Author: joeyh
Date: 2006-04-26 21:14:41 +0000 (Wed, 26 Apr 2006)
New Revision: 3883
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-04-26 21:05:01 UTC (rev 3882)
+++ data/CVE/list 2006-04-26 21:14:41 UTC (rev 3883)
@@ -586,6 +586,7 @@
CVE-2006-1743 (Multiple SQL injection vulnerabilities in form.php in JBook 1.4
allow ...)
NOT-FOR-US: JBook
CVE-2006-1742 (The JavaScript engine in Mozilla Firefox and Thunderbird 1.x
before ...)
+ {DSA-1044-1}
- firefox <unfixed> (medium)
- mozilla-firefox <unfixed> (medium)
- mozilla-browser <unfixed> (medium)
@@ -594,70 +595,82 @@
NOTE: The Mozilla Foundation labels this as "critical", but
it''s not
NOTE: clear if this bug is exploitable.
CVE-2006-1741 (Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla
Suite ...)
+ {DSA-1044-1}
- firefox <unfixed> (medium)
- mozilla-firefox <unfixed> (medium)
- mozilla-browser <unfixed> (medium)
- thunderbird <unfixed> (low)
- mozilla-thunderbird <unfixed> (low)
CVE-2006-1740 (Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla
Suite ...)
+ {DSA-1044-1}
- firefox <unfixed> (low)
- mozilla-firefox <unfixed> (low)
- mozilla-browser <unfixed> (low)
- thunderbird <unfixed> (low)
- mozilla-thunderbird <unfixed> (low)
CVE-2006-1739 (The CSS border-rendering code in Mozilla Firefox and Thunderbird
1.x ...)
+ {DSA-1044-1}
- firefox <unfixed> (medium)
- mozilla-firefox <unfixed> (medium)
- mozilla-browser <unfixed> (medium)
- thunderbird <unfixed> (low)
- mozilla-thunderbird <unfixed> (low)
CVE-2006-1738 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x
...)
+ {DSA-1044-1}
- firefox <unfixed> (medium)
- mozilla-firefox <unfixed> (medium)
- mozilla-browser <unfixed> (medium)
- thunderbird <unfixed> (low)
- mozilla-thunderbird <unfixed> (low)
CVE-2006-1737 (Integer overflow in Mozilla Firefox and Thunderbird 1.x before
1.5 and ...)
+ {DSA-1044-1}
- firefox <unfixed> (medium)
- mozilla-firefox <unfixed> (medium)
- mozilla-browser <unfixed> (medium)
- thunderbird <unfixed> (low)
- mozilla-thunderbird <unfixed> (low)
CVE-2006-1736 (Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla
Suite ...)
+ {DSA-1044-1}
- firefox <unfixed> (low)
- mozilla-firefox <unfixed> (low)
- mozilla-browser <unfixed> (low)
CVE-2006-1735 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before
1.0.8, ...)
+ {DSA-1044-1}
- firefox <unfixed> (high)
- mozilla-firefox <unfixed> (high)
- mozilla-browser <unfixed> (high)
- thunderbird <unfixed> (medium)
- mozilla-thunderbird <unfixed> (medium)
CVE-2006-1734 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before
1.0.8, ...)
+ {DSA-1044-1}
- firefox <unfixed> (high)
- mozilla-firefox <unfixed> (high)
- mozilla-browser <unfixed> (high)
- thunderbird <unfixed> (medium)
- mozilla-thunderbird <unfixed> (medium)
CVE-2006-1733 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before
1.0.8, ...)
+ {DSA-1044-1}
- firefox <unfixed> (high)
- mozilla-firefox <unfixed> (high)
- mozilla-browser <unfixed> (high)
- thunderbird <unfixed> (medium)
- mozilla-thunderbird <unfixed> (medium)
CVE-2006-1732 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x
...)
+ {DSA-1044-1}
- firefox <unfixed> (medium)
- mozilla-firefox <unfixed> (medium)
- mozilla-browser <unfixed> (medium)
- thunderbird <unfixed> (low)
- mozilla-thunderbird <unfixed> (low)
CVE-2006-1731 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before
1.0.8, ...)
+ {DSA-1044-1}
- firefox <unfixed> (medium)
- mozilla-firefox <unfixed> (medium)
- mozilla-browser <unfixed> (medium)
- thunderbird <unfixed> (low)
- mozilla-thunderbird <unfixed> (low)
CVE-2006-1730 (Integer overflow in Mozilla Firefox and Thunderbird 1.x before
1.5.0.2 ...)
+ {DSA-1044-1}
- firefox 1.5.dfsg+1.5.0.2-1 (high)
- mozilla-firefox <unfixed> (high)
- mozilla-browser <unfixed> (high)
@@ -666,17 +679,20 @@
NOTE: MFSA2006-22 says that it is not clear whether Thunderbird is
NOTE: exploitable in the default configuration.
CVE-2006-1729 (Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8,
Mozilla ...)
+ {DSA-1044-1}
- firefox 1.5.dfsg+1.5.0.2-1 (medium)
- mozilla-firefox <unfixed> (medium)
- mozilla-browser <unfixed> (medium)
NOTE: Can likely be used to steal OpenSSH keys and the like.
CVE-2006-1728 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x
...)
+ {DSA-1044-1}
- firefox 1.5.dfsg+1.5.0.2-1 (high)
- mozilla-firefox <unfixed> (high)
- mozilla-browser <unfixed> (high)
- thunderbird <unfixed> (medium)
- mozilla-thunderbird <unfixed> (medium)
CVE-2006-1727 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x
...)
+ {DSA-1044-1}
- firefox 1.5.dfsg+1.5.0.2-1 (medium)
- mozilla-firefox <unfixed> (medium)
- mozilla-browser <unfixed> (medium)
@@ -2949,12 +2965,14 @@
CVE-2006-0750 (SQL injection vulnerability in index.php in supersmashbrothers
(SSB) ...)
TODO: check
CVE-2006-0749 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before
1.0.8, ...)
+ {DSA-1044-1}
- firefox <unfixed> (low)
- mozilla-firefox <unfixed> (low)
- mozilla-browser <unfixed> (low)
- thunderbird <unfixed> (low)
- mozilla-thunderbird <unfixed> (low)
CVE-2006-0748 (Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x
before ...)
+ {DSA-1044-1}
- firefox 1.5.dfsg+1.5.0.2-1 (high)
- mozilla-firefox <unfixed> (high)
- mozilla-browser <unfixed> (high)
@@ -4126,6 +4144,7 @@
- mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
- mozilla-thunderbird <unfixed>
CVE-2006-0292 (The Javascript interpreter (jsinterp.c) in Mozilla and Firefox
before ...)
+ {DSA-1044-1}
- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
- mozilla-firefox <unfixed> (bug #351442)
- mozilla-thunderbird <unfixed>
@@ -5868,6 +5887,7 @@
CVE-2005-4135 (Direct static code injection vulnerability in
includes/newtopic.php in ...)
NOT-FOR-US: SimpleBBS
CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before
...)
+ {DSA-1044-1}
- mozilla-firefox <unfixed> (unimportant)
- mozilla <unfixed> (unimportant)
NOTE: Not exploitable beyond a sluggish browser startup, see