Author: fw Date: 2006-12-25 11:02:26 +0100 (Mon, 25 Dec 2006) New Revision: 5169 Modified: data/CVE/list Log: CVE-2006-6625, CVE-2006-6626: moodle Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-12-25 09:49:33 UTC (rev 5168) +++ data/CVE/list 2006-12-25 10:02:26 UTC (rev 5169) @@ -172,9 +172,12 @@ CVE-2006-6627 (Integer overflow in the packed PE file parsing implementation in ...) NOT-FOR-US: BitDefender CVE-2006-6626 (Cross-site scripting (XSS) vulnerability in an unspecified component ...) - TODO: check + - moodle 1.6-1 + NOTE: Does not affect moodle 1.6 according to SecurityFocus. CVE-2006-6625 (Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in ...) - TODO: check + - moodle <unfixed> (low) + NOTE: "SC#341 fixed initilaization of navtail variable" + NOTE: http://moodle.cvs.sourceforge.net/moodle/moodle/mod/forum/discuss.php?view=log CVE-2006-6624 (The FTP Server in Sambar Server 6.4 allows remote authenticated users ...) NOT-FOR-US: Sambar CVE-2006-6623 (Sygate Personal Firewall 5.6.2808 relies on the Process Environment ...)