[Secure-testing-commits] r6166 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Tue Jul 24 21:14:08 UTC 2007


Author: joeyh
Date: 2007-07-24 21:14:07 +0000 (Tue, 24 Jul 2007)
New Revision: 6166

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-07-24 20:50:12 UTC (rev 6165)
+++ data/CVE/list	2007-07-24 21:14:07 UTC (rev 6166)
@@ -266,24 +266,29 @@
 CVE-2007-3739
 	RESERVED
 CVE-2007-3738 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 ...)
+	{DSA-1338-1 DSA-1337-1}
 	- iceape 1.1.3-1 (medium)
 	- xulrunner 1.8.1.5-1 (medium)
 	- iceweasel 2.0.0.5-1 (medium)
 CVE-2007-3737 (Mozilla Firefox before 2.0.0.5 allows remote attackers to execute ...)
+	{DSA-1338-1 DSA-1337-1}
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 	- iceweasel 2.0.0.5-1 (high)
 CVE-2007-3736 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
+	{DSA-1338-1 DSA-1337-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 CVE-2007-3735 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
+	{DSA-1338-1 DSA-1337-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- icedove <unfixed> (low)
 	NOTE: Affects only broken setups, enabling js in Icedove is strongly not recommended
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
 CVE-2007-3734 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-1338-1 DSA-1337-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- icedove <unfixed> (high)
 	- iceape 1.1.3-1 (high)
@@ -305,6 +310,7 @@
 CVE-2007-3726 (Integer signedness error in the SET_VALUE function in rarvm.cpp in ...)
 	TODO: check
 CVE-2007-3725 (The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows ...)
+	{DTSA-43-1}
 	- clamav 0.91-1
 CVE-2007-3724 (The process scheduler in the Microsoft Windows XP kernel does not make ...)
 	TODO: check
@@ -446,6 +452,7 @@
 CVE-2007-3657 (** DISPUTED ** ...)
 	TODO: check
 CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not ...)
+	{DSA-1338-1 DSA-1337-1}
 	- iceweasel 2.0.0.5-1 (high)
 	- iceape 1.1.3-1 (high)
 	- xulrunner 1.8.1.5-1 (high)
@@ -1698,10 +1705,10 @@
 CVE-2007-3124 (Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in ...)
 	NOT-FOR-US: FreeVMS
 CVE-2007-3123 (unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)
-	{DSA-1320-1}
+	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
 CVE-2007-3122 (The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)
-	{DSA-1320-1}
+	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
 CVE-2007-3121 (Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the ...)
 	- zvbi 0.2.25-1 (bug #429221; unimportant)
@@ -1786,6 +1793,7 @@
 	- mozilla <removed> (medium)
 	- xulrunner <unfixed> (medium)
 CVE-2007-3089 (Mozilla Firefox before 2.0.0.5 does not prevent use of document.write ...)
+	{DSA-1338-1 DSA-1337-1}
 	- iceweasel 2.0.0.5-1 (low)
 	- iceape 1.1.3-1 (low)
 	- xulrunner 1.8.1.5-1 (low)
@@ -1922,10 +1930,10 @@
 CVE-2007-3025 (Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before ...)
 	- clamav <not-affected> (Solaris-specific bug)
 CVE-2007-3024 (libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)
-	{DSA-1320-1}
+	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
 CVE-2007-3023 (unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not ...)
-	{DSA-1320-1}
+	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.3-1
 CVE-2007-3022 (Symantec Reporting Server 1.0.197.0, and other versions before ...)
 	NOT-FOR-US: Symantec
@@ -2801,7 +2809,7 @@
 CVE-2007-2651 (Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow ...)
 	NOT-FOR-US: VooDoo cIRCle
