thr3ads.net - Secure testing commits - [Secure-testing-commits] r4756

If this information is useful, please help other people find it:
Share via:

Joey Hess

2006-Sep-22 09:14 UTC

[Secure-testing-commits] r4756 - data/CVE

Author: joeyh
Date: 2006-09-22 09:14:25 +0000 (Fri, 22 Sep 2006)
New Revision: 4756

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-09-21 21:57:25 UTC (rev 4755)
+++ data/CVE/list	2006-09-22 09:14:25 UTC (rev 4756)
@@ -1,3 +1,7 @@
+CVE-2006-4925
+	RESERVED
+CVE-2006-4924
+	RESERVED
 CVE-2006-4923 (Cross-site scripting (XSS) vulnerability in search.php in
eSyndiCat ...)
 	NOT-FOR-US: eSyndiCat Portal System
 CVE-2006-4922 (Unrestricted file upload vulnerability in ...)
@@ -951,7 +955,7 @@
 	NOT-FOR-US: ExBB Italia
 CVE-2006-4487 (DUware DUpoll 3.0 and 3.1 stores _private/Dupoll.mdb under the
web ...)
 	NOT-FOR-US: DUpoll
-CVE-2006-4486 (Unspecified vulnerability in PHP before 5.1.6, when running on a
...)
+CVE-2006-4486 (Integer overflow in memory allocation routines in PHP before
5.1.6, ...)
 	- php5 5.1.6-1
 	- php4 4:4.4.4-1
 CVE-2006-4485 (The stripos function in PHP before 5.1.5 has unknown impact and
attack ...)
@@ -2040,7 +2044,7 @@
 	NOT-FOR-US: Knusperleicht Guestbook
 CVE-2006-4007 (PHP remote file inclusion vulnerability in index.php in
Knusperleicht ...)
 	NOT-FOR-US: Knusperleicht Faq
-CVE-2006-4006 (The do_gameinfo functionin BomberClone 0.11.6 and earlier, and
...)
+CVE-2006-4006 (The do_gameinfo function in BomberClone 0.11.6 and earlier, and
...)
 	{DSA-1780-1}
 	- bomberclone 0.11.7-1 (bug #382082; medium)
 CVE-2006-4005 (BomberClone 0.11.6 and earlier allows remote attackers to cause
a ...)
@@ -3193,12 +3197,12 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2006-3510 (The Remote Data Service Object (RDS.DataControl) in Microsoft
Internet ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-3509
-	RESERVED
-CVE-2006-3508
-	RESERVED
-CVE-2006-3507
-	RESERVED
+CVE-2006-3509 (Integer overflow in the API for the AirPort wireless driver on
Apple ...)
+	TODO: check
+CVE-2006-3508 (Heap-based buffer overflow in the AirPort wireless driver on
Apple Mac ...)
+	TODO: check
+CVE-2006-3507 (Multiple stack-based buffer overflows in the AirPort wireless
driver ...)
+	TODO: check
 CVE-2006-3506 (Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7
and ...)
 	NOT-FOR-US: Mac OS X
 CVE-2006-3505 (WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote
attackers to ...)

Secure testing commits - Sep 2006 - r4756 - data/CVE

[Secure-testing-commits] r4756 - data/CVE