[Secure-testing-commits] r3630 - data/CVE

Moritz Muehlenhoff Thu, 16 Mar 2006 08:36:43 -0800

Author: jmm-guest
Date: 2006-03-16 16:36:06 +0000 (Thu, 16 Mar 2006)
New Revision: 3630


Modified:
   data/CVE/list
Log:
unzip issue is a non-issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-03-16 16:23:20 UTC (rev 3629)
+++ data/CVE/list       2006-03-16 16:36:06 UTC (rev 3630)
@@ -1921,7 +1921,8 @@
 CVE-2006-0419 (BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, 
and 7.0 ...)
        NOT-FOR-US: BEA WebLogic
 CVE-2005-4667 (Buffer overflow in UnZip 5.50 and earlier allows user-complicit 
...)
-       - unzip 5.52-7 (low; bug #349794)
+       - unzip 5.52-7 (unimportant; bug #349794)
+       NOTE: Overflow can only be triggered, not setuid
 CVE-2006-0418 (Eval injection vulnerability in 123 Flash Chat Server 5.0 and 
5.1 ...)
        NOT-FOR-US: 123 Flash Chat Server
 CVE-2006-0417 (SQL injection vulnerability in login.php in miniBloggie 1.0 and 
...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3630 - data/CVE

Reply via email to