[Secure-testing-commits] r8115 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Sat Feb 9 09:14:14 UTC 2008 

Author: joeyh
Date: 2008-02-09 09:14:11 +0000 (Sat, 09 Feb 2008)
New Revision: 8115

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-02-09 01:08:57 UTC (rev 8114)
+++ data/CVE/list	2008-02-09 09:14:11 UTC (rev 8115)
@@ -388,6 +388,7 @@
 CVE-2008-0472 (Cross-site request forgery (CSRF) vulnerability in modcp.php in ...)
 	NOT-FOR-US: Woltlab Burning Board
 CVE-2008-0471 (Cross-site request forgery (CSRF) vulnerability in privmsg.php in ...)
+	{DSA-1488-1}
 	- phpbb2 2.0.22-3 (low; bug #463589)
 CVE-2008-0470 (A certain ActiveX control in Comodo AntiVirus 2.0 allows remote ...)
 	NOT-FOR-US: Comodo AntiVirus
@@ -2128,8 +2129,10 @@
 CVE-2007-6354 (Unspecified vulnerability in exiftags before 1.01 has unknown impact ...)
 	- exiftags 1.01-0.1 (bug #457062)
 CVE-2007-6352 (Integer overflow in libexif 0.6.16 and earlier allows ...)
+	{DSA-1487-1}
 	- libexif 0.6.16-2.1 (medium; bug #457330)
 CVE-2007-6351 (libexif 0.6.16 and earlier allows context-dependent attackers to cause ...)
+	{DSA-1487-1}
 	- libexif 0.6.16-2.1 (low; bug #457330)
 CVE-2007-6349 (P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on ...)
 	NOT-FOR-US: P4Web
@@ -12101,6 +12104,7 @@
 CVE-2007-2646 (Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted ...)
 	NOT-FOR-US: yEnc32
 CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in ...)
+	{DSA-1487-1}
 	- libexif 0.6.15-1 (bug #424775)
 CVE-2007-2644 (A certain ActiveX control in Morovia Barcode ActiveX Professional ...)
 	NOT-FOR-US: Morovia
@@ -19021,10 +19025,13 @@
 CVE-2006-6842 (SQL injection vulnerability in admin/admin_acronyms.php in the Acronym ...)
 	NOT-FOR-US: Acronym Mod for phpBB2
 CVE-2006-6841 (Certain forms in phpBB before 2.0.22 lack session checks, which has ...)
+	{DSA-1488-1}
 	- phpbb2 2.0.21-6 (bug #405980)
 CVE-2006-6840 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact ...)
+	{DSA-1488-1}
 	- phpbb2 2.0.21-6 (bug #405980)
 CVE-2006-6839 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact ...)
+	{DSA-1488-1}
 	- phpbb2 2.0.21-6 (bug #405980)
 CVE-2006-6838 (Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to ...)
 	NOT-FOR-US: Rediff Bol Downloader ActiveX (OCX) control
@@ -19826,6 +19833,7 @@
 CVE-2006-6509 (Cross-site scripting (XSS) vulnerability in the skinning feature in ...)
 	NOT-FOR-US: SiteKiosk
 CVE-2006-6508 (Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows ...)
+	{DSA-1488-1}
 	NOTE: This is covered/duped by CVE-2006-6841
 	- phpbb2 2.0.21-6
 CVE-2006-6507 (Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass ...)
@@ -23721,6 +23729,7 @@
 CVE-2006-4759 (PunBB 1.2.12 does not properly handle an avatar directory pathname ...)
 	NOT-FOR-US: PunBB
 CVE-2006-4758 (phpBB 2.0.21 does not properly handle pathnames ending in %00, which ...)
+	{DSA-1488-1}
 	- phpbb2 2.0.21-4 (bug #388120; unimportant)
 	NOTE: Only exploitable by admins, which you'd need to trust
 CVE-2006-4757 (Multiple SQL injection vulnerabilities in the admin section in e107 ...)

More information about the Secure-testing-commits mailing list