[Secure-testing-commits] r7658 - data/CVE

[nion at alioth.debian.org]

Author: nion
Date: 2007-12-19 13:11:26 +0000 (Wed, 19 Dec 2007)
New Revision: 7658

Modified:
   data/CVE/list
Log:
NFUs
CVE-2007-6390 does not affect s9y
new issue: gnome-screensaver (CVE-2007-6389)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-19 12:40:28 UTC (rev 7657)
+++ data/CVE/list	2007-12-19 13:11:26 UTC (rev 7658)
@@ -57,53 +57,53 @@
 CVE-2007-6413 (Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2007-6412 (Direct static code injection vulnerability in wiki/index.php in ...)
-	TODO: check
+	NOT-FOR-US: Bitweaver
 CVE-2007-6411 (Multiple buffer overflows in the HandleEmotsConfig function in the GG ...)
-	TODO: check
+	NOT-FOR-US: Gadu-Gadu client
 CVE-2007-6410 (Gadu-Gadu does not properly perform protocol handling, which allows ...)
-	TODO: check
+	NOT-FOR-US: Gadu-Gadu client
 CVE-2007-6409 (The gg protocol handler in Gadu-Gadu, when this product is installed ...)
-	TODO: check
+	NOT-FOR-US: Gadu-Gadu client
 CVE-2007-6408 (IBM Tivoli Provisioning Manager Express provides unspecified ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli Provisioning Manager Express 
 CVE-2007-6407 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli Provisioning Manager Express 
 CVE-2007-6406 (Multiple cross-site scripting (XSS) vulnerabilities in CA (formerly ...)
-	TODO: check
+	NOT-FOR-US: CA eTrust Threat Management Console
 CVE-2007-6405 (Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows ...)
-	TODO: check
+	NOT-FOR-US: Simple HTTPD
 CVE-2007-6404 (Directory traversal vulnerability in Sergey Lyubka Simple HTTPD ...)
-	TODO: check
+	NOT-FOR-US: Simple HTTPD
 CVE-2007-6403 (Stack-based buffer overflow in Nullsoft Winamp 5.32 allows ...)
-	TODO: check
+	NOT-FOR-US: Winamp
 CVE-2007-6402 (Stack-based buffer overflow in mplayerc.exe in Media Player Classic ...)
-	TODO: check
+	NOT-FOR-US: Media Player Classic
 CVE-2007-6401 (Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows Media Player
 CVE-2007-6400 (Directory traversal vulnerability in download_file.php in PolDoc CMS ...)
-	TODO: check
+	NOT-FOR-US: PolDoc CMS
 CVE-2007-6399 (index.php in Flat PHP Board 1.2 and earlier allows remote ...)
-	TODO: check
+	NOT-FOR-US: Flat PHP Board
 CVE-2007-6398 (Flat PHP Board 1.2 and earlier allows remote attackers to bypass ...)
-	TODO: check
+	NOT-FOR-US: Flat PHP Board
 CVE-2007-6397 (Multiple directory traversal vulnerabilities in index.php in Flat PHP ...)
-	TODO: check
+	NOT-FOR-US: Flat PHP Board
 CVE-2007-6396 (Direct static code injection vulnerability in index.php in Flat PHP ...)
-	TODO: check
+	NOT-FOR-US: Flat PHP Board
 CVE-2007-6395 (Flat PHP Board 1.2 and earlier stores sensitive information under the ...)
-	TODO: check
+	NOT-FOR-US: Flat PHP Board
 CVE-2007-6394 (SQL injection vulnerability in index.php in Content Injector 1.53 ...)
-	TODO: check
+	NOT-FOR-US: Content Injector
 CVE-2007-6393 (SQL injection vulnerability in albums.php in Ace Image Hosting Script ...)
-	TODO: check
+	NOT-FOR-US: Ace Image Hosting Script
 CVE-2007-6392 (SQL injection vulnerability in DWdirectory 2.1 and earlier allows ...)
-	TODO: check
+	NOT-FOR-US: DWdirectory
 CVE-2007-6391 (SQL injection vulnerability in patch/comments.php in SH-News 3.0 ...)
-	TODO: check
+	NOT-FOR-US: SH-News
 CVE-2007-6390 (Cross-site request forgery (CSRF) vulnerability in the mycalendar ...)
-	TODO: check
+	- serendipity <not-affected> (This is an external plugin not included in our packages)
 CVE-2007-6389 (The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 ...)
-	TODO: check
+	- gnome-screensaver <unfixed> (low; bug #455484)
 CVE-2007-6388
 	RESERVED
 CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local users ...)