Author: seanius Date: 2006-08-28 07:15:27 +0000 (Mon, 28 Aug 2006) New Revision: 4646 Modified: data/CVE/list Log: a few more no-dsa''s Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-08-28 06:43:08 UTC (rev 4645) +++ data/CVE/list 2006-08-28 07:15:27 UTC (rev 4646) @@ -6689,6 +6689,7 @@ CVE-2006-1490 (PHP before 5.1.3-RC1 might allow remote attackers to obtain portions ...) - php5 5.1.4-0.1 (bug #359907; low) - php4 4:4.4.2-1.1 (bug #359904; low) + [sarge] - php4 <no-dsa> (Application''s responsibility to sanitize input) CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the ...) NOT-FOR-US: ActiveCampaign SupportTrio CVE-2006-1487 (Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio ...) @@ -7760,13 +7761,11 @@ CVE-2006-1015 (Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x ...) - php5 5.1.4-0.1 (bug #368595; low) - php4 <unfixed> (bug #368592; low) - NOTE: is this really a vulnerability in php? it seems it should be a bug - NOTE: in any application that doesn''t check input before passing it along. + [sarge] - php4 <no-dsa> (Application''s job to sanitize input) CVE-2006-1014 (Argument injection vulnerability in certain PHP 4.x and 5.x ...) - php5 5.1.4-0.1 (bug #368595; low) - php4 <unfixed> (bug #368592; low) - NOTE: is this really a vulnerability in php? it seems it should be a bug - NOTE: in any application that doesn''t check input before passing it along. + [sarge] - php4 <no-dsa> (Application''s job to sanitize input) CVE-2006-1013 (PHP remote file include vulnerability in index.php in SMartBlog (aka ...) NOT-FOR-US: SMartBlog CVE-2006-1012 (SQL injection vulnerability in WordPress 1.5.2, and possibly other ...)