Author: jmm-guest Date: 2006-04-23 10:43:00 +0000 (Sun, 23 Apr 2006) New Revision: 3855 Modified: data/CVE/list Log: ecartis fixed new moin issue first libcgi-session-perl was partially imcomplete Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-23 10:22:49 UTC (rev 3854) +++ data/CVE/list 2006-04-23 10:43:00 UTC (rev 3855) @@ -1,3 +1,5 @@ +CVE-2006-XXXX [moinmoin XSS] + - moin 1.5.3-1 CVE-2006-1976 (Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer ...) TODO: check CVE-2006-1975 (Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in ...) @@ -1671,7 +1673,7 @@ CVE-2006-1280 (CGI::Session 4.03-1 does not set proper permissions on temporary files ...) - libcgi-session-perl 4.07-1 (bug #356555) CVE-2006-1279 (CGI::Session 4.03-1 allows local users to overwrite arbitrary files ...) - - libcgi-session-perl 4.07-1 (bug #356555) + - libcgi-session-perl 4.11-1 (bug #356555) CVE-2006-1278 (SQL injection vulnerability in @1 File Store 2006.03.07 allows remote ...) NOT-FOR-US: @1 File Store CVE-2006-1277 (Cross-site scripting (XSS) vulnerability in signup.php in @1 File ...) @@ -3897,7 +3899,7 @@ CVE-2006-0333 (Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote ...) NOT-FOR-US: ar-blog CVE-2006-0332 (Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments ...) - - ecartis <unfixed> (medium; bug #348824) + - ecartis 1.0.0+cvs.20030911-11 (medium; bug #348824) NOTE: Sarge and Woody are affected CVE-2006-0331 (Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin ...) NOT-FOR-US: Squirrelmail plugin