[Secure-testing-commits] r6229 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Sat Aug 4 11:20:06 UTC 2007
Author: fw
Date: 2007-08-04 11:20:05 +0000 (Sat, 04 Aug 2007)
New Revision: 6229
Modified:
data/CVE/list
Log:
CVE-2007-4048: phpsysinfo, phpgroupware-phpsysinfo, egroupware-phpsysinfo
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-04 10:51:52 UTC (rev 6228)
+++ data/CVE/list 2007-08-04 11:20:05 UTC (rev 6229)
@@ -145,7 +145,9 @@
CVE-2007-4049 (Cross-site scripting (XSS) vulnerability in the printenv.pl test CGI ...)
NOTE: Rediscovery / dupe of CVE-2000-1205
CVE-2007-4048 (Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo ...)
- TODO: check
+ - phpsysinfo <unfixed> (low; bug #435935)
+ - phpgroupware-phpsysinfo <unfixed> (low; bug #435936)
+ - egroupware-phpsysinfo <unfixed> (low; bug #435937)
CVE-2007-4047 (geoBlog (aka BitDamaged) 1 does not require authentication for (1) ...)
NOT-FOR-US: geoBlog
CVE-2007-4046 (SQL injection vulnerability in index.php in the Pony Gallery ...)
More information about the Secure-testing-commits
mailing list