Author: nion Date: 2008-05-23 16:45:47 +0000 (Fri, 23 May 2008) New Revision: 8883 Modified: data/CVE/list Log: CVE-2008-2266 fixed in uudeview 0.5.20-3.1 (low) Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-05-23 12:48:54 UTC (rev 8882) +++ data/CVE/list 2008-05-23 16:45:47 UTC (rev 8883) @@ -474,7 +474,7 @@ CVE-2008-2276 (Cross-site request forgery (CSRF) vulnerability in Mantis 1.1.1 allows ...) - mantis 1.0.8-4.1 (bug #481504) CVE-2008-2266 (uulib/uunconc.c in UUDeview 0.5.20 allows local users to overwrite ...) - - uudeview <unfixed> (bug #480972) + - uudeview 0.5.20-3.1 (low; bug #480972) - libconvert-uulib-perl <not-affected> (Code patched by libconver-uulib upstream to use mkstemp) NOTE: See CVE-2004-2265, where the problem occured as well CVE-2008-2302 [Cross-site scripting (XSS) by missing escaping]