[Secure-testing-commits] r5931 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Sat May 26 10:22:54 UTC 2007
Author: fw
Date: 2007-05-26 10:22:53 +0000 (Sat, 26 May 2007)
New Revision: 5931
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-26 10:19:08 UTC (rev 5930)
+++ data/CVE/list 2007-05-26 10:22:53 UTC (rev 5931)
@@ -137,13 +137,13 @@
CVE-2007-2739 (Cross-site scripting (XSS) vulnerability in xajax before 0.2.5 allows ...)
- php-xajax <unfixed> (bug #426103; low)
CVE-2007-2738 (SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 ...)
- TODO: check
+ NOT-FOR-US: Glossaire for Xoops
CVE-2007-2737 (SQL injection vulnerability in index.php in the MyConference 1.0 ...)
- TODO: check
+ NOT-FOR-US: MyConference for Xoops
CVE-2007-2736 (PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 ...)
- TODO: check
+ NOT-FOR-US: Achievo
CVE-2007-2735 (SQL injection vulnerability in edit_day.php in the ResManager 1.2.1 ...)
- TODO: check
+ NOT-FOR-US: ResManager for Xoops
CVE-2007-2734 (The 3Com TippingPoint IPS do not properly handle certain full-width ...)
NOT-FOR-US: TippingPoint IPS
CVE-2007-2733 (Unrestricted file upload vulnerability in Jetbox CMS allows remote ...)
@@ -174,15 +174,15 @@
CVE-2007-2721 (The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer ...)
- jasper <unfixed> (medium; bug #413033)
CVE-2007-2720 (Group-Office before 2.16-13 does not properly validate user IDs, which ...)
- TODO: check
+ NOT-FOR-US: Group-Office
CVE-2007-2719 (Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 ...)
- TODO: check
+ NOT-FOR-US: HP Systems Insight Manager
CVE-2007-2718 (Cross-site scripting (XSS) vulnerability in the WebMail system in ...)
- TODO: check
+ NOT-FOR-US: Stalker CommuniGate Pro
CVE-2007-2717 (SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 ...)
- TODO: check
+ NOT-FOR-US: iGeneric (iG) Shop
CVE-2007-2716 (Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c ...)
- TODO: check
+ NOT-FOR-US: EQdkp
CVE-2003-1329 (ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only ...)
TODO: check
CVE-2007-2715 (Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to ...)
@@ -254,13 +254,13 @@
CVE-2007-2686
RESERVED
CVE-2007-2685 (Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 ...)
- TODO: check
+ NOT-FOR-US: Jetbox CMS
CVE-2007-2684 (Jetbox CMS 2.1 allows remote attackers to obtain sensitive information ...)
TODO: check
CVE-2007-2683 (Buffer overflow in Mutt 1.4.2 might allow local users to execute ...)
- mutt <unfixed> (low)
CVE-2007-2682 (The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in b2evolution ...)
TODO: check
CVE-2007-2680 (Cross-site scripting (XSS) vulnerability in the management interface ...)
@@ -1973,7 +1973,7 @@
CVE-2007-1899
RESERVED
CVE-2007-1898 (formmail.php in Jetbox CMS 2.1 allows remote attackers to send ...)
- TODO: check
+ NOT-FOR-US: Jetbox CMS
CVE-2007-1897 (SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, ...)
{DSA-1285-1}
- wordpress 2.1.3-1 (medium)
More information about the Secure-testing-commits
mailing list