[Secure-testing-commits] r7623 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sat Dec 15 14:56:34 UTC 2007
Author: nion
Date: 2007-12-15 14:56:34 +0000 (Sat, 15 Dec 2007)
New Revision: 7623
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-12-15 09:14:09 UTC (rev 7622)
+++ data/CVE/list 2007-12-15 14:56:34 UTC (rev 7623)
@@ -33,17 +33,17 @@
CVE-2007-6348 [SquirrelMail package compromise]
- squirrelmail <not-affected> (Compromised packages were never in Debian)
CVE-2007-6347 (PHP remote file inclusion vulnerability in blocks/block_site_map.php ...)
- TODO: check
+ NOT-FOR-US: ViArt, CMS, HelpDesk, Shop Evaluation, Shop Free
CVE-2007-6346 (Cross-site scripting (XSS) vulnerability in Rainboard before 2.10 ...)
- TODO: check
+ NOT-FOR-US: Rainboard
CVE-2007-6345 (SQL injection vulnerability in aurora framework before 20071208 allows ...)
- TODO: check
+ NOT-FOR-US: aurora
CVE-2007-6344 (Directory traversal vulnerability in modules/cms/index.php in Mcms ...)
- TODO: check
+ NOT-FOR-US: Mcms Easy Web Make
CVE-2007-6343 (Cross-site scripting (XSS) vulnerability in HP OpenView Network Node ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Network Node Manager
CVE-2007-6342 (SQL injection vulnerability in the David Castro AuthCAS module ...)
- TODO: check
+ NOT-FOR-US: Apache AuthCAS module
CVE-2007-6341
RESERVED
CVE-2007-6340
@@ -61,29 +61,29 @@
CVE-2007-6334
RESERVED
CVE-2007-6333 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as ...)
- TODO: check
+ NOT-FOR-US: HP Info Center / HP Quick Launch Buttons
CVE-2007-6332 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as ...)
- TODO: check
+ NOT-FOR-US: HP Info Center HP Quick Launch Buttons
CVE-2007-6331 (Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ...)
- TODO: check
+ NOT-FOR-US: HP Info Center / HP Quick Launch Buttons
CVE-2007-6330 (Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames ...)
- TODO: check
+ NOT-FOR-US: Meridian Prolog Manager
CVE-2007-6329 (Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2007-6328 (** DISPUTED ** ...)
TODO: check
CVE-2007-6327 (Buffer overflow in a certain ActiveX control in Online Media ...)
- TODO: check
+ NOT-FOR-US: Online Media Technologies
CVE-2007-6326 (Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote ...)
- TODO: check
+ NOT-FOR-US: Simple HTTPD
CVE-2007-6325 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Fastpublish
CVE-2007-6324 (PHP remote file inclusion vulnerability in head.php in CityWriter ...)
- TODO: check
+ NOT-FOR-US: CityWriter
CVE-2007-6323 (Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 ...)
- TODO: check
+ NOT-FOR-US: MMS Gallery PHP
CVE-2007-6322 (Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 ...)
- TODO: check
+ NOT-FOR-US: xml2owl
CVE-2007-6320 (Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does ...)
NOT-FOR-US: Feature (third party drupal module)
CVE-2007-6319
@@ -341,7 +341,7 @@
- serendipity 1.2.1-1 (low)
[etch] - serendipity <no-dsa> (Can only be exploited in rare conditions)
CVE-2007-6204 (Multiple stack-based buffer overflows in HP OpenView Network Node ...)
- TODO: check
+ NOT-FOR-US: HP OpenView
CVE-2007-6203 (Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method ...)
- apache2 2.2.6-3 (low)
[sarge] - apache2 <no-dsa> (minor issue)
More information about the Secure-testing-commits
mailing list