diff options
author | Michael Gilbert <mgilbert@debian.org> | 2013-07-03 00:32:25 +0000 |
---|---|---|
committer | Michael Gilbert <mgilbert@debian.org> | 2013-07-03 00:32:25 +0000 |
commit | fc6370c679f61fa3013e034277264bd5aa5adfbf (patch) | |
tree | a1e0b96c91dcf41ae97bf7b1cd4dbf105f4d0d24 /data/CVE/list.2006 | |
parent | dbd84190d25b417818dbcca3673b10a669654b9a (diff) |
tiff3 triage
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@22826 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/CVE/list.2006')
-rw-r--r-- | data/CVE/list.2006 | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/data/CVE/list.2006 b/data/CVE/list.2006 index f8bbf7f940..60d0c5d3a3 100644 --- a/data/CVE/list.2006 +++ b/data/CVE/list.2006 @@ -8480,24 +8480,31 @@ CVE-2006-3466 CVE-2006-3465 (Unspecified vulnerability in the custom tag support for the TIFF ...) {DSA-1137-1} - tiff 3.8.2-6 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-3464 (TIFF library (libtiff) before 3.8.2 allows context-dependent attackers ...) {DSA-1137-1} - tiff 3.8.2-6 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-3463 (The EstimateStripByteCounts function in TIFF library (libtiff) before ...) {DSA-1137-1} - tiff 3.8.2-6 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-3462 (Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library ...) {DSA-1137-1} - tiff 3.8.2-6 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-3461 (Heap-based buffer overflow in the PixarLog decoder in the TIFF library ...) {DSA-1137-1} - tiff 3.8.2-6 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-3460 (Heap-based buffer overflow in the JPEG decoder in the TIFF library ...) {DSA-1137-1} - tiff 3.8.2-6 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-3459 (Multiple stack-based buffer overflows in the TIFF library (libtiff) ...) {DSA-1137-1} - tiff 3.8.2-6 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-3486 (** DISPUTED ** ...) - mysql-dfsg-5.0 5.0.22-4 (unimportant; bug #378102) [sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable code not present) @@ -10347,6 +10354,7 @@ CVE-2006-2659 (libs/comverp.c in Courier MTA before 0.53.2 allows attackers to c CVE-2006-2656 (Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 ...) {DSA-1091-1} - tiff 3.8.2-3 (bug #369819; low) + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-2643 (Cross-site scripting (XSS) vulnerability in index.php in Monster Top ...) NOT-FOR-US: Monster Top List CVE-2006-2642 (** UNVERIFIABLE ** ...) @@ -11334,6 +11342,7 @@ CVE-2006-2194 (The winbind plugin in pppd for ppp 2.4.4 and earlier does not che CVE-2006-2193 (Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff ...) {DSA-1091-1} - tiff 3.8.2-4 (bug #371064; bug #370355; medium) + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-2191 (** DISPUTED ** ...) - mailman <unfixed> (unimportant) NOTE: not exploitable @@ -11485,6 +11494,7 @@ CVE-2006-2121 (PHP remote file include vulnerability in admin/config_settings.tp CVE-2006-2120 (The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers ...) {DSA-1078-1} - tiff 3.8.1 (bug #366588; medium) + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-2119 (PHP remote file inclusion vulnerability in event/index.php in Artmedic ...) NOT-FOR-US: Artmedic CVE-2006-2118 (JMK's Picture Gallery allows remote attackers to bypass authentication ...) @@ -11694,16 +11704,19 @@ CVE-2006-2026 (Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 a [sarge] - tiff 3.7.2-3sarge1 [woody] - tiff 3.5.5-7woody1 - tiff 3.8.1 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-2025 (Integer overflow in the TIFFFetchData function in tif_dirread.c for ...) {DSA-1054-1} [sarge] - tiff 3.7.2-3sarge1 [woody] - tiff 3.5.5-7woody1 - tiff 3.8.1 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-2024 (Multiple vulnerabilities in libtiff before 3.8.1 allow ...) {DSA-1054-1} [sarge] - tiff 3.7.2-3sarge1 [woody] - tiff 3.5.5-7woody1 - tiff 3.8.1 + - tiff3 <not-affected> (fixed prior to initial upload) CVE-2006-2023 (Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c ...) NOT-FOR-US: Fenice CVE-2006-2022 (Buffer overflow in the parse_url function in the RTSP module ...) @@ -15488,6 +15501,7 @@ CVE-2006-0406 (search.php in MyBB 1.0.2 allows remote attackers to obtain sensit NOT-FOR-US: MyBB (aka MyBulletinBoard) CVE-2006-0405 (The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 ...) - tiff 3.8.0-2 (bug #350715) + - tiff3 <not-affected> (fixed prior to initial upload) [sarge] - tiff <not-affected> (Vulnerability was introduced later) [woody] - tiff <not-affected> (Vulnerability was introduced later) CVE-2006-0404 (Note-A-Day Weblog 2.2 stores sensitive data under the web document ...) |