[Secure-testing-commits] r4646 - data/CVE
Sean Finney
seanius at costa.debian.org
Mon Aug 28 07:15:32 UTC 2006
Author: seanius
Date: 2006-08-28 07:15:27 +0000 (Mon, 28 Aug 2006)
New Revision: 4646
Modified:
data/CVE/list
Log:
a few more no-dsa's
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-08-28 06:43:08 UTC (rev 4645)
+++ data/CVE/list 2006-08-28 07:15:27 UTC (rev 4646)
@@ -6689,6 +6689,7 @@
CVE-2006-1490 (PHP before 5.1.3-RC1 might allow remote attackers to obtain portions ...)
- php5 5.1.4-0.1 (bug #359907; low)
- php4 4:4.4.2-1.1 (bug #359904; low)
+ [sarge] - php4 <no-dsa> (Application's responsibility to sanitize input)
CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the ...)
NOT-FOR-US: ActiveCampaign SupportTrio
CVE-2006-1487 (Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio ...)
@@ -7760,13 +7761,11 @@
CVE-2006-1015 (Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x ...)
- php5 5.1.4-0.1 (bug #368595; low)
- php4 <unfixed> (bug #368592; low)
- NOTE: is this really a vulnerability in php? it seems it should be a bug
- NOTE: in any application that doesn't check input before passing it along.
+ [sarge] - php4 <no-dsa> (Application's job to sanitize input)
CVE-2006-1014 (Argument injection vulnerability in certain PHP 4.x and 5.x ...)
- php5 5.1.4-0.1 (bug #368595; low)
- php4 <unfixed> (bug #368592; low)
- NOTE: is this really a vulnerability in php? it seems it should be a bug
- NOTE: in any application that doesn't check input before passing it along.
+ [sarge] - php4 <no-dsa> (Application's job to sanitize input)
CVE-2006-1013 (PHP remote file include vulnerability in index.php in SMartBlog (aka ...)
NOT-FOR-US: SMartBlog
CVE-2006-1012 (SQL injection vulnerability in WordPress 1.5.2, and possibly other ...)
More information about the Secure-testing-commits
mailing list