[Secure-testing-commits] r5879 - data/CVE
keescook-guest at alioth.debian.org
keescook-guest at alioth.debian.org
Fri May 18 18:43:17 UTC 2007
Author: keescook-guest
Date: 2007-05-18 18:43:16 +0000 (Fri, 18 May 2007)
New Revision: 5879
Modified:
data/CVE/list
Log:
NFUs: 3, unfixed: mutt wordpress, fixed: moin squirrelmail
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-18 16:16:41 UTC (rev 5878)
+++ data/CVE/list 2007-05-18 18:43:16 UTC (rev 5879)
@@ -71,7 +71,7 @@
CVE-2007-2684
RESERVED
CVE-2007-2683 (Buffer overflow in Mutt 1.4.2 might allow local users to execute ...)
- TODO: check
+ - mutt <unfixed> (low)
CVE-2007-2682
RESERVED
CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in b2evolution ...)
@@ -79,7 +79,7 @@
CVE-2007-2680 (Cross-site scripting (XSS) vulnerability in the management interface ...)
NOT-FOR-US: Canon
CVE-2007-2679 (PHP file inclusion vulnerability in index.php in Ivan Peevski gallery ...)
- TODO: check
+ NOT-FOR-US: Simple PHP Scripts
CVE-2007-2678 (Buffer overflow in the isChecked function in toolbar.dll in Netsprint ...)
NOT-FOR-US: Netsprint
CVE-2007-2677 (Multiple PHP remote file inclusion vulnerabilities in phpChess ...)
@@ -163,7 +163,7 @@
CVE-2007-2638 (eFileCabinet 3.3 allows remote attackers to bypass authentication and ...)
NOT-FOR-US: eFileCabinet
CVE-2007-2637 (MoinMoin before 20070507 does not properly enforce ACLs for calendars ...)
- TODO: check
+ - moin 1.5.7-2 (low)
CVE-2007-2636 (Unspecified vulnerability in phpTodo before 0.8.1 allows remote ...)
NOT-FOR-US: phpTodo
CVE-2007-2635 (Unspecified vulnerability in Interchange before 5.4.2 allows remote ...)
@@ -183,7 +183,7 @@
CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php in ...)
NOT-FOR-US: PHPSecurityAdmin
CVE-2007-2627 (Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, ...)
- TODO: check
+ - wordpress <unfixed> (low)
CVE-2007-2626 (** DISPUTED ** ...)
NOT-FOR-US: SchoolBoard
CVE-2007-2625 (Cross-site scripting (XSS) vulnerability in ...)
@@ -203,7 +203,7 @@
CVE-2007-2618 (CRLF injection vulnerability in index.php in Drake CMS 0.4.0 allows ...)
NOT-FOR-US: Drake CMS
CVE-2007-2617 (srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2007-2616 (Stack-based buffer overflow in the SSL version of the NMDMC.EXE ...)
NOT-FOR-US: Novell NetMail
CVE-2007-2615 (Multiple PHP remote file inclusion vulnerabilities in Crie seu ...)
@@ -219,7 +219,7 @@
CVE-2007-2610 (Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and ...)
NOT-FOR-US: OpenLD
CVE-2007-2609 (Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 ...)
- TODO: check
+ NOT-FOR-US: gnuedu
CVE-2007-2608 (PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: Miplex2
CVE-2007-2607 (PHP remote file inclusion vulnerability in views/print/printbar.php in ...)
@@ -259,7 +259,7 @@
CVE-2007-2590 (Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, ...)
NOT-FOR-US: Nokia
CVE-2007-2589 (Cross-site request forgery (CSRF) vulnerability in compose.php in ...)
- TODO: check
+ - squirrelmail 2:1.4.10a-1 (low)
CVE-2003-1327 (Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and ...)
TODO: check
CVE-2006-XXXX [PHP SOAP Extension HTTP Authentication Weak Nonce]
More information about the Secure-testing-commits
mailing list