[Secure-testing-commits] r4047 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Mon May 22 19:59:40 UTC 2006
Author: alec-guest
Date: 2006-05-22 19:59:37 +0000 (Mon, 22 May 2006)
New Revision: 4047
Modified:
data/CVE/list
Log:
cross-domain cookie sharing in mozilla-based browsers and konqueror (low); never fixed, possibly wontfix
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-22 17:25:24 UTC (rev 4046)
+++ data/CVE/list 2006-05-22 19:59:37 UTC (rev 4047)
@@ -4809,9 +4809,13 @@
CVE-2005-4686 (PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes ...)
NOT-FOR-US: PunBB
CVE-2005-4685 (Firefox and Mozilla can associate a cookie with multiple domains when ...)
- TODO: check
+ NOTE: see CVE-2005-4684
+ - firefox <unfixed> (low)
+ - mozilla <unfixed> (low)
+ - xulrunner <unfixed> (low)
CVE-2005-4684 (Konqueror can associate a cookie with multiple domains when the DNS ...)
- TODO: check
+ NOTE: http://cvs.fedora.redhat.com/viewcvs/fedora-security/audit/fc5?root=fedora&rev=1.172&view=markup says "ignore (kdebase) not fixed upstream, low, can't fix"
+ - kdebase <unfixed> (low)
CVE-2005-4683 (PADL MigrationTools 46, when a failure occurs, stores contents of ...)
- migrationtools 46-2.1 (bug #338920; medium)
CVE-2005-4682 (Cross-site scripting (XSS) vulnerability in error.asp in AudienceView ...)
More information about the Secure-testing-commits
mailing list