[Secure-testing-commits] r5224 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Mon Jan 8 21:02:14 CET 2007
Author: stef-guest
Date: 2007-01-08 21:02:11 +0100 (Mon, 08 Jan 2007)
New Revision: 5224
Modified:
data/CVE/list
Log:
- new centericq issue fixed
- wordpress fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-07 20:14:16 UTC (rev 5223)
+++ data/CVE/list 2007-01-08 20:02:11 UTC (rev 5224)
@@ -1,3 +1,6 @@
+CVE-2007-XXXX [CenterICQ buffer overflow]
+ - centericq 4.21.0-17
+ NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051663.html
CVE-2007-XXXX [drupal XSS]
- drupal 4.7.5-1 (low)
NOTE: DRUPAL-SA-2007-001
@@ -5,10 +8,10 @@
- drupal 4.7.5-1 (low)
NOTE: DRUPAL-SA-2007-002
CVE-2007-XXXX WordPress Trackback Charset Decoding SQL Injection Vulnerability
- - wordpress <unfixed> (medium)
+ - wordpress 2.0.6-1 (medium)
NOTE: http://www.hardened-php.net/advisory_022007.141.html
CVE-2007-XXXX WordPress CSRF Protection XSS Vulnerability
- - wordpress <unfixed> (medium)
+ - wordpress 2.0.6-1 (medium)
NOTE: http://www.hardened-php.net/advisory_012007.140.html
CVE-2007-0050 (** DISPUTED ** ...)
NOT-FOR-US: OpenPinboard
@@ -195,7 +198,7 @@
CVE-2006-6809 (Multiple PHP remote file inclusion vulnerabilities in process.php in ...)
NOT-FOR-US: buratinable templator (aka bubla)
CVE-2006-6808 (Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in ...)
- - wordpress <unfixed> (bug #405299)
+ - wordpress 2.0.6-1 (bug #405299)
CVE-2006-6807 (SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda ...)
NOT-FOR-US: Ananda Real Estate
CVE-2006-6806 (SQL injection vulnerability in newsdetail.asp in Enthrallweb eMates ...)
More information about the Secure-testing-commits
mailing list