Author: stef-guest
Date: 2006-09-18 17:38:04 +0000 (Mon, 18 Sep 2006)
New Revision: 4742
Modified:
data/CVE/list
Log:
- one more firefox issue fixed
- add some urgencies to browser issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-09-18 17:26:20 UTC (rev 4741)
+++ data/CVE/list 2006-09-18 17:38:04 UTC (rev 4742)
@@ -352,9 +352,9 @@
TODO: check
CVE-2006-4790 (verify.c in GnuTLS before 1.4.4, when using an RSA key with
exponent ...)
NOTE: GNUTLS-SA-2006-4
- - gnutls13 1.4.4-1 (medium)
- - gnutls12 <unfixed> (medium)
- - gnutls11 <unfixed> (medium)
+ - gnutls13 1.4.4-1 (high)
+ - gnutls12 <unfixed> (high)
+ - gnutls11 <unfixed> (high)
CVE-2006-XXXX [gnutls Adaptive Chosen Ciphertext Attack]
NOTE: GNUTLS-SA-2006-3 (withdrawn)
- gnutls13 1.4.3-1 (unimportant)
@@ -470,11 +470,11 @@
CVE-2006-4571
RESERVED
NOTE: MFSA-2006-64
- - mozilla <unfixed>
- - firefox 1.5.dfsg+1.5.0.7-1
- - thunderbird 1.5.0.7-1
- [sarge] - mozilla-firefox <unfixed>
- [sarge] - mozilla-thunderbird <unfixed>
+ - mozilla <unfixed> (high)
+ - firefox 1.5.dfsg+1.5.0.7-1 (high)
+ - thunderbird 1.5.0.7-1 (high)
+ [sarge] - mozilla-firefox <unfixed> (high)
+ [sarge] - mozilla-thunderbird <unfixed> (high)
CVE-2006-4570
RESERVED
NOTE: MFSA-2006-63
@@ -506,21 +506,21 @@
CVE-2006-4566
RESERVED
NOTE: MFSA-2006-57
- - mozilla <unfixed>
- - firefox 1.5.dfsg+1.5.0.7-1
- - thunderbird 1.5.0.7-1
- - xulrunner <unfixed>
- [sarge] - mozilla-firefox <unfixed>
- [sarge] - mozilla-thunderbird <unfixed>
+ - mozilla <unfixed> (high)
+ - firefox 1.5.dfsg+1.5.0.7-1 (high)
+ - thunderbird 1.5.0.7-1 (low)
+ - xulrunner <unfixed> (high)
+ [sarge] - mozilla-firefox <unfixed> (high)
+ [sarge] - mozilla-thunderbird <unfixed> (low)
CVE-2006-4565
RESERVED
NOTE: MFSA-2006-57
- - mozilla <unfixed>
- - firefox 1.5.dfsg+1.5.0.7-1
- - xulrunner <unfixed>
- - thunderbird 1.5.0.7-1
- [sarge] - mozilla-firefox <unfixed>
- [sarge] - mozilla-thunderbird <unfixed>
+ - mozilla <unfixed> (high)
+ - firefox 1.5.dfsg+1.5.0.7-1 (high)
+ - xulrunner <unfixed> (high)
+ - thunderbird 1.5.0.7-1 (low)
+ [sarge] - mozilla-firefox <unfixed> (high)
+ [sarge] - mozilla-thunderbird <unfixed> (low)
CVE-2006-4564 (SQL injection vulnerability in Sources/ManageBoards.php in
Simple ...)
NOT-FOR-US: Simple Machines Forum
CVE-2006-4563 (Cross-site scripting (XSS) vulnerability in the MyHeadlines
before ...)
@@ -1019,12 +1019,12 @@
CVE-2006-4340
RESERVED
NOTE: MFSA-2006-60, this is the similar to CVE-2006-4339
- - mozilla <unfixed>
- - firefox 1.5.dfsg+1.5.0.7-1
- - thunderbird 1.5.0.7-1
- - xulrunner <unfixed>
- [sarge] - mozilla-firefox <unfixed>
- [sarge] - mozilla-thunderbird <unfixed>
+ - mozilla <unfixed> (high)
+ - firefox 1.5.dfsg+1.5.0.7-1 (high)
+ - thunderbird 1.5.0.7-1 (high)
+ - xulrunner <unfixed> (high)
+ [sarge] - mozilla-firefox <unfixed> (high)
+ [sarge] - mozilla-thunderbird <unfixed> (high)
CVE-2006-4339 (OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before
0.9.8c, ...)
{DSA-1774-1 DSA-1773-1}
- openssl 0.9.8b-3 (medium)
@@ -1217,13 +1217,13 @@
NOT-FOR-US: IBM AIX
CVE-2006-4253 (Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to
cause a ...)
NOTE: MFSA-2006-59
- - xulrunner <unfixed>
- - firefox <unfixed>
- - mozilla <unfixed>
- - mozilla-firefox <removed>
- [sarge] - mozilla <unfixed>
- [sarge] - mozilla-thunderbird <unfixed>
- - thunderbird 1.5.0.7-1
+ - xulrunner <unfixed> (high)
+ - firefox 1.5.dfsg+1.5.0.7-1 (high)
+ - mozilla <unfixed> (high)
+ - mozilla-firefox <removed> (high)
+ [sarge] - mozilla <unfixed> (high)
+ [sarge] - mozilla-thunderbird <unfixed> (low)
+ - thunderbird 1.5.0.7-1 (low)
CVE-2006-4252
RESERVED
CVE-2006-4251