[Secure-testing-commits] r7425 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Wed Nov 28 12:19:50 UTC 2007
Author: white
Date: 2007-11-28 12:19:50 +0000 (Wed, 28 Nov 2007)
New Revision: 7425
Modified:
data/CVE/list
Log:
NFUs; report all the php5 issues to the BTS
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-28 12:12:43 UTC (rev 7424)
+++ data/CVE/list 2007-11-28 12:19:50 UTC (rev 7425)
@@ -123,7 +123,7 @@
CVE-2007-6061 (Audacity 1.3.2 creates a temporary directory with a predictable name ...)
- audacity <unfixed> (bug #453283)
CVE-2007-6060 (AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a ...)
- NOT-FOR-US: AhnLab Antivirus
+ NOT-FOR-US: AhnLab Antivirus 3 Internet Security 2008 Platinum
CVE-2007-6059 (Javamail does not properly handle a series of invalid login attempts ...)
NOT-FOR-US: Javamail
CVE-2007-6058 (Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 ...)
@@ -135,7 +135,7 @@
CVE-2007-6055 (Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay ...)
NOT-FOR-US: Liferay Portal
CVE-2007-6054 (Cross-site scripting (XSS) vulnerability in the login page in the ...)
- TODO: check
+ NOT-FOR-US: Aruba 800 Mobility Controller
CVE-2007-6053 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large ...)
NOT-FOR-US: IBM DB2
CVE-2007-6052 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector ...)
@@ -159,13 +159,13 @@
CVE-2007-6043 (The CryptGenRandom function in Microsoft Windows 2000 generates ...)
NOT-FOR-US: Windows
CVE-2007-6042 (PHP remote file inclusion vulnerability in fehler.inc.php in SWSoft ...)
- TODO: check
+ NOT-FOR-US: SWSoft Confixx Professional
CVE-2007-6041 (Buffer overflow in the Sequencer::queueMessage function in ...)
- TODO: check
+ NOT-FOR-US: Rigs of Rods (RoR)
CVE-2007-6040 (The Belkin F5D7230-4 Wireless G Router allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Belkin F5D7230-4 Wireless G Router
CVE-2007-6039 (PHP 5.2.5 and earlier allows context-dependent attackers to cause a ...)
- TODO: check
+ - php5 <unfixed> (bug #453295)
CVE-2007-6077 (The session fixation protection mechanism in cgi_process.rb in Rails ...)
- rails <unfixed> (low; bug #452748)
CVE-2007-6111 (Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) ...)
@@ -549,11 +549,11 @@
CVE-2007-5901
RESERVED
CVE-2007-5900 (PHP before 5.2.5 allows local users to bypass protection mechanisms ...)
- TODO: check
+ - php5 <unfixed> (bug #453295)
CVE-2007-5899 (The output_add_rewrite_var function in PHP before 5.2.5 rewrites local ...)
- TODO: check
+ - php5 <unfixed> (bug #453295)
CVE-2007-5898 (The (1) htmlentities and (2) htmlspecialchars functions in PHP before ...)
- TODO: check
+ - php5 <unfixed> (bug #453295)
CVE-2007-5897 (Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, ...)
NOT-FOR-US: Oracle
CVE-2007-5896 (Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of ...)
More information about the Secure-testing-commits
mailing list