[Secure-testing-commits] r3830 - data/CVE

[Stefan Fritsch]

Author: stef-guest
Date: 2006-04-19 17:26:00 +0000 (Wed, 19 Apr 2006)
New Revision: 3830

Modified:
   data/CVE/list
Log:
new acid issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-19 16:01:23 UTC (rev 3829)
+++ data/CVE/list	2006-04-19 17:26:00 UTC (rev 3830)
@@ -607,23 +607,26 @@
 CVE-2006-1596 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: Claroline
 CVE-2006-1595 (Cross-site scripting (XSS) vulnerability in document/rqmkhtml.php in ...)
-	TODO: check
+	NOT-FOR-US: Claroline
 CVE-2006-1594 (Multiple directory traversal vulnerabilities in document/rqmkhtml.php ...)
-	TODO: check
+	NOT-FOR-US: Claroline
 CVE-2006-1593 (The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ...)
-	TODO: check
+	NOT-FOR-US: X-Doom, ZDaemon
+	NOTE: vulnerable functions don't exist in lxdoom, prboom
 CVE-2006-1592 (Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1) ...)
-	TODO: check
+	NOT-FOR-US: X-Doom, ZDaemon
+	NOTE: vulnerable functions don't exist in lxdoom, prboom
 CVE-2006-1591 (Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows Help 
 CVE-2006-1590 (Cross-site scripting (XSS) vulnerability in the PrintFreshPage ...)
-	TODO: check
+	- acidbase <unfixed> (bug filed)
+	- acidlab <unfixed> (bug filed)
 CVE-2006-1589 (The elf_load_file function in NetBSD 2.0 through 3.0 allows local ...)
-	TODO: check
+	NOT-FOR-US: NetBSD kernel
 CVE-2006-1588 (The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not ...)
-	TODO: check
+	NOT-FOR-US: NetBSD kernel
 CVE-2006-1587 (NetBSD 1.6 up to 3.0, when a user has &quot;set record&quot; in .mailrc with the ...)
-	TODO: check
+	NOT-FOR-US: NetBSD
 CVE-2002-2210 (The installation of OpenOffice 1.0.1 allows local users to overwrite ...)
 	TODO: check
 CVE-2006-1614 (Integer overflow in the cli_scanpe function in the PE header parser ...)