[Secure-testing-commits] r5453 - data/CVE
Kees Cook
keescook-guest at alioth.debian.org
Tue Feb 13 21:56:36 UTC 2007
Author: keescook-guest
Date: 2007-02-13 22:56:33 +0100 (Tue, 13 Feb 2007)
New Revision: 5453
Modified:
data/CVE/list
Log:
kolabd & iceweasel not-affected, amarok medium
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-13 20:14:09 UTC (rev 5452)
+++ data/CVE/list 2007-02-13 21:56:33 UTC (rev 5453)
@@ -89,7 +89,7 @@
CVE-2006-6993 (Multiple SQL injection vulnerabilities in pages/addcomment2.php in ...)
TODO: check
CVE-2005-4828 (Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large ...)
- TODO: check
+ - kolabd <not-affected> (Only vulnerable in 2.0-2.1; not packaged Debian)
CVE-2007-XXXX [dokuwiki conf directory accessible by web users]
- dokuwiki 0.0.20061106-3 (bug #410557)
CVE-2007-0870 (Unspecified vulnerability in Microsoft Word 2000 allows remote ...)
@@ -340,7 +340,7 @@
CVE-2006-6980 (The magnatune.com album browser in Amarok allows attackers to cause a ...)
TODO: check
CVE-2006-6979 (The ruby handlers in Amarok do not properly quote text in certain ...)
- TODO: check
+ - amarok <unfixed> (bug #410850; medium)
CVE-2006-6978 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar ...)
NOT-FOR-US: FCKEditor
CVE-2006-6977 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar ...)
@@ -356,7 +356,7 @@
CVE-2006-6972 (SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows ...)
NOT-FOR-US: BtitTracker
CVE-2006-6971 (Mozilla Firefox 2.0, possibly only when running on Windows, allows ...)
- TODO: check
+ - iceweasel <not-affected> (Windows only)
CVE-2006-6970 (Opera 9.10 Final allows remote attackers to bypass the Fraud ...)
TODO: check
CVE-2006-6969 (Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 ...)
More information about the Secure-testing-commits
mailing list