[Secure-testing-commits] r5142 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Sun Dec 17 22:59:29 CET 2006 

Author: stef-guest
Date: 2006-12-17 22:59:27 +0100 (Sun, 17 Dec 2006)
New Revision: 5142

Modified:
   data/CVE/list
Log:
- CVE-2006-6508: new phpbb2 issue
- CVE-2006-6515: new mantis issue
- some NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-12-17 21:12:24 UTC (rev 5141)
+++ data/CVE/list	2006-12-17 21:59:27 UTC (rev 5142)
@@ -91,13 +91,13 @@
 CVE-2006-6532 (Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite ...)
 	NOT-FOR-US: Vt-Forum Lite
 CVE-2006-6531 (Cross-site scripting (XSS) vulnerability in the Help Tip module before ...)
-	TODO: check
+	NOT-FOR-US: Help Tip module for Drupal
 CVE-2006-6530 (SQL injection vulnerability in the Help Tip module before 4.7.x-1.0 ...)
-	TODO: check
+	NOT-FOR-US: Help Tip module for Drupal
 CVE-2006-6529 (The Chatroom Module before 4.7.x.-1.0 for Drupal displays private ...)
-	TODO: check
+	NOT-FOR-US: Chatroom Module for Drupal
 CVE-2006-6528 (The Chatroom Module before 4.7.x.-1.0 for Drupal broadcasts Chatroom ...)
-	TODO: check
+	NOT-FOR-US: Chatroom Module for Drupal
 CVE-2006-6527 (PHP remote file inclusion vulnerability in guest.php in Gizzar ...)
 	NOT-FOR-US: Gizzar
 CVE-2006-6526 (PHP remote file inclusion vulnerability in index.php in Gizzar ...)
@@ -123,7 +123,7 @@
 CVE-2006-6516 (Multiple PHP remote file inclusion vulnerabilities in KDPics 1.16 and ...)
 	NOT-FOR-US: KDPics
 CVE-2006-6515 (Mantis before 1.1.0a2 sets the default value of ...)
-	TODO: check
+	- mantis <unfixed>
 CVE-2006-6514 (Winamp Web Interface (Wawi) 7.5.13 and earlier uses an insufficient ...)
 	NOT-FOR-US: Winamp Web Interface (Wawi)
 CVE-2006-6513 (The CControl::Download function (/dl URI) in Winamp Web Interface ...)
@@ -137,7 +137,7 @@
 CVE-2006-6509 (Cross-site scripting (XSS) vulnerability in the skinning feature in ...)
 	NOT-FOR-US: SiteKiosk
 CVE-2006-6508 (Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows ...)
-	TODO: check
+	- phpbb2 <unfixed> (bug #402140)
 CVE-2006-6507
 	RESERVED
 CVE-2006-6506

More information about the Secure-testing-commits mailing list