[Secure-testing-commits] r5274 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Tue Jan 16 20:57:33 CET 2007
Author: stef-guest
Date: 2007-01-16 20:57:30 +0100 (Tue, 16 Jan 2007)
New Revision: 5274
Modified:
data/CVE/list
Log:
- new gosa issue fixed
- mediawiki fixed
- phpbb2 fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-16 19:02:39 UTC (rev 5273)
+++ data/CVE/list 2007-01-16 19:57:30 UTC (rev 5274)
@@ -1,3 +1,5 @@
+CVE-2007-XXXX [gosa unspecified issue]
+ - gosa 2.5.8-1
CVE-2007-XXXX [Denial of Service Vulnerabilities]
- squid 2.6.5-3 (low)
TODO: check if version 2.5.9-10sarge2 have comprimised code.
@@ -82,7 +84,7 @@
CVE-2007-0178 (PHP remote file inclusion vulnerability in info.php in Easy Banner Pro ...)
NOT-FOR-US: Easy Banner Pro
CVE-2007-0177 (Cross-site scripting (XSS) vulnerability in the AJAX module in ...)
- - mediawiki <unfixed> (bug #406238; medium)
+ - mediawiki 1.7.1-6 (bug #406238; medium)
NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721
CVE-2007-0176 (Cross-site scripting (XSS) vulnerability in search/advanced_search.php ...)
TODO: check
@@ -597,11 +599,11 @@
CVE-2006-6842 (SQL injection vulnerability in admin/admin_acronyms.php in the Acronym ...)
NOT-FOR-US: Acronym Mod for phpBB2
CVE-2006-6841 (Certain forms in phpBB before 2.0.22 lack session checks, which has ...)
- - phpbb2 <unfixed> (bug #405980)
+ - phpbb2 2.0.21-6 (bug #405980)
CVE-2006-6840 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact ...)
- - phpbb2 <unfixed> (bug #405980)
+ - phpbb2 2.0.21-6 (bug #405980)
CVE-2006-6839 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact ...)
- - phpbb2 <unfixed> (bug #405980)
+ - phpbb2 2.0.21-6 (bug #405980)
CVE-2006-6838 (Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to ...)
NOT-FOR-US: Rediff Bol Downloader ActiveX (OCX) control
CVE-2006-6837 (Multiple stack-based buffer overflows in the (1) LoadTree, (2) ...)
@@ -1629,7 +1631,7 @@
CVE-2006-6422 (Agileco AgileBill 1.4.x and AgileVoice 1.4.x do not properly handle ...)
NOT-FOR-US: AgileBill AgileVoice
CVE-2006-6421 (Cross-site scripting (XSS) vulnerability in the private message box ...)
- - phpbb2 <unfixed> (medium)
+ - phpbb2 2.0.21-6 (medium)
[sarge] - phpbb2 <not-affected>
CVE-2006-6420 (Multiple cross-site scripting (XSS) vulnerabilities in jce.php in the ...)
NOT-FOR-US: Joomla Content Editor (JCE)
More information about the Secure-testing-commits
mailing list