[Secure-testing-commits] r5363 - data/CVE

Alex de Oliveira Silva Sat, 27 Jan 2007 15:49:14 -0800

Author: enerv-guest
Date: 2007-01-28 00:49:09 +0100 (Sun, 28 Jan 2007)
New Revision: 5363


Modified:
   data/CVE/list
Log:
Mambo:
CVE-2006-1956 and CVE-2006-1957 solved.

Joomla:
NOTE: Joomla is a new package and the version 1.0.12-2 is not affected.
See http://ftp-master.debian.org/new.html.



Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-01-27 21:59:59 UTC (rev 5362)
+++ data/CVE/list       2007-01-27 23:49:09 UTC (rev 5363)
@@ -6576,27 +6576,28 @@
 CVE-2006-4477 (Multiple PHP remote file inclusion vulnerabilities in Visual 
Shapers ...)
        NOT-FOR-US: ezContents
 CVE-2006-4476 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, 
related ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-4475 (Joomla! before 1.0.11 does not limit access to the Admin Popups 
...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-4474 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 
before ...)
-       - joomla <itp> (bug #326398)
+        - joomla <not-affected>
+       NOTE: Joomla is a new package and the version 1.0.12-2 is not affected.
 CVE-2006-4473 (Unspecified vulnerability in com_content in Joomla! before 
1.0.11, ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-4472 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11 
allow ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-4471 (The Admin Upload Image functionality in Joomla! before 1.0.11 
allows ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-4470 (Joomla! before 1.0.11 omits some checks for whether _VALID_MOS 
is ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-4469 (Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 
allows ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-4468 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, 
related ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-4467 (Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x 
before ...)
        NOT-FOR-US: Simple Machines Forum
 CVE-2006-4466 (Joomla! before 1.0.11 does not properly unset variables when 
the input ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-4465 (** DISPUTED ** ...)
        NOT-FOR-US: Microsoft
 CVE-2006-4464 (The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd 
edition, ...)
@@ -8888,9 +8889,9 @@
 CVE-2006-3482 (Cross-site scripting (XSS) vulnerability in maillist.php in ...)
        NOT-FOR-US: PHPMailList
 CVE-2006-3481 (Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 
allow ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-3480 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 
before ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-3479 (Cross-site request forgery (CSRF) vulnerability in the 
del_block ...)
        NOT-FOR-US: Nuked-Klan
 CVE-2006-3478 (PHP remote file inclusion vulnerability in ...)
@@ -10024,7 +10025,7 @@
 CVE-2006-2961 (Stack-based buffer overflow in CesarFTP 0.99g and earlier 
allows ...)
        NOT-FOR-US: CesarFTP
 CVE-2006-2960 (PHP remote file inclusion vulnerability in includes/joomla.php 
in ...)
-       - joomla <itp> (bug #326398)
+       - joomla <not-affected>
 CVE-2006-2959 (SQL injection vulnerability in inc_header.asp in Snitz Forum 
3.4.05 ...)
        NOT-FOR-US: Snitz Forum
 CVE-2006-2958 (Directory traversal vulnerability in FilZip 3.05 allows remote 
...)
@@ -12376,11 +12377,11 @@
 CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow 
remote ...)
        NOT-FOR-US: WWWThreads
 CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! 
allows ...)
-       - mambo <unfixed> (bug #364769; medium)
-       - joomla <itp> (bug #326398)
+       - mambo 4.6.1-4 (bug #364769; medium)
+       - joomla <not-affected>
 CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! 
allows ...)
-       - mambo <unfixed> (bug #364769; medium)
-       - joomla <itp> (bug #326398)
+       - mambo 4.6.1-4 (bug #364769; medium)
+       - joomla <not-affected>
 CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in 
Nicolas ...)
        NOT-FOR-US: RechnungsZentrale
 CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer 
(aka ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r5363 - data/CVE

Reply via email to