In the PHP entry, replace mod-php with mod_php [1].

Rewrite the win32-codecs entry to even better explain the vulnerability [2]. Noticed by: Dan Langille (with FreshPorts.org) [1] Discussed with: simon [2]
svn path=/head/; revision=173049
2024-12-12 03:00:28 +00:00 · 2006-09-14 14:26:44 +00:00 · 2006-09-14 14:26:44 +00:00 · de9bbc685d · 2021-03-31 03:12:20 +00:00
commit de9bbc685d
parent 9eadea80fd
1 changed files with 9 additions and 8 deletions
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@ -47,12 +47,13 @@ Note:  Please add new entries to the beginning of this file.
 	<p>The Apple Security Team reports that there are multiple
 	  vulnerabilities within QuickTime (one of the plugins for
 	  win32-codecs).  A remote attacker capable of creating a
-	  malicious SGI image, FlashPix, FLC movie, or a Quicktime
-	  movie can possibly execute remote code via the users browser.
-	  The vulnerabilities can also lead to a Denial of Service
-	  (application crash).</p>
-	<p>Users who have QuickTime as a browser plugin might be
-	  directly affected by the remote code execution.</p>
+	  malicious SGI image, FlashPix, FLC movie, or a QuickTime
+	  movie can possibly lead to execution of arbitrary code or
+	  cause a Denial of Service (application crash).</p>
+	<p>Users who have QuickTime (/win32-codecs) as a browser plugin
+	  may be vulnerable to remote code execution by visiting a
+	  website containing a malicious SGI image, FlashPix, FLC movie
+	  or a QuickTime movie.</p>
      </body>
    </description>
    <references>
@ -91,8 +92,8 @@ Note:  Please add new entries to the beginning of this file.
 	<name>php5-horde</name>
 	<name>php4-nms</name>
 	<name>php5-nms</name>
-	<name>mod-php4</name>
-	<name>mod-php5</name>
+	<name>mod_php4</name>
+	<name>mod_php5</name>
 	<range><ge>0</ge></range>
      </package>
    </affects>