Author: jmm-guest
Date: 2007-05-16 17:25:47 +0000 (Wed, 16 May 2007)
New Revision: 5845
Modified:
data/CVE/list
Log:
new kernel issue
elinks no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-16 09:14:15 UTC (rev 5844)
+++ data/CVE/list 2007-05-16 17:25:47 UTC (rev 5845)
@@ -1,3 +1,5 @@
+CVE-2006-7203 [mount compat local DoS]
+ - linux-2.6 <unfixed> (low)
CVE-2007-2588 (Multiple buffer overflows in the Office Viewer OCX ActiveX
control ...)
NOT-FOR-US: Office Viewer OCX ActiveX
CVE-2007-2587 (The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote
...)
@@ -1208,6 +1210,9 @@
- freeradius <unfixed> (low)
CVE-2007-2027 (Untrusted search path vulnerability in the
add_filename_to_string ...)
- elinks 0.11.1-1.4 (bug #417789; low)
+ [sarge] - elinks <no-dsa> (Hardly exploitable)
+ [etch] - elinks <no-dsa> (Hardly exploitable)
+ NOTE: Unrealistic attack vector, no evidence code injection is possible
CVE-2007-2026 (The gnu regular expression code in file 4.20 allows
context-dependent ...)
- file <unfixed> (low)
[sarge] - file <not-affected> (version too old)
@@ -18804,7 +18809,7 @@
CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash
(segmentation ...)
- php4 <unfixed> (bug #361854; unimportant)
- php5 <unfixed> (bug #361917; unimportant)
- [sarge] - php4 <no-dsa> (there are easier ways to segfault your own
program)
+ [sarge] - php4 <no-dsa> (there are easier ways to segfault your own
program)
CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier,
and 7.0 ...)
NOT-FOR-US: BEA WebLogic
CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier,
and 7.0 ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
