[Secure-testing-commits] r4880 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Tue Oct 24 20:54:11 UTC 2006


Author: stef-guest
Date: 2006-10-24 20:54:10 +0000 (Tue, 24 Oct 2006)
New Revision: 4880

Modified:
   data/CVE/list
Log:
- CVE-2006-5330: new flashplugin-nonfree issue (medium)
- CVE-2006-545[3-5]: new bugzilla issues (low)
- new drupal XSS and XSRF (low)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-10-24 20:15:36 UTC (rev 4879)
+++ data/CVE/list	2006-10-24 20:54:10 UTC (rev 4880)
@@ -1,5 +1,7 @@
 CVE-2006-XXXX [serendipity XSS for registered authors]
 	- serendipity 1.0.2-1 (low)
+CVE-2006-XXXX [drupal XSS and XSRF http://secunia.com/advisories/22486/]
+	- drupal <unfixed> (low)
 CVE-2006-5460 (** DISPUTED ** ...)
 	TODO: check
 CVE-2006-5459 (Multiple PHP remote file inclusion vulnerabilities in Download-Engine ...)
@@ -12,11 +14,11 @@
 	- graphicsmagick 1.1.7-9 (medium)
 	- imagemagick 7:6.2.4.5.dfsg1-0.11 (bug #393025)
 CVE-2006-5455 (Cross-site request forgery (CSRF) vulnerability in editversions.cgi in ...)
-	TODO: check
+	- bugzilla <unfixed> (bug filed; low)
 CVE-2006-5454 (Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before ...)
-	TODO: check
+	- bugzilla <unfixed> (bug filed; low)
 CVE-2006-5453 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x ...)
-	TODO: check
+	- bugzilla <unfixed> (bug filed; low)
 CVE-2006-5452 (Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX ...)
 	TODO: check
 CVE-2006-5451 (Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 ...)
@@ -267,7 +269,7 @@
 CVE-2006-5331
 	RESERVED
 CVE-2006-5330 (CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 for ...)
-	TODO: check
+	- flashplugin-nonfree <unfixed> (medium)
 CVE-2006-5329
 	RESERVED
 CVE-2006-5328 (OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and ...)




More information about the Secure-testing-commits mailing list