[Secure-testing-commits] r5057 - data/CVE

Sun Dec 3 23:27:38 CET 2006

Author: neilm
Date: 2006-12-03 23:27:35 +0100 (Sun, 03 Dec 2006)
New Revision: 5057

Modified:
   data/CVE/list
Log:
Drupal <not-affected>

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-12-03 22:17:22 UTC (rev 5056)
+++ data/CVE/list	2006-12-03 22:27:35 UTC (rev 5057)
@@ -1492,11 +1492,11 @@
 CVE-2006-5478 (Multiple stack-based buffer overflows in Novell eDirectory 8.8.x ...)
 	NOT-FOR-US: Novell eDirectory
 CVE-2006-5477 (Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form ...)
-	- drupal <unfixed> (low)
+	- drupal <not-affected> (Our version of drupal is too old)
 CVE-2006-5476 (Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before ...)
-	- drupal <unfixed> (low)
+	- drupal <not-affected> (Our version of drupal is too old)
 CVE-2006-5475 (Multiple cross-site scripting (XSS) vulnerabilities in the XML parser ...)
-	- drupal <unfixed> (low)
+	- drupal <not-affected> (Our version of drupal is too old)
 CVE-2006-5474 (The &quot;forgot password&quot; function in OneOrZero Helpdesk before 1.6.5.4 ...)
 	NOT-FOR-US: OneOrZero Helpdesk
 CVE-2006-5473 (** DISPUTED ** ...)


