[Secure-testing-commits] r5437 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Sun Feb 11 19:56:26 UTC 2007
Author: stef-guest
Date: 2007-02-11 20:56:23 +0100 (Sun, 11 Feb 2007)
New Revision: 5437
Modified:
data/CVE/list
Log:
- new Firefox-sage XSS
- new php issues
- CVE-2007-0175 affects b2evolution (low)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-11 18:53:29 UTC (rev 5436)
+++ data/CVE/list 2007-02-11 19:56:23 UTC (rev 5437)
@@ -1,3 +1,10 @@
+CVE-2007-XXXX [Firefox-sage XSS]
+ - firefox-sage <unfixed>
+ NOTE: http://secunia.com/advisories/24086/
+ NOTE: might not affect Debian version because HTML mode is disabled. sf: pinged maintainer
+CVE-2007-XXXX [php: multiple issues fixed in php 5.2.1]
+ - php4 <unfixed>
+ - php5 <unfixed> (bug filed)
CVE-2007-XXXX [ikiwiki allows web user to edit images and other non-page format files in the wiki]
- ikiwiki 1.42
CVE-2007-0858
@@ -1433,6 +1440,7 @@
NOTE: libgtop does not contain the affected code.
CVE-2007-0234
REJECTED
+ NOTE: Duplicate of CVE-2007-0243
CVE-2007-0233 (wp-trackback.php in WordPress 2.0.6 and earlier does not properly ...)
- wordpress 2.1.0-1 (unimportant)
NOTE: This is argubly a php bug, CVE-2006-3017
@@ -1630,7 +1638,7 @@
- gforge 4.5.14-20 (low; bug #406244)
[sarge] - gforge <not-affected> (Vulnerable code not present)
CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in ...)
- - b2evolution <not-affected>
+ - b2evolution <unfixed> (bug filed; low)
CVE-2007-0174 (Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ...)
NOT-FOR-US: Sina UC2006
CVE-2007-0173 (Directory traversal vulnerability in index.php in L2J Statistik Script ...)
More information about the Secure-testing-commits
mailing list