[Secure-testing-commits] r5656 - data/CVE
Florian Weimer
fw at alioth.debian.org
Mon Apr 16 12:55:09 UTC 2007
Author: fw
Date: 2007-04-16 12:55:06 +0000 (Mon, 16 Apr 2007)
New Revision: 5656
Modified:
data/CVE/list
Log:
CVE-2007-1483, CVE-2007-1343: webcalendar fixed
(CVE-2006-6669 is still open according to the maintainer.)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-04-15 09:51:47 UTC (rev 5655)
+++ data/CVE/list 2007-04-16 12:55:06 UTC (rev 5656)
@@ -1113,8 +1113,7 @@
- php5 <unfixed> (medium)
NOTE: local malicious scripts only, but allows arbitrary process memory access
CVE-2007-1483 (Multiple PHP remote file inclusion vulnerabilities in WebCalendar ...)
- - webcalendar <unfixed> (high)
- NOTE: Requested removal from the archive
+ - webcalendar 1.0.5-1 (high)
CVE-2007-1482 (Cross-site scripting (XSS) vulnerability in index.php in WBBlog allows ...)
NOT-FOR-US: WBBlog
CVE-2007-1481 (SQL injection vulnerability in index.php in WBBlog allows remote ...)
@@ -1440,7 +1439,7 @@
NOT-FOR-US: Ezstream
CVE-2007-1343 (includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does ...)
{DSA-1267-1}
- - webcalendar <unfixed> (high)
+ - webcalendar 1.0.5-1 (high)
CVE-2007-1342 (Cross-site scripting (XSS) vulnerability in admincp/index.php in ...)
NOT-FOR-US: vBulletin
CVE-2007-1341 (include/auth/auth.php in Simple Invoices before 2007 03 05 does not ...)
More information about the Secure-testing-commits
mailing list