Author: stef-guest Date: 2006-07-20 19:45:52 +0000 (Thu, 20 Jul 2006) New Revision: 4429 Modified: data/CVE/list Log: confirmed that CVE-2006-3731 seems to be a livehttpheaders issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-07-20 19:28:43 UTC (rev 4428) +++ data/CVE/list 2006-07-20 19:45:52 UTC (rev 4429) @@ -11,9 +11,10 @@ CVE-2006-3732 (Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...) NOT-FOR-US: CS-MARS CVE-2006-3731 (Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted ...) - NOTE: might be limited to LiveHTTPHeaders extension - - firefox <unfixed> - - mozilla-firefox <unfixed> + NOTE: couldn''t reproduce without livehttpheaders + NOTE: PoC: http://www.sfritsch.de/~stf/CVE-2006-3731.html + NOTE: might still be a firefox issue + - mozilla-livehttpheaders <unfixed> (bug filed; low) CVE-2006-3730 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...) NOT-FOR-US: MSIE CVE-2006-3729 (DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office ...)