[Secure-testing-commits] r5845 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Wed May 16 17:25:48 UTC 2007
Author: jmm-guest
Date: 2007-05-16 17:25:47 +0000 (Wed, 16 May 2007)
New Revision: 5845
Modified:
data/CVE/list
Log:
new kernel issue
elinks no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-16 09:14:15 UTC (rev 5844)
+++ data/CVE/list 2007-05-16 17:25:47 UTC (rev 5845)
@@ -1,3 +1,5 @@
+CVE-2006-7203 [mount compat local DoS]
+ - linux-2.6 <unfixed> (low)
CVE-2007-2588 (Multiple buffer overflows in the Office Viewer OCX ActiveX control ...)
NOT-FOR-US: Office Viewer OCX ActiveX
CVE-2007-2587 (The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote ...)
@@ -1208,6 +1210,9 @@
- freeradius <unfixed> (low)
CVE-2007-2027 (Untrusted search path vulnerability in the add_filename_to_string ...)
- elinks 0.11.1-1.4 (bug #417789; low)
+ [sarge] - elinks <no-dsa> (Hardly exploitable)
+ [etch] - elinks <no-dsa> (Hardly exploitable)
+ NOTE: Unrealistic attack vector, no evidence code injection is possible
CVE-2007-2026 (The gnu regular expression code in file 4.20 allows context-dependent ...)
- file <unfixed> (low)
[sarge] - file <not-affected> (version too old)
@@ -18804,7 +18809,7 @@
CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation ...)
- php4 <unfixed> (bug #361854; unimportant)
- php5 <unfixed> (bug #361917; unimportant)
- [sarge] - php4 <no-dsa> (there are easier ways to segfault your own program)
+ [sarge] - php4 <no-dsa> (there are easier ways to segfault your own program)
CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 ...)
NOT-FOR-US: BEA WebLogic
CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...)
More information about the Secure-testing-commits
mailing list