[Secure-testing-commits] r7351 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sun Nov 18 17:01:41 UTC 2007
Author: nion
Date: 2007-11-18 17:01:41 +0000 (Sun, 18 Nov 2007)
New Revision: 7351
Modified:
data/CVE/list
Log:
CVE-2007-6000 is unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-18 13:51:14 UTC (rev 7350)
+++ data/CVE/list 2007-11-18 17:01:41 UTC (rev 7351)
@@ -21,11 +21,12 @@
CVE-2007-6001 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- bandersnatch <unfixed> (low; bug #435709)
CVE-2007-6000 (KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a ...)
- TODO: check
+ - kdebase <unfixed> (unimportant; bug #451794)
NOTE: not reproducible with 4:3.5.8.dfsg.1-1, poked maintainer
- NOTE: on etch it seems konqueror only treats the cookie value until some special length
+ NOTE: it seems konqueror only treats the cookie value until some special length
NOTE: as cookie, after this length it will open the rest as site content. This eats alot
- NOTE: ram and cpu but depending on how much ram the system has, konqueror does not crash.
+ NOTE: ram and cpu but depending on how much ram the system has, konqueror will die after
+ NOTE: no memory is left, not treated as security problem.
CVE-2007-5999 (SQL injection vulnerability in product_desc.php in Softbiz Auctions ...)
NOT-FOR-US: Softbiz
CVE-2007-5998 (SQL injection vulnerability in ads.php in Softbiz Ad Management plus ...)
More information about the Secure-testing-commits
mailing list