[Secure-testing-commits] r4756 - data/CVE

Joey Hess joeyh at costa.debian.org
Fri Sep 22 09:14:26 UTC 2006 

Author: joeyh
Date: 2006-09-22 09:14:25 +0000 (Fri, 22 Sep 2006)
New Revision: 4756

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-09-21 21:57:25 UTC (rev 4755)
+++ data/CVE/list	2006-09-22 09:14:25 UTC (rev 4756)
@@ -1,3 +1,7 @@
+CVE-2006-4925
+	RESERVED
+CVE-2006-4924
+	RESERVED
 CVE-2006-4923 (Cross-site scripting (XSS) vulnerability in search.php in eSyndiCat ...)
 	NOT-FOR-US: eSyndiCat Portal System
 CVE-2006-4922 (Unrestricted file upload vulnerability in ...)
@@ -951,7 +955,7 @@
 	NOT-FOR-US: ExBB Italia
 CVE-2006-4487 (DUware DUpoll 3.0 and 3.1 stores _private/Dupoll.mdb under the web ...)
 	NOT-FOR-US: DUpoll
-CVE-2006-4486 (Unspecified vulnerability in PHP before 5.1.6, when running on a ...)
+CVE-2006-4486 (Integer overflow in memory allocation routines in PHP before 5.1.6, ...)
 	- php5 5.1.6-1
 	- php4 4:4.4.4-1
 CVE-2006-4485 (The stripos function in PHP before 5.1.5 has unknown impact and attack ...)
@@ -2040,7 +2044,7 @@
 	NOT-FOR-US: Knusperleicht Guestbook
 CVE-2006-4007 (PHP remote file inclusion vulnerability in index.php in Knusperleicht ...)
 	NOT-FOR-US: Knusperleicht Faq
-CVE-2006-4006 (The do_gameinfo functionin BomberClone 0.11.6 and earlier, and ...)
+CVE-2006-4006 (The do_gameinfo function in BomberClone 0.11.6 and earlier, and ...)
 	{DSA-1780-1}
 	- bomberclone 0.11.7-1 (bug #382082; medium)
 CVE-2006-4005 (BomberClone 0.11.6 and earlier allows remote attackers to cause a ...)
@@ -3193,12 +3197,12 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2006-3510 (The Remote Data Service Object (RDS.DataControl) in Microsoft Internet ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3509
-	RESERVED
-CVE-2006-3508
-	RESERVED
-CVE-2006-3507
-	RESERVED
+CVE-2006-3509 (Integer overflow in the API for the AirPort wireless driver on Apple ...)
+	TODO: check
+CVE-2006-3508 (Heap-based buffer overflow in the AirPort wireless driver on Apple Mac ...)
+	TODO: check
+CVE-2006-3507 (Multiple stack-based buffer overflows in the AirPort wireless driver ...)
+	TODO: check
 CVE-2006-3506 (Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and ...)
 	NOT-FOR-US: Mac OS X
 CVE-2006-3505 (WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to ...)

More information about the Secure-testing-commits mailing list