[Secure-testing-commits] r7260 - data/CVE
thijs at alioth.debian.org
thijs at alioth.debian.org
Fri Nov 9 22:04:14 UTC 2007
Author: thijs
Date: 2007-11-09 22:04:13 +0000 (Fri, 09 Nov 2007)
New Revision: 7260
Modified:
data/CVE/list
Log:
iceweasel: crashes not security problems
phpbb2: too old
some other too old NFU's
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-09 21:14:09 UTC (rev 7259)
+++ data/CVE/list 2007-11-09 22:04:13 UTC (rev 7260)
@@ -5,9 +5,10 @@
CVE-2007-5898
RESERVED
CVE-2007-5897 (Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2007-5896 (Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of ...)
- TODO: check
+ - iceweasel <unfixed> (unimportant)
+ NOTE: Browser crashes not treated as security problems
CVE-2007-5895
RESERVED
CVE-2007-5894
@@ -15,29 +16,29 @@
CVE-2006-7224 (Multiple integer overflows in Perl-Compatible Regular Expression ...)
TODO: check
CVE-2004-2748 (viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition ...)
- TODO: check
+ NOT-FOR-US: WebTrends Reporting Center
CVE-2004-2747 (Directory traversal vulnerability in Pablo Software Solutions Quick 'n ...)
- TODO: check
+ NOT-FOR-US: Quick 'n Easy FTP Server (Windows only)
CVE-2004-2746 (SQL injection vulnerability in adminlogin.asp in XTREME ASP Photo ...)
- TODO: check
+ NOT-FOR-US: XTREME ASP Photo Gallery
CVE-2003-1536 (Multiple cross-site scripting (XSS) vulnerabilities in Codeworx ...)
- TODO: check
+ NOT-FOR-US: Codeworx Technologies DCP-Portal
CVE-2003-1535 (Justice Guestbook 1.3 allows remote attackers to obtain the full ...)
- TODO: check
+ NOT-FOR-US: Justice Guestbook
CVE-2003-1534 (Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice ...)
- TODO: check
+ NOT-FOR-US: Justice Guestbook
CVE-2003-1533 (SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows ...)
- TODO: check
+ NOT-FOR-US: PhpPass
CVE-2003-1532 (SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows ...)
- TODO: check
+ NOT-FOR-US: PhpMyShop
CVE-2003-1531 (Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi ...)
- TODO: check
+ NOT-FOR-US: Lilikoi Software Ceilidh
CVE-2003-1530 (SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier ...)
- TODO: check
+ - phpbb2 <not-affected> (Vulnerable versions too old to have been in Debian)
CVE-2003-1529 (Directory traversal vulnerability in Seagull Software Systems J Walk ...)
- TODO: check
+ NOT-FOR-US: Seagull Software Systems J Walk
CVE-2003-1528 (nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to ...)
- TODO: check
+ NOT-FOR-US: Fujitsu Siemens NetWorker
CVE-2007-5893 (HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote ...)
NOT-FOR-US: Sockets Library
CVE-2007-5892 (Stack-based buffer overflow in the pdg2.dll ActiveX control in ...)
More information about the Secure-testing-commits
mailing list