Author: djoume-guest Date: 2005-02-22 15:23:58 +0100 (Tue, 22 Feb 2005) New Revision: 467 Modified: sarge-checks/CAN/list Log: * xerces bug number * claimed some CAN Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-02-22 14:22:27 UTC (rev 466) +++ sarge-checks/CAN/list 2005-02-22 14:23:58 UTC (rev 467) @@ -1,3 +1,4 @@ +begin claimed by djoume CAN-2005-0503 (uim before 0.4.5.1 trusts certain environment variables when libUIM is ...) TODO: check CAN-2005-0502 (Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows ...) @@ -78,6 +79,7 @@ TODO: check CAN-2004-1678 (Directory traversal vulnerability in pdesk.cgi in PerlDesk allows ...) TODO: check +end claimed by djoume CAN-2004-1677 (pdesk.cgi in PerlDesk allows remote attackers to gain sensitive ...) TODO: check CAN-2004-1676 (Heap-based buffer overflow in the image sending feature in Gadu-Gadu ...) @@ -290,7 +292,7 @@ CAN-2004-1576 (Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and ...) NOTE: not-for-us (Judge Dredd) CAN-2004-1575 (The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a ...) - - xerces25 (unfixed; bug filed) + - xerces25 (unfixed; bug #296432) NOTE: xerces24, xerces23, xerces22, xerces21 could also be concerned by this NOTE: I have noticed it in the bug report agains xerces25 -- Djoume CAN-2004-1574 (Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote ...)