Secure testing commits - Apr 2007 - r5740 - data/CVE

Author: joeyh
Date: 2007-04-26 21:14:38 +0000 (Thu, 26 Apr 2007)
New Revision: 5740

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-04-26 19:28:09 UTC (rev 5739)
+++ data/CVE/list	2007-04-26 21:14:38 UTC (rev 5740)
@@ -1067,6 +1067,7 @@
 CVE-2007-1778 (PHP remote file inclusion vulnerability in db/mysql.php in the
...)
 	NOT-FOR-US: Eve-Nuke
 CVE-2007-1777 (Integer overflow in the zip_read_entry function in PHP 4 before
4.4.5 ...)
+	{DSA-1282-1}
 	- php4 <unfixed> (medium)
 CVE-2007-1776 (SQL injection vulnerability in index.php in the
DesignForJoomla.com ...)
 	NOT-FOR-US: D4J eZine
@@ -1186,6 +1187,7 @@
 CVE-2007-1719 (Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on
FreeBSD, ...)
 	NOT-FOR-US: mcweject
 CVE-2007-1718 (CRLF injection vulnerability in the mail function in PHP 4.0.0
through ...)
+	{DSA-1282-1}
 	- php4 <unfixed> (medium)
 	[sarge] - php4 <not-affected> (Vulnerable code not present)
 	- php5 <unfixed> (medium)
@@ -1204,6 +1206,7 @@
 CVE-2007-1712 (SQL injection vulnerability in default.asp in ActiveWebSoftwares
...)
 	NOT-FOR-US: Active Auction Pro
 CVE-2007-1711 (Double free vulnerability in the unserializer in PHP 4.4.5 and
4.4.6 ...)
+	{DSA-1282-1}
 	- php4 <unfixed> (unimportant)
 	- php5 <unfixed> (unimportant)
 	NOTE: register_globals not supported
@@ -1642,6 +1645,7 @@
 CVE-2007-1522 (Double free vulnerability in the session extension in PHP 5.2.0
and ...)
 	- php5 <unfixed> (medium)
 CVE-2007-1521 (Double free vulnerability in PHP 5.2.1 and earlier allows ...)
+	{DSA-1282-1}
 	- php5 <unfixed> (medium)
 	- php4 <unfixed> (medium)
 CVE-2007-1520 (The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0
does ...)
@@ -1986,6 +1990,7 @@
 CVE-2007-1381 (The wddx_deserialize function in wddx.c in PHP CVS as of
20070304 ...)
 	- php5 <not-affected> (Affected only a php5 CVS version, not a release)
 CVE-2007-1380 (The php_binary serialization handler in the session extension in
PHP ...)
+	{DSA-1282-1}
 	- php4 <unfixed> (low)
 	- php5 <unfixed> (low)
 CVE-2007-1379 (The ovrimos_close function in the Ovrimos extension for PHP
before ...)
@@ -2249,6 +2254,7 @@
 	[sarge] - php4 <not-affected> (Regression introduced in 4.4.3)
 	NOTE: Non-issue, explicit debug feature
 CVE-2007-1286 (Integer overflow in PHP 4.4.4 and earlier allows remote ...)
+	{DSA-1282-1}
 	- php4 <unfixed> (low)
 CVE-2007-1285 (The Zend Engine in PHP 4.x and 5.x allows remote attackers to
cause a ...)
 	- php5 <unfixed> (unimportant)