Author: jmm-guest Date: 2006-09-07 20:16:14 +0000 (Thu, 07 Sep 2006) New Revision: 4697 Modified: data/CVE/list Log: more php not-affected/no-dsa as researched by Sean Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-09-07 17:37:32 UTC (rev 4696) +++ data/CVE/list 2006-09-07 20:16:14 UTC (rev 4697) @@ -78,19 +78,21 @@ - php4 4:4.4.4-1 CVE-2006-4485 (The stripos function in PHP before 5.1.5 has unknown impact and attack ...) - php5 5.1.6-1 - - php4 4:4.4.4-1 + - php4 <not-affected> (Vulnerable function doesn''t exist) CVE-2006-4484 (Buffer overflow in the LWZReadByte_ function in ...) - libgd2 <unfixed> (medium; bug #384838) - xloadimage <unfixed> (low; bug #384841) CVE-2006-4483 (The cURL extension files (1) ext/curl/interface.c and (2) ...) - php5 5.1.6-1 (low) - php4 4:4.4.4-1 (low) + [sarge] - php4 <no-dsa> (Safe mode violations not supported, insufficient measure) CVE-2006-4482 (Multiple heap-based buffer overflows in the (1) str_repeat and (2) ...) - php5 5.1.6-1 (low) - php4 4:4.4.4-1 (low) CVE-2006-4481 (The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 ...) - php5 5.1.6-1 (low) - php4 4:4.4.4-1 (low) + [sarge] - php4 <no-dsa> (Basedir violations not supported, insufficient measure) CVE-2006-4480 (Incomplete blacklist vulnerability in the nk_CSS function in nuked.php ...) NOT-FOR-US: Nuked-Klan CVE-2006-4479 (Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual ...)