[Secure-testing-commits] r3735 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Mon Apr 3 12:31:19 UTC 2006
Author: jmm-guest
Date: 2006-04-03 12:31:12 +0000 (Mon, 03 Apr 2006)
New Revision: 3735
Modified:
data/CVE/list
Log:
new tcpick issue
bugnums
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-03 09:59:18 UTC (rev 3734)
+++ data/CVE/list 2006-04-03 12:31:12 UTC (rev 3735)
@@ -1,9 +1,9 @@
CVE-2006-1548 [struts xss]
- - libstruts1.2-java <unfixed> (bug filed)
+ - libstruts1.2-java <unfixed> (bug #360551)
CVE-2006-1547 [struts dos]
- - libstruts1.2-java <unfixed> (bug filed)
+ - libstruts1.2-java <unfixed> (bug #360551)
CVE-2006-1546 [struts validation bypass]
- - libstruts1.2-java <unfixed> (bug filed)
+ - libstruts1.2-java <unfixed> (bug #360551)
CVE-2006-1545 (Direct static code injection vulnerability in admin/config.php in ...)
TODO: check
CVE-2006-1544 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
@@ -139,7 +139,7 @@
- hamlib <unfixed> (bug #358166; low)
[sarge] - hamlib <no-dsa> (Only exploitable with strange user name)
CVE-2006-1550 [dia buffer overflow in xfig import]
- - dia 0.94.0-18
+ - dia 0.94.0-18 (bug #360566)
CVE-2006-1498 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and ...)
- mediawiki 1.4.15-1
- mediawiki1.5 1.5.8-1
@@ -3642,8 +3642,9 @@
CVE-2006-0049 (gpg in GnuPG before 1.4.2.2 does not properly verify non-detached ...)
{DSA-993-2}
- gnupg 1.4.2.2-1 (bug #356125; medium)
-CVE-2006-0048
+CVE-2006-0048 [tcpick dos]
RESERVED
+ - tcpick <unfixed> (bug #360571; medium)
CVE-2006-0047 (packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause ...)
{DSA-994-1}
- freeciv 2.0.8-1 (medium; bug #355211)
More information about the Secure-testing-commits
mailing list