CVE-2006-0806

NameCVE-2006-0806
DescriptionMultiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as ...
SourceCVE (at NVD; oss-sec, OSVDB, EDB, Red Hat, Ubuntu, Gentoo, SuSE, more)
ReferencesDSA-1029-1, DSA-1030-1, DSA-1031-1
Debian Bugs358872, 360396
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
cacti (PTS)squeeze, squeeze (security)0.8.7g-1+squeeze3fixed
wheezy, wheezy (security)0.8.8a+dfsg-5+deb7u2fixed
jessie, sid0.8.8b+dfsg-5fixed
libphp-adodb (PTS)squeeze5.10-1fixed
jessie, wheezy, sid5.15-1fixed
moodle (PTS)squeeze (security)1.9.9.dfsg2-2.1+squeeze3fixed
squeeze1.9.9.dfsg2-2.1+squeeze4fixed
jessie, sid2.6.2-1fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
cactisource(unstable)0.8.6d-1medium
cactisourcesarge0.8.6c-7sarge3DSA-1031-1
libphp-adodbsource(unstable)4.72-0.1medium358872
libphp-adodbsourcesarge4.52-1sarge1DSA-1029-1
libphp-adodbsourcewoody1.51-1.2DSA-1029-1
moodlesource(unstable)1.6.1+20060825-1medium360396
moodlesourcesarge1.4.4.dfsg.1-3sarge1DSA-1030-1

Notes

according to maintainer, "Moodle neither uses nor plans to use
ADODB_Pager, so it's not affected by #360396, but include patch for
it anyway, just in case somebody decides to use it out of the blue

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)