[Secure-testing-commits] r5013 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Mon Nov 27 21:47:55 CET 2006
Author: stef-guest
Date: 2006-11-27 21:47:54 +0100 (Mon, 27 Nov 2006)
New Revision: 5013
Modified:
data/CVE/list
Log:
- CVE-2006-5823, CVE-2006-6128: new linux issues
- CVE-2006-6122: new tin issue already fixed
- CVE-2006-5869: new pstotext issue already fixed
- some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-11-27 20:15:17 UTC (rev 5012)
+++ data/CVE/list 2006-11-27 20:47:54 UTC (rev 5013)
@@ -1,5 +1,5 @@
CVE-2006-XXXX [tikiwiki script insertion vulnerability]
- - tikiwiki 1.9.7+dfsg-1
+ - tikiwiki 1.9.7+dfsg-1 (low)
CVE-2006-XXXX [several security issues in phpmyadmin]
- phpmyadmin 4:2.9.1.1-1 (bug #399329)
NOTE: PMASA-2006-7, PMASA-2006-8, PMASA-2006-9
@@ -10,43 +10,43 @@
CVE-2006-XXXX [arbitrary code execution in metaInfo.php in torrentflux]
- torrentflux <unfixed> (bug #400582; medium)
CVE-2006-6129 (Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2006-6128 (The ReiserFS functionality in Linux kernel 2.6.18, and possibly other ...)
- TODO: check
+ - linux-2.6 <unfixed> (low)
CVE-2006-6127 (Apple Mac OS X kernel allows local users to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2006-6126 (Apple Mac OS X allows local users to cause a denial of service (memory ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2006-6125 (Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) ...)
- TODO: check
+ NOT-FOR-US: NetGear
CVE-2006-6124 (Cross-site scripting (XSS) vulnerability in SeleniumServer Web Server ...)
- TODO: check
+ NOT-FOR-US: SeleniumServer Web Server
CVE-2006-6123 (Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals ...)
- TODO: check
+ NOT-FOR-US: Coppermine Photo Gallery (CPG)
CVE-2006-6122 (Multiple buffer overflows in TIN before 1.8.2 have unspecified impact ...)
- TODO: check
+ - tin 1:1.8.2-1
CVE-2006-6121 (Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Acer
CVE-2006-6120
RESERVED
CVE-2006-6119 (mmgallery 1.55 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: mmgallery
CVE-2006-6118 (Cross-site scripting (XSS) vulnerability in thumbs.php in mmgallery ...)
- TODO: check
+ NOT-FOR-US: mmgallery
CVE-2006-6117 (SQL injection vulnerability in index1.asp in fipsGallery 1.5 and ...)
- TODO: check
+ NOT-FOR-US: fipsGallery
CVE-2006-6116 (SQL injection vulnerability in default2.asp in fipsForum 2.6 and ...)
- TODO: check
+ NOT-FOR-US: fipsForum
CVE-2006-6115 (SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier ...)
- TODO: check
+ NOT-FOR-US: fipsCMS
CVE-2006-6114 (Buffer overflow in NWSPOOL.DLL in Novell Client 4.91 Post-SP3 for ...)
- TODO: check
+ NOT-FOR-US: Novell
CVE-2006-6113
RESERVED
CVE-2006-6112
RESERVED
CVE-2006-6111 (Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro 2.0 ...)
- TODO: check
+ NOT-FOR-US: Alan Ward A-Cart Pro
CVE-2006-6110 (Multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech ...)
TODO: check
CVE-2006-6109 (Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 ...)
@@ -548,7 +548,7 @@
CVE-2006-5870
RESERVED
CVE-2006-5869 (pstotext before 1.9 allows user-assisted attackers to execute ...)
- TODO: check
+ - pstotext 1.9-4
CVE-2006-5868 (Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 ...)
{DSA-1213}
- imagemagick 7:6.2.4.5.dfsg1-0.11
@@ -640,7 +640,7 @@
CVE-2006-5824 (Integer overflow in the ffs_rdextattr function in FreeBSD 6.1 allows ...)
TODO: check
CVE-2006-5823 (The zlib_inflate function in Linux kernel 2.6.x allows local users to ...)
- TODO: check
+ - linux-2.6 <unfixed>
CVE-2006-5822
RESERVED
CVE-2006-5821 (Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ...)
More information about the Secure-testing-commits
mailing list