[Secure-testing-commits] r6172 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Wed Jul 25 21:11:53 UTC 2007
Author: stef-guest
Date: 2007-07-25 21:11:52 +0000 (Wed, 25 Jul 2007)
New Revision: 6172
Modified:
data/CVE/list
Log:
fixed: java
unfixed: ice*
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-25 20:53:35 UTC (rev 6171)
+++ data/CVE/list 2007-07-25 21:11:52 UTC (rev 6172)
@@ -371,27 +371,30 @@
CVE-2007-3699
RESERVED
CVE-2007-3698 (The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 ...)
- TODO: check
+ - sun-java5 1.5.0-12-1
+ - sun-java6 6-02-1
+ [sarge] - sun-java5 <no-dsa> (non-free not supported)
+ [etch] - sun-java6 <no-dsa> (non-free not supported)
CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in ...)
- TODO: check
+ NOT-FOR-US: FlashBB
CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model ...)
- TODO: check
+ NOT-FOR-US: CA ERwin Data Model Validator
CVE-2007-3695 (Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly ...)
- TODO: check
+ NOT-FOR-US: CA ERwin
CVE-2007-3694
RESERVED
CVE-2007-3693 (Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built ...)
- TODO: check
+ NOT-FOR-US: gobi
CVE-2007-3692 (Directory traversal vulnerability in download.cgi in EZFactory KDDI ...)
- TODO: check
+ NOT-FOR-US: EZFactory KDDI Download CGI
CVE-2007-3691 (Multiple SQL injection vulnerabilities in changePW.php in AV Tutorial ...)
- TODO: check
+ NOT-FOR-US: AV Tutorial
CVE-2007-3690 (The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal ...)
- TODO: check
+ NOT-FOR-US: Forward module for Drupal
CVE-2007-3689 (The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal ...)
- TODO: check
+ NOT-FOR-US: Print module for Drupal
CVE-2007-3688 (Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear ...)
- TODO: check
+ NOT-FOR-US: DotClear
CVE-2007-3687 (SQL injection vulnerability in inferno.php in the Inferno Technologies ...)
TODO: check
CVE-2007-3686 (CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating ...)
@@ -1836,7 +1839,9 @@
- mozilla <removed> (low)
- xulrunner <unfixed> (low)
CVE-2007-3073 (Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and ...)
- TODO: check
+ - iceweasel <unfixed>
+ - iceape <unfixed>
+ - xulrunner <unfixed>
CVE-2007-3072 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on ...)
- iceweasel <not-affected> (Only affects Windows versions of Firefox)
CVE-2007-3071 (Buffer overflow in the GetWebStoreURL function in a certain ActiveX ...)
@@ -1948,21 +1953,21 @@
CVE-2007-3019
RESERVED
CVE-2007-3018 (activeWeb contentserver CMS before 5.6.2964 does not limit the ...)
- TODO: check
+ NOT-FOR-US: activeWeb contentserver CMS
CVE-2007-3017 (The WYSIWYG editor applet in activeWeb contentserver CMS before ...)
- TODO: check
+ NOT-FOR-US: activeWeb contentserver CMS
CVE-2007-3016
RESERVED
CVE-2007-3015
RESERVED
CVE-2007-3014 (Multiple cross-site scripting (XSS) vulnerabilities in activeWeb ...)
- TODO: check
+ NOT-FOR-US: activeWeb contentserver CMS
CVE-2007-3013 (SQL injection vulnerability in activeWeb contentserver before 5.6.2964 ...)
- TODO: check
+ NOT-FOR-US: activeWeb contentserver CMS
CVE-2007-3012 (The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch ...)
- TODO: check
+ NOT-FOR-US: Fujitsu-Siemens
CVE-2007-3011 (The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens ...)
- TODO: check
+ NOT-FOR-US: Fujitsu-Siemens
CVE-2007-3010
RESERVED
CVE-2007-3009 (Format string vulnerability in the MprLogToFile::logEvent function in ...)
More information about the Secure-testing-commits
mailing list