[Secure-testing-commits] r3588 - data/CVE

SALVETTI Djoumé djoume-guest at costa.debian.org
Fri Mar 10 20:35:52 UTC 2006 

Author: djoume-guest
Date: 2006-03-10 20:35:44 +0000 (Fri, 10 Mar 2006)
New Revision: 3588

Modified:
   data/CVE/list
Log:
* some NFUs
* flex issue, I'm looking for someone aware about the 
coordination with ubuntu about this issue.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-03-10 20:19:26 UTC (rev 3587)
+++ data/CVE/list	2006-03-10 20:35:44 UTC (rev 3588)
@@ -313,28 +313,32 @@
 	NOT-FOR-US: Jay Eckles CGI Calendar
 CVE-2006-0979 (Unspecified vulnerability in the local weblog publisher in Nidelven IT ...)
 	NOT-FOR-US: Nidelven IT Issue Dealer
-begin claimed by djoume
 CVE-2006-0978 (Multiple cross-site scripting (XSS) vulnerabilities in the View ...)
-	TODO: check
+	NOT-FOR-US: ArGoSoft Mail Server
 CVE-2006-0977 (Craig Morrison Mail Transport System Professional (aka MTS Pro) acts ...)
-	TODO: check
+	NOT-FOR-US: MTS Pro
 CVE-2006-0976 (Directory traversal vulnerability in scan_lang_insert.php in Boris ...)
-	TODO: check
+	NOT-FOR-US: SPiD
 CVE-2006-0975 (Multiple unspecified vulnerabilities in Will Estes and John Millaway ...)
-	TODO: check
+	- flex 2.5.33-1
+	NOTE: There are other package affected by this vulnerability
+	NOTE: Martin Pitt has built a list for ubuntu and also mentionned that
+	NOTE: "Coordination with Debian has happened". 
+	NOTE: Could someone aware about this please update this entry?
+	NOTE: See : https://launchpad.net/distros/ubuntu/+source/flex/+bug/30940
 CVE-2006-0974 (Cross-site scripting (XSS) vulnerability in failure.asp in Battleaxe ...)
-	TODO: check
+	NOT-FOR-US: bttlxeForum 2.0
 CVE-2006-0973 (SQL injection vulnerability in topics.php in Appalachian State ...)
-	TODO: check
+	NOT-FOR-US: phpWebSite
 CVE-2006-0972 (SQL injection vulnerability in news.php in Tony Baird Fantastic News ...)
-	TODO: check
+	NOT-FOR-US: Tony Baird Fantastic News
 CVE-2006-0971 (Directory traversal vulnerability in Lionel Reyero DirectContact 0.3b ...)
-	TODO: check
+	NOT-FOR-US: DirectContact
 CVE-2006-0970 (PHP remote file inclusion vulnerability in index.php in one or more ...)
-	TODO: check
+	NOT-FOR-US: ActiveCampaign products
 CVE-2006-0969 (PHP remote file inclusion vulnerability in index.php in Top sites de ...)
-	TODO: check
-end claimed by djoume
+	NOT-FOR-US: PixelArtKingdom TopSites
+begin claimed by djoume
 CVE-2006-0968 (The ncprwsnt service in NCP Network Communication Secure Client 8.11 ...)
 	TODO: check
 CVE-2006-0967 (NCP Network Communication Secure Client 8.11 Build 146, and possibly ...)
@@ -377,6 +381,7 @@
 	TODO: check
 CVE-2006-0948
 	RESERVED
+end claimed by djoume
 CVE-2006-0947 (Thomson SpeedTouch modem running firmware 5.3.2.6.0 allows remote ...)
 	TODO: check
 CVE-2006-0946 (Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems ...)

More information about the Secure-testing-commits mailing list