[Secure-testing-commits] r5860 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Thu May 17 10:32:16 UTC 2007
Author: stef-guest
Date: 2007-05-17 10:32:14 +0000 (Thu, 17 May 2007)
New Revision: 5860
Modified:
data/CVE/list
Log:
CVE-2007-2645 new libexif issue
CVE-2007-269[1-3] new mysql issues
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-17 09:43:04 UTC (rev 5859)
+++ data/CVE/list 2007-05-17 10:32:14 UTC (rev 5860)
@@ -27,27 +27,33 @@
CVE-2007-2702 (Cross-site scripting (XSS) vulnerability in the GroupSpace application ...)
TODO: check
CVE-2007-2701 (The JMS Message Bridge in BEA WebLogic Server 7.0 through SP7 and 8.1 ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2700 (The WLST script generated by the configToScript command in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2699 (The Administration Console in BEA WebLogic Express and WebLogic Server ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2698 (The Administration Console in BEA WebLogic Server 9.0 may show ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2697 (The embedded LDAP server in BEA WebLogic Express and WebLogic Server ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2696 (The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0 through ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2695 (The HttpClusterServlet and HttpProxyServlet in BEA WebLogic Express ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2694 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2693 (MySQL before 5.1.18 allows remote authenticated users without SELECT ...)
- TODO: check
+ - mysql-dfsg-5.0 <unfixed> (bug #424778)
+ [sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830)
+ [sarge] - mysql-dfsg <unfixed>
CVE-2007-2692 (The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x ...)
- TODO: check
+ - mysql-dfsg-5.0 5.0.41-1 (bug #424778)
+ [sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830)
+ [sarge] - mysql-dfsg <unfixed>
CVE-2007-2691 (MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does ...)
- TODO: check
+ - mysql-dfsg-5.0 <unfixed> (bug #424778)
+ [sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830)
+ [sarge] - mysql-dfsg <unfixed>
CVE-2007-2690 (Multiple IBM ISS Proventia Series products, including the A, G, and M ...)
TODO: check
CVE-2007-2689 (Check Point Web Intelligence does not properly handle certain ...)
@@ -139,7 +145,7 @@
CVE-2007-2646 (Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted ...)
TODO: check
CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in ...)
- TODO: check
+ - libexif <unfixed> (bug #424775)
CVE-2007-2644 (A certain ActiveX control in Morovia Barcode ActiveX Professional ...)
TODO: check
CVE-2007-2643 (Directory traversal vulnerability in phpThumb.php in PinkCrow Designs ...)
More information about the Secure-testing-commits
mailing list