[Secure-testing-commits] r6267 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Thu Aug 9 22:16:33 UTC 2007
Author: jmm-guest
Date: 2007-08-09 22:16:32 +0000 (Thu, 09 Aug 2007)
New Revision: 6267
Modified:
data/CVE/list
Log:
samba not-affected
fix epoch
mark squirrelmail duplicate
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-09 21:49:31 UTC (rev 6266)
+++ data/CVE/list 2007-08-09 22:16:32 UTC (rev 6267)
@@ -618,11 +618,9 @@
CVE-2007-3963 (Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, ...)
NOT-FOR-US: UseBB
CVE-2007-3962 (Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 ...)
- NOT-FOR-US: fsplib
- NOTE: vulnerable code not present in fsp
+ NOT-FOR-US: fsplib, vulnerable code not present in lib.c from fsp source package
CVE-2007-3961 (Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib ...)
- NOT-FOR-US: fsplib
- NOTE: vulnerable code not present in fsp
+ NOT-FOR-US: fsplib, vulnerable code not present in lib.c from fsp source package
CVE-2007-3960 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...)
NOT-FOR-US: IBM WebSphere
CVE-2007-3959 (The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier ...)
@@ -3712,8 +3710,7 @@
CVE-2007-2632 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Multi User ...)
NOT-FOR-US: phpMUR
CVE-2007-2631 (Cross-site request forgery (CSRF) vulnerability in SquirrelMail ...)
- - squirrelmail 2:1.4.10a-1 (low)
- NOTE: this is likely a duplicate of CVE-2007-2589
+ NOTE: Duplicate of CVE-2007-2589
CVE-2007-2630 (Incomplete blacklist vulnerability in ...)
NOT-FOR-US: ActiveCampaign products
CVE-2007-2629 (Bradford CampusManager Network Control Application Server 3.1(6) ...)
@@ -4145,7 +4142,7 @@
CVE-2007-2439 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for ...)
NOT-FOR-US: Caucho Resin Professional
CVE-2007-2438 (The sandbox for vim allows dangerous functions such as (1) writefile, ...)
- - vim 7.1-022+1 (bug #435401; medium)
+ - vim 1:7.1-022+1 (bug #435401; medium)
TODO: File bug
NOTE: Exploitable through modelines.
CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0, 7.1, ...)
@@ -4223,7 +4220,7 @@
CVE-2007-2408 (WebKit in Apple Safari 3 Beta before Update 3.0.3 does not properly ...)
TODO: check
CVE-2007-2407 (The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows ...)
- TODO: check
+ - samba <not-affected> (MacOS/Apple-specific vulnerability)
CVE-2007-2406 (Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a ...)
TODO: check
CVE-2007-2405 (Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 ...)
More information about the Secure-testing-commits
mailing list