[Secure-testing-commits] r5177 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Mon Dec 25 23:19:56 CET 2006
Author: jmm-guest
Date: 2006-12-25 23:19:54 +0100 (Mon, 25 Dec 2006)
New Revision: 5177
Modified:
data/CVE/list
Log:
netrik fixed
two no-dsas
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-25 20:30:27 UTC (rev 5176)
+++ data/CVE/list 2006-12-25 22:19:54 UTC (rev 5177)
@@ -1,5 +1,6 @@
CVE-2006-XXXX [insecure rpath in libflash-mozplugin]
- libflash 0.4.13-9 (low; bug #399508)
+ [etch] - libflash <no-dsa> (Not exploitable through directory writable by an unprivileged user)
CVE-2006-6697 (CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle ...)
NOT-FOR-US: Oracle
CVE-2006-6696 (Double-free vulnerability in Microsoft Windows 2000, XP, 2003, and ...)
@@ -40,7 +41,7 @@
CVE-2006-6679 (Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For ...)
- chetcpasswd <removed> (medium)
CVE-2006-6678 (The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier ...)
- - netrik <unfixed> (medium; bug #404233)
+ - netrik 1.15.3-1.1 (medium; bug #404233)
CVE-2006-6677 (ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a ...)
NOT-FOR-US: ESET NOD32 Antivirus
CVE-2006-6676 (Integer overflow in ESET NOD32 Antivirus before 1.1743 allows remote ...)
@@ -200,6 +201,7 @@
NOT-FOR-US: Activity Games module for mxBB
CVE-2006-6614 (The save_log_local function in Fully Automatic Installation (FAI) ...)
- fai 3.1.3 (low; bug #402644)
+ [sarge] - fai <no-dsa> (Minor issue, only in rare configs and use cases)
CVE-2006-6613 (Directory traversal vulnerability in language.php in phpAlbum 0.4.1 ...)
NOT-FOR-US: phpAlbum
CVE-2006-6612 (PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms ...)
More information about the Secure-testing-commits
mailing list