[Secure-testing-commits] r3984 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Fri May 19 18:24:02 UTC 2006
Author: alec-guest
Date: 2006-05-19 18:23:58 +0000 (Fri, 19 May 2006)
New Revision: 3984
Modified:
data/CVE/list
Log:
* two new phpMyAdmin CVEs
* many NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-19 16:08:02 UTC (rev 3983)
+++ data/CVE/list 2006-05-19 18:23:58 UTC (rev 3984)
@@ -57,30 +57,30 @@
CVE-2006-2427 (freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h ...)
- clamav <not-affected> (clamav-freshclam doesn't ship freshclam setuid or setgid)
CVE-2006-2426 (Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 ...)
- TODO: check
+ NOT-FOR-US: in non-free
CVE-2006-2425 (Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in ...)
- TODO: check
+ NOT-FOR-US: phpRemoteView
CVE-2006-2424 (PHP remote file inclusion vulnerability in ezUserManager 1.6 and ...)
- TODO: check
+ NOT-FOR-US: ezUserManager
CVE-2006-2423 (Cross-site scripting (XSS) vulnerability in ftplogin/index.php in ...)
- TODO: check
+ NOT-FOR-US: Confixx
CVE-2006-2422 (phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, ...)
- TODO: check
+ NOT-FOR-US: phpCOIN
CVE-2006-2421 (Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows ...)
- TODO: check
+ NOT-FOR-US: Pragma
CVE-2006-2420 (Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows ...)
NOTE: "this issue normally would not be included in CVE, it is being identified since the Bugzilla developers have addressed it."
- bugzilla <unfixed> (unimportant)
CVE-2006-2419 (Cross-site scripting (XSS) vulnerability in index.php in Directory ...)
- TODO: check
+ NOT-FOR-US: Directory Listing Script
CVE-2006-2418 (Cross-site scripting (XSS) vulnerabilities in certain versions of ...)
- TODO: check
+ - phpmyadmin <unfixed> (medium)
CVE-2006-2417 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before ...)
- TODO: check
+ - phpmyadmin <unfixed> (medium)
CVE-2006-2416 (SQL injection vulnerability in class2.php in e107 0.7.2 and earlier ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2006-2415 (Multiple cross-site scripting (XSS) vulnerabilities in FlexChat 2.0 ...)
- TODO: check
+ NOT-FOR-US: FlexChat
CVE-2006-2414 (Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows ...)
TODO: check
CVE-2006-2413 (GNUnet before SVN revision 2781 allows remote attackers to cause a ...)
More information about the Secure-testing-commits
mailing list