[Secure-testing-commits] r5964 - data/CVE

fw at alioth.debian.org fw at alioth.debian.org
Sat Jun 2 07:41:10 UTC 2007 

Author: fw
Date: 2007-06-02 07:41:09 +0000 (Sat, 02 Jun 2007)
New Revision: 5964

Modified:
   data/CVE/list
Log:
CVE-2007-2865: phppgadmin
CVE-2007-2844: php5 fixed
CVE-2007-2829, CVE-2007-2830, CVE-2007-2831: madwifi-source
CVE-2007-2821: wordpress fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-06-02 07:04:50 UTC (rev 5963)
+++ data/CVE/list	2007-06-02 07:41:09 UTC (rev 5964)
@@ -218,7 +218,7 @@
 CVE-2007-2866 (Multiple SQL injection vulnerabilities in ...)
 	TODO: check
 CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin ...)
-	TODO: check
+	- phppgadmin <unfixed> (low; bug #427151)
 CVE-2007-2864
 	RESERVED
 CVE-2007-2863
@@ -260,9 +260,11 @@
 CVE-2007-2845 (Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus ...)
 	TODO: check
 CVE-2007-2844 (PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, ...)
-	TODO: check
+	- php5 5.2.2-1 (low)
+	- php4 <unfixed> (low)
 CVE-2007-2843 (Cross-domain vulnerability in Apple Safari 2.0.4 allows remote ...)
 	TODO: check
+	NOTE: Does not seem to work with Konqueror.
 CVE-2007-2842
 	RESERVED
 CVE-2007-2841
@@ -286,11 +288,11 @@
 CVE-2007-2832 (Cross-site scripting (XSS) vulnerability in the web application ...)
 	TODO: check
 CVE-2007-2831 (Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ...)
-	TODO: check
+	- madwifi-source <unfixed> (high)
 CVE-2007-2830 (The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 ...)
-	TODO: check
+	- madwifi-source <unfixed> (medium)
 CVE-2007-2829 (The 802.11 network stack in net80211/ieee80211_input.c in MadWifi ...)
-	TODO: check
+	- madwifi-source <unfixed> (medium)
 CVE-2007-2828 (Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php ...)
 	TODO: check
 CVE-2007-2827 (Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX ...)
@@ -306,7 +308,7 @@
 CVE-2007-2822 (TutorialCMS 1.01 and earlier, when register_globals is enabled, allows ...)
 	TODO: check
 CVE-2007-2821 (SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress ...)
-	TODO: check
+	- wordpress 2.2-1 (high)
 CVE-2007-2820 (Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX ...)
 	TODO: check
 CVE-2007-2819 (Cross-site scripting (XSS) vulnerability in reportItem.do in Track+ ...)

More information about the Secure-testing-commits mailing list