 CVE-2007-2650 (The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to ...)
-	{DSA-1320-1}
+	{DSA-1320-1 DTSA-43-1}
 	- clamav 0.90.2-1
 CVE-2007-2649 (Deutsche Telekom (T-com) Speedport W 700v uses JavaScript delays for ...)
 	NOT-FOR-US: Speedport W 700v
@@ -6058,6 +6066,7 @@
 CVE-2007-1283
 	RESERVED
 CVE-2007-1282 (Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey ...)
+	{DSA-1336-1}
 	- icedove 1.5.0.10.dfsg1-1 (medium)
 CVE-2007-1281 (Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux ...)
 	NOT-FOR-US: Kaspersky AntiVirus Engine
@@ -6953,10 +6962,12 @@
 CVE-2007-0997
 	RESERVED
 CVE-2007-0996 (The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before ...)
+	{DSA-1336-1}
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- xulrunner 1.8.0.10-1 (low)
 CVE-2007-0995 (Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey ...)
+	{DSA-1336-1}
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape 1.0.8-1 (low)
@@ -6965,6 +6976,7 @@
 	[sarge] - mozilla-firefox <unfixed> (low)
 	[sarge] - mozilla <unfixed> (low)
 CVE-2007-0994 (A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x ...)
+	{DSA-1336-1}
 	- iceweasel 2.0.0.2+dfsg-2 (medium)
 CVE-2007-0993
 	REJECTED
@@ -6995,6 +7007,7 @@
 CVE-2007-0982 (Cross-site scripting (XSS) vulnerability in error.php in TaskFreak! ...)
 	NOT-FOR-US: TaskFreak!
 CVE-2007-0981 (Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x ...)
+	{DSA-1336-1}
 	NOTE: MFSA-2007-07
 	- iceweasel 2.0.0.1+dfsg-3 (bug #411192; high)
 	- xulrunner 1.8.0.10-1 (high)
@@ -7572,6 +7585,7 @@
 	[sarge] - mozilla-firefox <not-affected> (introduced in firefox 1.5)
 	[sarge] - mozilla <not-affected> (introduced in firefox 1.5)
 CVE-2007-0778 (The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x ...)
+	{DSA-1336-1}
 	NOTE: MFSA-2007-03
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape 1.0.8-1 (low)
@@ -7597,6 +7611,7 @@
 	[sarge] - mozilla-thunderbird <not-affected> (Only affected Firefox 2.0 et al)
 	[sarge] - mozilla <not-affected> (Only affected Firefox 2.0 et al)
 CVE-2007-0775 (Multiple unspecified vulnerabilities in the layout engine in Mozilla ...)
+	{DSA-1336-1}
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
 	- iceape 1.0.8-1 (high)
@@ -9530,6 +9545,7 @@
 CVE-2007-0046 (Double free vulnerability in the Adobe Acrobat Reader Plugin before ...)
 	NOT-FOR-US: Adobe Acrobat Reader Plugin
 CVE-2007-0045 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat ...)
+	{DSA-1336-1}
 	NOT-FOR-US: Adobe Acrobat Reader Plugin
 	NOTE: a fix for this is also in iceweasle 2.0.0.2+dfsg-1 (MFSA-2007-02)
 	NOTE: and icape 1.0.8-1
@@ -10053,6 +10069,7 @@
 	{DSA-1256-1}
 	- gtk+2.0 2.8.20-5
 CVE-2007-0009 (Stack-based buffer overflow in the SSLv2 support in Mozilla Network ...)
+	{DSA-1336-1}
 	NOTE: MFSA-2007-06
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape 1.0.8-1 (low)
@@ -10062,6 +10079,7 @@
 	[sarge] - mozilla <unfixed> (high)
 	- firefox <removed> (high)
 CVE-2007-0008 (Integer underflow in the SSLv2 support in Mozilla Network Security ...)
+	{DSA-1336-1}
 	NOTE: MFSA-2007-06
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape 1.0.8-1 (low)
@@ -11428,6 +11446,7 @@
 CVE-2006-6078 (PHP remote file inclusion vulnerability in common.inc.php in a-ConMan ...)
 	NOT-FOR-US: a-ConMan
 CVE-2006-6077 (The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and ...)
+	{DSA-1336-1}
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (high; bug #409220)
 	- iceape 1.0.8-1 (high)




More information about the Secure-testing-commits mailing list