Author: alec-guest Date: 2006-05-22 19:59:37 +0000 (Mon, 22 May 2006) New Revision: 4047 Modified: data/CVE/list Log: cross-domain cookie sharing in mozilla-based browsers and konqueror (low); never fixed, possibly wontfix Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-22 17:25:24 UTC (rev 4046) +++ data/CVE/list 2006-05-22 19:59:37 UTC (rev 4047) @@ -4809,9 +4809,13 @@ CVE-2005-4686 (PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes ...) NOT-FOR-US: PunBB CVE-2005-4685 (Firefox and Mozilla can associate a cookie with multiple domains when ...) - TODO: check + NOTE: see CVE-2005-4684 + - firefox <unfixed> (low) + - mozilla <unfixed> (low) + - xulrunner <unfixed> (low) CVE-2005-4684 (Konqueror can associate a cookie with multiple domains when the DNS ...) - TODO: check + NOTE: http://cvs.fedora.redhat.com/viewcvs/fedora-security/audit/fc5?root=fedora&rev=1.172&view=markup says "ignore (kdebase) not fixed upstream, low, can''t fix" + - kdebase <unfixed> (low) CVE-2005-4683 (PADL MigrationTools 46, when a failure occurs, stores contents of ...) - migrationtools 46-2.1 (bug #338920; medium) CVE-2005-4682 (Cross-site scripting (XSS) vulnerability in error.asp in AudienceView ...)