[Secure-testing-commits] r5278 - data/CVE
SALVETTI Djoumé
djoume-guest at alioth.debian.org
Tue Jan 16 22:17:50 CET 2007
Author: djoume-guest
Date: 2007-01-16 22:17:48 +0100 (Tue, 16 Jan 2007)
New Revision: 5278
Modified:
data/CVE/list
Log:
It's been a long time since my last commit!
neon26 remote DoS (medium)
gforge XSS (low)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-16 20:33:51 UTC (rev 5277)
+++ data/CVE/list 2007-01-16 21:17:48 UTC (rev 5278)
@@ -58,7 +58,7 @@
CVE-2007-0190 (PHP remote file inclusion vulnerability in edit_address.php in edit-x ...)
NOT-FOR-US: edit-x ecommerce
CVE-2007-0189 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: GeoBB
CVE-2007-0188 (F5 FirePass 5.4 through 5.5.1 does not properly enforce host access ...)
NOT-FOR-US: F5
CVE-2007-0187 (F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to ...)
@@ -85,7 +85,7 @@
- mediawiki 1.7.1-6 (bug #406238; medium)
NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721
CVE-2007-0176 (Cross-site scripting (XSS) vulnerability in search/advanced_search.php ...)
- TODO: check
+ - gforge <unfixed> (low; bug #406244)
CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in ...)
- b2evolution <not-affected>
CVE-2007-0174 (Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ...)
@@ -129,7 +129,8 @@
CVE-2007-0158
RESERVED
CVE-2007-0157 (Array index error in the uri_lookup function in the URI parser for ...)
- TODO: check
+ - neon26 0.26.2-3.1 (medium; bug #404723)
+ NOTE: neon25 doesn't have the uri_lookup macro
CVE-2007-0156 (M-Core stores the database under the web document root, which allows ...)
NOT-FOR-US: M-Core
CVE-2007-0155 (HarikaOnline 2.0 stores sensitive information under the web root with ...)
More information about the Secure-testing-commits
mailing list