[Secure-testing-commits] r5460 - data/CVE
Kees Cook
keescook-guest at alioth.debian.org
Thu Feb 15 01:51:08 UTC 2007
Author: keescook-guest
Date: 2007-02-15 02:51:05 +0100 (Thu, 15 Feb 2007)
New Revision: 5460
Modified:
data/CVE/list
Log:
NFUs, php5 & iceweasel open, ejabberd & firefox-sage fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-14 08:14:14 UTC (rev 5459)
+++ data/CVE/list 2007-02-15 01:51:05 UTC (rev 5460)
@@ -1,29 +1,29 @@
CVE-2007-0912 (Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php ...)
- TODO: check
+ NOT-FOR-US: JPortal
CVE-2007-0911 (Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0910 (Unspecified vulnerability PHP before 5.2.1 allows attackers to ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0909 (Multiple format string vulnerabilities in PHP before 5.2.1 might allow ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0908 (The wddx extension in PHP before 5.2.1 allows remote attackers to ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0907 (Buffer underflow in PHP before 5.2.1 allows attackers to cause a ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0906 (Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0905 (PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0904 (SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows ...)
- TODO: check
+ NOT-FOR-US: LightRO CMS
CVE-2007-0903 (Unspecified vulnerability in the mod_roster_odbc module in ejabberd ...)
- TODO: check
+ - ejabberd 1.1.2-5
CVE-2007-0902 (Unspecified vulnerability in the "Show debugging information" feature ...)
TODO: check
CVE-2007-0901 (Multiple cross-site scripting (XSS) vulnerabilities in Info pages in ...)
TODO: check
CVE-2007-0900 (Multiple PHP remote file inclusion vulnerabilities in TagIt! Tagboard ...)
- TODO: check
+ NOT-FOR-US: TagIt! Tagboard
CVE-2007-0899
RESERVED
CVE-2007-0898
@@ -31,7 +31,7 @@
CVE-2007-0897
RESERVED
CVE-2007-0896 (Cross-site scripting (XSS) vulnerability in the (1) Sage before ...)
- TODO: check
+ - firefox-sage 1.3.10-1
CVE-2007-0451
RESERVED
- spamassassin 3.1.8 (bug #410843)
@@ -300,11 +300,11 @@
CVE-2007-0803 (Multiple buffer overflows in STLport before 5.0.3 allow remote ...)
- stlport5 <unfixed> (bug #410864; low)
CVE-2007-0802 (Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing ...)
- TODO: check
+ - iceweasel <unfixed> (low)
CVE-2007-0801 (The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox ...)
- TODO: check
+ - iceweasel <unfixed> (low)
CVE-2007-0800 (Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked ...)
- TODO: check
+ - iceweasel <unfixed> (medium)
CVE-2007-0799 (SQL injection vulnerability in badword.asp in Ublog Reload 1.0.5 ...)
NOT-FOR-US: Ublog Reload
CVE-2007-0798 (Multiple cross-site scripting (XSS) vulnerabilities in Ublog Reload ...)
More information about the Secure-testing-commits
mailing list