[Secure-testing-commits] r7598 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed Dec 12 09:14:11 UTC 2007


Author: joeyh
Date: 2007-12-12 09:14:10 +0000 (Wed, 12 Dec 2007)
New Revision: 7598

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-12 03:28:02 UTC (rev 7597)
+++ data/CVE/list	2007-12-12 09:14:10 UTC (rev 7598)
@@ -1,3 +1,19 @@
+CVE-2007-6313
+	RESERVED
+CVE-2007-6312 (Cross-site scripting (XSS) vulnerability in the logon page in Web ...)
+	TODO: check
+CVE-2007-6311 (SQL injection vulnerability in (1) index.php, and possibly (2) ...)
+	TODO: check
+CVE-2007-6310 (Multiple cross-site scripting (XSS) vulnerabilities in Falt4Extreme ...)
+	TODO: check
+CVE-2007-6309 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+	TODO: check
+CVE-2007-6308 (Cross-site scripting (XSS) vulnerability in HttpLogger 0.8.1 allows ...)
+	TODO: check
+CVE-2007-6307 (Multiple cross-site scripting (XSS) vulnerabilities in clickstats.php ...)
+	TODO: check
+CVE-2007-6306 (Multiple cross-site scripting (XSS) vulnerabilities in the image map ...)
+	TODO: check
 CVE-2007-6305 (Multiple unspecified vulnerabilities in IBM Hardware Management ...)
 	NOT-FOR-US: IBM Hardware Management Console
 CVE-2007-6302 (Unspecified vulnerability in Novell NetMail 3.5.2 before Messaging ...)
@@ -221,8 +237,7 @@
 CVE-2007-6206 (The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x ...)
 	- linux-2.6 <unfixed>
 	NOTE: kernel-sec already tracks this
-CVE-2007-6205
-	RESERVED
+CVE-2007-6205 (Cross-site scripting (XSS) vulnerability in the remote RSS sidebar ...)
 	- serendipity 1.2.1-1 (low)
 CVE-2007-6204
 	RESERVED
@@ -419,7 +434,7 @@
 CVE-2007-6110 (Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 ...)
 	- htdig 1:3.2.0b6-4 (low; bug #453278)
 	[sarge] - htdig <not-affected> (Vulnerable code not present)
-CVE-2007-6109 (Buffer overflow in emacs allows attackers to have an unknown impact, ...)
+CVE-2007-6109 (Stack-based buffer overflow in emacs allows user-assisted attackers to ...)
 	{DTSA-98-1 DTSA-99-1}
 	- emacs22 22.1+1-2.2 (bug #455432)
 	- emacs21 21.4a+1-5.2 (bug #455433)
@@ -792,7 +807,8 @@
 CVE-2007-5969 (MySQL Community Server before 5.0.51, when a table relies on symlinks ...)
 	- mysql-dfsg-5.0 5.0.45-4 (low; bug #455010)
 	TODO: check mysql 4
-CVE-2007-5968 (MySQL 5.1.x before 5.1.23 might allow attackers to gain privileges via ...)
+CVE-2007-5968
+	REJECTED
 	- mysql-dfsg-5.0 <unfixed> (bug #455737)
 CVE-2007-5967
 	RESERVED
@@ -2535,7 +2551,7 @@
 	REJECTED
 CVE-2007-5498
 	RESERVED
-CVE-2007-5497 (Multiple integer overflows in libext2fs in e2fsprogs allow ...)
+CVE-2007-5497 (Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 ...)
 	{DSA-1422-1 DTSA-95-1}
 	- e2fsprogs <unfixed> (bug #454760)
 CVE-2007-5496




More information about the Secure-testing-commits mailing list