Author: jmm-guest Date: 2006-02-05 11:55:55 +0000 (Sun, 05 Feb 2006) New Revision: 3426 Modified: data/CVE/list Log: actually Firefox 1.0 and Mozilla suite 1.7 aren''t affected for most issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-02-05 11:48:35 UTC (rev 3425) +++ data/CVE/list 2006-02-05 11:55:55 UTC (rev 3426) @@ -591,25 +591,38 @@ CVE-2006-0300 RESERVED CVE-2006-0299 (The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ...) + [sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected) + - mozilla <not-affected> (E4X not implemented in Mozilla 1.7) - mozilla-firefox <unfixed> (bug #351442) - mozilla-thunderbird <unfixed> + NOTE: This does currently only affect experimental, 1.0.x are safe CVE-2006-0298 (The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before ...) + [sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected) + - mozilla <not-affected> (Mozilla 1.7 is not affected) - mozilla-firefox <unfixed> (bug #351442) + NOTE: This does currently only affect Firefox from experimental, 1.0.x are safe - mozilla-thunderbird <unfixed> CVE-2006-0297 (Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if ...) + [sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected) + - mozilla <not-affected> (Mozilla 1.7 is not affected) - mozilla-firefox <unfixed> (bug #351442) + NOTE: This does currently only affect Firefox from experimental, 1.0.x are safe - mozilla-thunderbird <unfixed> CVE-2006-0296 (The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, ...) + [sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected) - mozilla-firefox <unfixed> (bug #351442) - mozilla-thunderbird <unfixed> + - mozilla <not-affected> (Mozilla 1.7 is not affected) CVE-2006-0295 (Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, ...) - mozilla-firefox <unfixed> (bug #351442) + NOTE: This does currently only affect Firefox from experimental, 1.0.x are safe - mozilla-thunderbird <unfixed> CVE-2006-0294 (Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript ...) - mozilla-firefox <unfixed> (bug #351442) + NOTE: This does currently only affect Firefox from experimental, 1.0.x are safe [sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected) + - mozilla <not-affected> (Mozilla 1.7 is not affected) - mozilla-thunderbird <unfixed> - NOTE: This does currently only affect experimental, 1.0.x are safe CVE-2006-0293 (The function allocation code (js_NewFunction in jsfun.c) in Firefox ...) - mozilla-firefox <unfixed> (bug #351442) [sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected) @@ -2340,6 +2353,7 @@ NOT-FOR-US: SimpleBBS CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before ...) - mozilla-firefox <unfixed> (unimportant) + - mozilla <unfixed> (unimportant) NOTE: Not exploitable beyond a sluggish browser startup, see NOTE: http://www.mozilla.org/security/history-title.html CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web ...)