[Secure-testing-commits] r3366 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Jan 25 13:49:15 UTC 2006
Author: jmm-guest
Date: 2006-01-25 13:49:10 +0000 (Wed, 25 Jan 2006)
New Revision: 3366
Modified:
data/CVE/list
Log:
new issues in gallery and ecartis
unimportant typo3 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-25 13:40:42 UTC (rev 3365)
+++ data/CVE/list 2006-01-25 13:49:10 UTC (rev 3366)
@@ -89,17 +89,18 @@
CVE-2006-0333 (Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote ...)
TODO: check
CVE-2006-0332 (Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments ...)
- TODO: check
+ - ecartis <unfixed> (medium; bug #348824)
CVE-2006-0331 (Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin ...)
TODO: check
CVE-2006-0330 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 ...)
- TODO: check
+ - gallery 1.5.2-1
CVE-2006-0329 (SQL injection vulnerability in HITSENSER Data Mart Server BS, BS-S, ...)
TODO: check
CVE-2006-0328 (Format string vulnerability in Tftpd32 2.81 allows remote attackers to ...)
TODO: check
CVE-2006-0327 (TYPO3 3.7.1 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ - typo3-src <unfixed> (unimportant)
+ NOTE: Only path disclosure
CVE-2006-0326
RESERVED
CVE-2006-0325 (Etomite Content Management System 0.6, and possibly earlier versions, ...)
@@ -14106,7 +14107,7 @@
CVE-2005-0659 (phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive ...)
- phpbb2 <unfixed> (unimportant)
CVE-2005-0658 (SQL injection vulnerability in a third party extension to TYPO3 allows ...)
- NOT-FOR-US: Typo3
+ NOT-FOR-US: Typo3 extension
CVE-2005-0657 (Directory traversal vulnerability in Computalynx CProxy 3.3.x and ...)
NOT-FOR-US: Computalynx CProxy
CVE-2005-0656 (Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 ...)
More information about the Secure-testing-commits
mailing list