jmm-guest at alioth.debian.org
2007-May-16 17:25 UTC
[Secure-testing-commits] r5845 - data/CVE
Author: jmm-guest Date: 2007-05-16 17:25:47 +0000 (Wed, 16 May 2007) New Revision: 5845 Modified: data/CVE/list Log: new kernel issue elinks no-dsa Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-16 09:14:15 UTC (rev 5844) +++ data/CVE/list 2007-05-16 17:25:47 UTC (rev 5845) @@ -1,3 +1,5 @@ +CVE-2006-7203 [mount compat local DoS] + - linux-2.6 <unfixed> (low) CVE-2007-2588 (Multiple buffer overflows in the Office Viewer OCX ActiveX control ...) NOT-FOR-US: Office Viewer OCX ActiveX CVE-2007-2587 (The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote ...) @@ -1208,6 +1210,9 @@ - freeradius <unfixed> (low) CVE-2007-2027 (Untrusted search path vulnerability in the add_filename_to_string ...) - elinks 0.11.1-1.4 (bug #417789; low) + [sarge] - elinks <no-dsa> (Hardly exploitable) + [etch] - elinks <no-dsa> (Hardly exploitable) + NOTE: Unrealistic attack vector, no evidence code injection is possible CVE-2007-2026 (The gnu regular expression code in file 4.20 allows context-dependent ...) - file <unfixed> (low) [sarge] - file <not-affected> (version too old) @@ -18804,7 +18809,7 @@ CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation ...) - php4 <unfixed> (bug #361854; unimportant) - php5 <unfixed> (bug #361917; unimportant) - [sarge] - php4 <no-dsa> (there are easier ways to segfault your own program) + [sarge] - php4 <no-dsa> (there are easier ways to segfault your own program) CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 ...) NOT-FOR-US: BEA WebLogic CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...)