diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-01-13 13:29:07 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-01-13 13:29:07 +0000 |
commit | 451b3fe2b5f71947ab11c3b363354b946121525d (patch) | |
tree | 55420dc820ec73488040bfaf06c4b6d0fd7f3b92 /data/CVE/2006.list | |
parent | 4a4b06017bb51222fdfccb5c2356ee9539e4f1a0 (diff) |
php5 removed from unstable
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@47974 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/CVE/2006.list')
-rw-r--r-- | data/CVE/2006.list | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/data/CVE/2006.list b/data/CVE/2006.list index b27f699614..746ce437ac 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -151,7 +151,7 @@ CVE-2006-XXXX [Owl Intranet Engine multiple cross-site scripting, SQL-injection] - owl-dms 0.94-1 (medium; bug #416296) CVE-2006-7205 (The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 ...) - php4 <removed> (unimportant) - - php5 <unfixed> (unimportant) + - php5 <removed> (unimportant) NOTE: local DoS when Apache memory limit is set high CVE-2006-7204 (The imap_body function in PHP before 4.4.4 does not implement safemode ...) - php4 <removed> (unimportant) @@ -1981,7 +1981,7 @@ CVE-2006-6386 (Cross-site scripting (XSS) vulnerability in the CVS management/tr CVE-2006-6384 (Absolute path traversal vulnerability in abitwhizzy.php before ...) NOT-FOR-US: abitwhizzy.php CVE-2006-6383 (PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and ...) - - php5 <unfixed> (unimportant) + - php5 <removed> (unimportant) - php4 <removed> (unimportant) NOTE: safe-mode and basedir violations not treated as security issues CVE-2006-6382 (The control panel for Positive Software H-Sphere before 2.5.0 RC3 ...) @@ -7191,7 +7191,7 @@ CVE-2006-4025 (SQL injection vulnerability in profile.php in XennoBB 2.1.0 and . CVE-2006-4024 (The FESTAHES_Load function in pce/hes.c in Festalon 0.5.0 through ...) - festalon <not-affected> (vuln. code introduced in 0.5.0) CVE-2006-4023 (The ip2long function in PHP 5.1.4 and earlier may incorrectly validate ...) - - php5 <unfixed> (unimportant; bug #382257) + - php5 <removed> (unimportant; bug #382257) - php4 <removed> (unimportant; bug #382270) NOTE: Not every lack of protection of programmer's flaws is a vulnerability NOTE: See notes by Sean for details @@ -14314,7 +14314,7 @@ CVE-2006-0933 (Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows rem CVE-2006-0932 (Directory traversal vulnerability in zip.lib.php 0.1.1 in ...) NOT-FOR-US: zip.lib.php CVE-2006-0931 (Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other ...) - - php5 <unfixed> (bug #368545; unimportant) + - php5 <removed> (bug #368545; unimportant) - php4 <removed> (bug #368545; unimportant) NOTE: is this really a vulnerability in pear? it seems it should be a bug NOTE: in any application not checking for such archives. |