[Secure-testing-commits] r5509 - data/CVE

Micah Anderson micah at alioth.debian.org
Sun Mar 4 22:48:10 CET 2007 

Author: micah
Date: 2007-03-04 21:48:07 +0000 (Sun, 04 Mar 2007)
New Revision: 5509

Modified:
   data/CVE/list
Log:
mediawiki fix and NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-03-04 20:14:16 UTC (rev 5508)
+++ data/CVE/list	2007-03-04 21:48:07 UTC (rev 5509)
@@ -219,9 +219,9 @@
 CVE-2007-1056 (VMware Workstation 5.5.3 build 34685 does not provide per-user ...)
 	NOT-FOR-US: VMware
 CVE-2007-1055 (Cross-site scripting (XSS) vulnerability in the AJAX features in ...)
-	TODO: check
+	- mediawiki 1.7.1-9 (bug #406238; medium)
 CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features in ...)
-	TODO: check
+	- mediawiki 1.7.1-9 (bug #406238; medium)
 CVE-2007-1053 (** DISPUTED ** ...)
 	NOT-FOR-US: phpXmms
 CVE-2007-1052 (** DISPUTED ** ...)
@@ -295,7 +295,7 @@
 CVE-2006-7074 (admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass ...)
 	NOT-FOR-US: SmartSiteCMS
 CVE-2006-7073 (Cross-site scripting (XSS) vulnerability in Opentools Attachment Mod ...)
-	TODO: check
+	NOT-FOR-US: Opentools Attachment Mod
 CVE-2006-7072 (Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise ...)
 	NOT-FOR-US: GeoClassifieds Enterprise
 CVE-2006-7071 (SQL injection vulnerability in classes/class_session.php in Invision ...)
@@ -399,7 +399,7 @@
 CVE-2004-2678 (Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and ...)
 	NOT-FOR-US: HP Tru64 UNIX
 CVE-2004-2677 (Format string vulnerability in qwik-smtpd.c in QwikMail SMTP ...)
-	TODO: check
+	NOT-FOR-US: QwikMail SMTP
 CVE-2003-1320 (SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a ...)
 	NOT-FOR-US: SonicWALL
 CVE-2002-2225 (SafeNet VPN client allows remote attackers to cause a denial of ...)
@@ -4075,7 +4075,7 @@
 CVE-2006-6491
 	REJECTED
 CVE-2006-6490 (Multiple buffer overflows in the SupportSoft (1) SmartIssue ...)
-	TODO: check
+	NOT-FOR-US: SupportSoft ActiveX
 CVE-2006-6489 (The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for ...)
 	NOT-FOR-US: SISCO OSI stack
 CVE-2006-6488 (Stack-based buffer overflow in the DoModal function in the Dialog Wrapper ...)

More information about the Secure-testing-commits mailing list