[Secure-testing-commits] r2628 - data/CVE
Florian Weimer
fw at costa.debian.org
Mon Oct 31 21:24:26 UTC 2005
Author: fw
Date: 2005-10-31 21:24:21 +0000 (Mon, 31 Oct 2005)
New Revision: 2628
Modified:
data/CVE/list
Log:
Bug number for PHP 5.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-10-31 20:02:34 UTC (rev 2627)
+++ data/CVE/list 2005-10-31 21:24:21 UTC (rev 2628)
@@ -1,15 +1,15 @@
CVE-2005-XXXX [generic XSS vulnerability in PHP's phpinfo function]
{CVE-2002-1954}
- php4 <unfixed> (bug #336645; low)
- - php5 <unfixed> (bug filed; low)
+ - php5 <unfixed> (bug #336654; low)
NOTE: http://www.hardened-php.net/advisory_182005.77.html
CVE-2005-XXXX [PHP register_globals Activation Vulnerability in parse_str]
- php4 <unfixed> (bug #336645; low)
- - php5 <unfixed> (bug filed; low)
+ - php5 <unfixed> (bug #336654; low)
NOTE: http://www.hardened-php.net/advisory_192005.78.html
CVE-2005-XXXX [PHP File-Upload $GLOBALS Overwrite Vulnerability]
- php4 <unfixed> (bug #336645; low)
- - php5 <unfixed> (bug filed; high)
+ - php5 <unfixed> (bug #336654; high)
NOTE: http://www.hardened-php.net/advisory_202005.79.html
NOTE: http://www.hardened-php.net/globals-problem
CVE-2005-XXXX [phpBB issues fixed in 2.0.18]
@@ -4589,7 +4589,7 @@
NOTE: log the developers seem unwilling to fix this, as it only affects a debug
NOTE: function.
- php4 <unfixed> (bug #336645; low)
- - php5 <unfixed> (bug filed; low)
+ - php5 <unfixed> (bug #336654; low)
CVE-2002-1953 (Heap-based buffer overflow in the goim handler of AOL Instant ...)
NOT-FOR-US: AIM
CVE-2002-1952 (phpRank 1.8 does not properly check the return codes for MySQL ...)
More information about the Secure-testing-commits
mailing list