diff options
| author | Alex de Oliveira Silva <enerve@gmail.com> | 2007-01-27 23:49:09 +0000 |
|---|---|---|
| committer | Alex de Oliveira Silva <enerve@gmail.com> | 2007-01-27 23:49:09 +0000 |
| commit | aad80f05228b1034f2b9a4b83d53cef40d988a47 (patch) | |
| tree | 6cf9c5325bfc40765dc19d21370dc06ceab386ee /data | |
| parent | d25a8329d5266bbf78ab6a32d56eafa775390231 (diff) | |
Mambo:
CVE-2006-1956 and CVE-2006-1957 solved.
Joomla:
NOTE: Joomla is a new package and the version 1.0.12-2 is not affected.
See http://ftp-master.debian.org/new.html.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5363 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 35 |
1 files changed, 18 insertions, 17 deletions
diff --git a/data/CVE/list b/data/CVE/list index ca847260f2..96f01226fc 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -6576,27 +6576,28 @@ CVE-2006-4478 (SQL injection vulnerability in headeruserdata.php in Visual Shape CVE-2006-4477 (Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ...) NOT-FOR-US: ezContents CVE-2006-4476 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-4475 (Joomla! before 1.0.11 does not limit access to the Admin Popups ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-4474 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> + NOTE: Joomla is a new package and the version 1.0.12-2 is not affected. CVE-2006-4473 (Unspecified vulnerability in com_content in Joomla! before 1.0.11, ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-4472 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-4471 (The Admin Upload Image functionality in Joomla! before 1.0.11 allows ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-4470 (Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-4469 (Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-4468 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-4467 (Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before ...) NOT-FOR-US: Simple Machines Forum CVE-2006-4466 (Joomla! before 1.0.11 does not properly unset variables when the input ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-4465 (** DISPUTED ** ...) NOT-FOR-US: Microsoft CVE-2006-4464 (The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, ...) @@ -8888,9 +8889,9 @@ CVE-2006-3483 (PHPMailList 1.8.0 stores sensitive information under the web docu CVE-2006-3482 (Cross-site scripting (XSS) vulnerability in maillist.php in ...) NOT-FOR-US: PHPMailList CVE-2006-3481 (Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-3480 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-3479 (Cross-site request forgery (CSRF) vulnerability in the del_block ...) NOT-FOR-US: Nuked-Klan CVE-2006-3478 (PHP remote file inclusion vulnerability in ...) @@ -10024,7 +10025,7 @@ CVE-2006-2962 (PHP remote file inclusion vulnerability in sql_fcnsOLD.php in ... CVE-2006-2961 (Stack-based buffer overflow in CesarFTP 0.99g and earlier allows ...) NOT-FOR-US: CesarFTP CVE-2006-2960 (PHP remote file inclusion vulnerability in includes/joomla.php in ...) - - joomla <itp> (bug #326398) + - joomla <not-affected> CVE-2006-2959 (SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 ...) NOT-FOR-US: Snitz Forum CVE-2006-2958 (Directory traversal vulnerability in FilZip 3.05 allows remote ...) @@ -12376,11 +12377,11 @@ CVE-2006-1959 (PHP remote file inclusion vulnerability in direct.php in ActualSc CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote ...) NOT-FOR-US: WWWThreads CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) - - mambo <unfixed> (bug #364769; medium) - - joomla <itp> (bug #326398) + - mambo 4.6.1-4 (bug #364769; medium) + - joomla <not-affected> CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) - - mambo <unfixed> (bug #364769; medium) - - joomla <itp> (bug #326398) + - mambo 4.6.1-4 (bug #364769; medium) + - joomla <not-affected> CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in Nicolas ...) NOT-FOR-US: RechnungsZentrale CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka ...) |