[Secure-testing-commits] r5169 - data/CVE
Florian Weimer
fw at alioth.debian.org
Mon Dec 25 11:02:29 CET 2006
Author: fw
Date: 2006-12-25 11:02:26 +0100 (Mon, 25 Dec 2006)
New Revision: 5169
Modified:
data/CVE/list
Log:
CVE-2006-6625, CVE-2006-6626: moodle
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-25 09:49:33 UTC (rev 5168)
+++ data/CVE/list 2006-12-25 10:02:26 UTC (rev 5169)
@@ -172,9 +172,12 @@
CVE-2006-6627 (Integer overflow in the packed PE file parsing implementation in ...)
NOT-FOR-US: BitDefender
CVE-2006-6626 (Cross-site scripting (XSS) vulnerability in an unspecified component ...)
- TODO: check
+ - moodle 1.6-1
+ NOTE: Does not affect moodle 1.6 according to SecurityFocus.
CVE-2006-6625 (Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in ...)
- TODO: check
+ - moodle <unfixed> (low)
+ NOTE: "SC#341 fixed initilaization of navtail variable"
+ NOTE: http://moodle.cvs.sourceforge.net/moodle/moodle/mod/forum/discuss.php?view=log
CVE-2006-6624 (The FTP Server in Sambar Server 6.4 allows remote authenticated users ...)
NOT-FOR-US: Sambar
CVE-2006-6623 (Sygate Personal Firewall 5.6.2808 relies on the Process Environment ...)
More information about the Secure-testing-commits
mailing list