[Secure-testing-commits] r4880 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Tue Oct 24 20:54:11 UTC 2006
Author: stef-guest
Date: 2006-10-24 20:54:10 +0000 (Tue, 24 Oct 2006)
New Revision: 4880
Modified:
data/CVE/list
Log:
- CVE-2006-5330: new flashplugin-nonfree issue (medium)
- CVE-2006-545[3-5]: new bugzilla issues (low)
- new drupal XSS and XSRF (low)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-24 20:15:36 UTC (rev 4879)
+++ data/CVE/list 2006-10-24 20:54:10 UTC (rev 4880)
@@ -1,5 +1,7 @@
CVE-2006-XXXX [serendipity XSS for registered authors]
- serendipity 1.0.2-1 (low)
+CVE-2006-XXXX [drupal XSS and XSRF http://secunia.com/advisories/22486/]
+ - drupal <unfixed> (low)
CVE-2006-5460 (** DISPUTED ** ...)
TODO: check
CVE-2006-5459 (Multiple PHP remote file inclusion vulnerabilities in Download-Engine ...)
@@ -12,11 +14,11 @@
- graphicsmagick 1.1.7-9 (medium)
- imagemagick 7:6.2.4.5.dfsg1-0.11 (bug #393025)
CVE-2006-5455 (Cross-site request forgery (CSRF) vulnerability in editversions.cgi in ...)
- TODO: check
+ - bugzilla <unfixed> (bug filed; low)
CVE-2006-5454 (Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before ...)
- TODO: check
+ - bugzilla <unfixed> (bug filed; low)
CVE-2006-5453 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x ...)
- TODO: check
+ - bugzilla <unfixed> (bug filed; low)
CVE-2006-5452 (Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX ...)
TODO: check
CVE-2006-5451 (Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 ...)
@@ -267,7 +269,7 @@
CVE-2006-5331
RESERVED
CVE-2006-5330 (CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 for ...)
- TODO: check
+ - flashplugin-nonfree <unfixed> (medium)
CVE-2006-5329
RESERVED
CVE-2006-5328 (OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and ...)
More information about the Secure-testing-commits
mailing list