - data/CVE

Salvatore Bonaccorso Tue, 17 Oct 2017 02:24:54 -0700

Author: carnil
Date: 2017-10-17 09:24:09 +0000 (Tue, 17 Oct 2017)
New Revision: 56780


Modified:
   data/CVE/list
Log:
Add CVE-2016-4461/libstruts1.2-java

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-17 09:21:12 UTC (rev 56779)
+++ data/CVE/list       2017-10-17 09:24:09 UTC (rev 56780)
@@ -61295,7 +61295,7 @@
 CVE-2016-4462 (By manipulating the URL parameter externalLoginKey, a 
malicious, ...)
        NOT-FOR-US: Apache OFBiz
 CVE-2016-4461 (Apache Struts 2.x before 2.3.29 allows remote attackers to 
execute ...)
-       TODO: check
+       - libstruts1.2-java <not-affected> (Vulnerable code not present, CVE 
for incomplete fix for CVE-2016-0785)
 CVE-2016-4460 (Apache Pony Mail 0.6c through 0.8b allows remote attackers to 
bypass ...)
        NOT-FOR-US: Apache Pony Mail
 CVE-2016-4459 (Stack-based buffer overflow in native/mod_manager/node.c in ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r56780 - data/CVE

Reply via email to