[Secure-testing-commits] r5694 - data/CVE

Florian Weimer fw at alioth.debian.org
Sat Apr 21 08:49:34 UTC 2007 

Author: fw
Date: 2007-04-21 08:49:32 +0000 (Sat, 21 Apr 2007)
New Revision: 5694

Modified:
   data/CVE/list
Log:
CVE-2007-1869, CVE-2007-1870: lighttpd fixed
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-04-21 08:41:10 UTC (rev 5693)
+++ data/CVE/list	2007-04-21 08:49:32 UTC (rev 5694)
@@ -280,7 +280,7 @@
 CVE-2007-1974 (SQL injection vulnerability in the getArticle function in ...)
 	NOT-FOR-US: Xoops modules
 CVE-2007-1973 (Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2007-1972
 	RESERVED
 CVE-2006-7194 (PHP remote file inclusion vulnerability in ...)
@@ -288,7 +288,7 @@
 CVE-2006-7193 (** DISPUTED ** ...)
 	NOT-FOR-US: disputed (SMARTY_DIR is a constant)
 CVE-2003-1325 (The SV_CheckForDuplicateNames function in Valve Software Half-Life ...)
-	TODO: check
+	NOT-FOR-US: Half-Life
 CVE-2007-XXXX [mydms SQL injection]
 	- mydms 1.4.4+1-5
 CVE-2007-1971 (SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi ...)
@@ -450,9 +450,9 @@
 CVE-2007-1893 (xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows ...)
 	- wordpress 2.1.3-1 (medium)
 CVE-2007-1892 (Stack-based buffer overflow in Akamai Technologies Download Manager ...)
-	TODO: check
+	NOT-FOR-US: Akamai
 CVE-2007-1891 (Stack-based buffer overflow in the GetPrivateProfileSectionW function ...)
-	TODO: check
+	NOT-FOR-US: Akamai
 CVE-2007-1890 (Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and ...)
 	- php4 <unfixed> (unimportant)
 	- php5 <unfixed> (unimportant)
@@ -506,9 +506,9 @@
 CVE-2007-1871 (Cross-site scripting (XSS) vulnerability in chcounter 3.1.3 allows ...)
 	NOT-FOR-US: chcounter
 CVE-2007-1870 (lighttpd before 1.4.14 allows attackers to cause a denial of service ...)
-	TODO: check
+	- lighttpd 1.4.15-1 (low)
 CVE-2007-1869 (lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial ...)
-	TODO: check
+	- lighttpd 1.4.15-1 (medium)
 CVE-2007-1868 (The management service in IBM Tivoli Provisioning Manager for OS ...)
 	NOT-FOR-US: IBM Tivoli Provisioning Manager
 CVE-2007-1867 (Buffer overflow in IrfanView 3.99 allows remote attackers to execute ...)

More information about the Secure-testing-commits mailing list