[Secure-testing-commits] r3711 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Mar 29 22:50:56 UTC 2006
Author: jmm-guest
Date: 2006-03-29 22:50:49 +0000 (Wed, 29 Mar 2006)
New Revision: 3711
Modified:
data/CVE/list
Log:
new critical horde issue
new minor php info leak
libimager CVEfied
bugnums
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-29 09:14:24 UTC (rev 3710)
+++ data/CVE/list 2006-03-29 22:50:49 UTC (rev 3711)
@@ -1,3 +1,8 @@
+CVE-2006-1491 [horde3 eval injection()]
+ - horde3 <unfixed>
+CVE-2006-1490 [PHP information leak]
+ - php5 <unfixed> (bug #359904; low)
+ - php4 <unfixed> (bug #359907; low)
CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the ...)
TODO: check
CVE-2006-1487 (Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio ...)
@@ -195,6 +200,7 @@
CVE-2006-XXXX [libimager-perl DoS]
- libimager-perl <unfixed> (bug #359661)
NOTE: requested ID from Joey
+>>>>>>> .r3710
CVE-2006-1396 (Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL ...)
TODO: check
CVE-2006-1395 (SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message ...)
@@ -1277,7 +1283,7 @@
CVE-2006-0904
RESERVED
CVE-2006-0903 (MySQL 5.0.18 and earlier allows local users to bypass logging ...)
- - mysql-dfsg-5.0 <unfixed> (bug filed)
+ - mysql-dfsg-5.0 <unfixed> (bug #359701)
CVE-2006-0902
RESERVED
CVE-2006-0901 (Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and ...)
@@ -3478,8 +3484,9 @@
- imagemagick 6:6.2.4.5-0.6 (bug #345238; medium)
NOTE: Exploitable through Gnus and Thunderbird.
- graphicsmagick 1.1.7-1
-CVE-2006-0053
+CVE-2006-0053 [libimager-perl DoS]
RESERVED
+ - libimager-perl <unfixed> (bug #359661)
CVE-2006-0052 [Scrubber.py mailman dos]
RESERVED
- mailman <unfixed> (bug #358892)
@@ -4379,7 +4386,7 @@
CVE-2005-4191 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- nag2 2.0.4-1 (bug #342945; medium)
CVE-2005-4190 (Multiple cross-site scripting (XSS) vulnerabilities in Horde ...)
- - horde3 3.0.9-1 (bug #342942; medium)
+ - horde3 3.0.9-1 (bug #342942; bug #354512; medium)
CVE-2005-4189 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
{DSA-970-1}
- kronolith2 2.0.6-1 (bug #342943; medium)
More information about the Secure-testing-commits
mailing list