[Secure-testing-commits] r6152 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Thu Jul 19 07:53:05 UTC 2007
Author: jmm-guest
Date: 2007-07-19 07:53:04 +0000 (Thu, 19 Jul 2007)
New Revision: 6152
Modified:
data/CVE/list
Log:
new mozilla issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-18 22:08:52 UTC (rev 6151)
+++ data/CVE/list 2007-07-19 07:53:04 UTC (rev 6152)
@@ -47,16 +47,23 @@
RESERVED
CVE-2007-3739
RESERVED
-CVE-2007-3738
+CVE-2007-3738 [Firefox XPCNativeWrapper code injection]
RESERVED
-CVE-2007-3737
+ - iceweasel <unfixed> (medium)
+CVE-2007-3737 [Firefox insecure event handler code injection]
RESERVED
-CVE-2007-3736
+ - iceweasel <unfixed>
+CVE-2007-3736 [Firefox addEventListener() and setTimeout () same-origin bypass]
RESERVED
-CVE-2007-3735
+ - iceweasel <unfixed> (high)
+CVE-2007-3735 [memory corruption in layout engine]
RESERVED
-CVE-2007-3734
+ - iceweasel <unfixed> (high)
+ - icedove <unfixed> (high)
+CVE-2007-3734 [memory corruption in js engine]
RESERVED
+ - iceweasel <unfixed> (high)
+ - icedove <unfixed> (high)
CVE-2007-3733
RESERVED
CVE-2007-3732
@@ -186,7 +193,8 @@
CVE-2007-3671 (Unspecified vulnerability in the kernel in Microsoft Windows Vista has ...)
TODO: check
CVE-2007-3670 (Argument injection vulnerability in Microsoft Internet Explorer, when ...)
- TODO: check
+ - iceweasel <not-affected> (Only affects Firefox/Thunderbird on Windows)
+ - icedove <not-affected> (Only affects Firefox/Thunderbird on Windows)
CVE-2007-3669 (Multiple unspecified vulnerabilities in the Innovasys DockStudioXP ...)
TODO: check
CVE-2007-3668 (Multiple unspecified vulnerabilities in NMSDVDXU.DLL in NuMedia ...)
@@ -214,7 +222,7 @@
CVE-2007-3657 (** DISPUTED ** ...)
TODO: check
CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not ...)
- TODO: check
+ - iceweasel <unfixed> (medium)
CVE-2007-3655 (Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE ...)
TODO: check
CVE-2007-3654
@@ -1085,11 +1093,11 @@
CVE-2007-3286
RESERVED
CVE-2007-3285 (Mozilla Firefox allows remote attackers to bypass file type checks via ...)
- - iceweasel <unfixed> (medium)
- - iceape <unfixed> (medium)
- - firefox <removed> (medium)
- - mozilla <removed> (medium)
- - xulrunner <unfixed> (medium)
+ - iceweasel <unfixed> (low)
+ - iceape <unfixed> (low)
+ - firefox <removed> (low)
+ - mozilla <removed> (low)
+ - xulrunner <unfixed> (low)
CVE-2007-3284 (corefoundation.dll in Apple Safari 3.0.1 (552.12.2) for Windows allows ...)
NOT-FOR-US: Apple Safari
CVE-2007-3283 (GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root ...)
More information about the Secure-testing-commits
mailing list