[Secure-testing-commits] r6881 - data/CVE

[nion at alioth.debian.org]

Author: nion
Date: 2007-10-09 21:53:27 +0000 (Tue, 09 Oct 2007)
New Revision: 6881

Modified:
   data/CVE/list
Log:
NFUs
CVE-2007-5274, CVE-2007-5273 fixed in sun-java6/5 6-03-1/1.5.0-13-1


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-09 21:14:11 UTC (rev 6880)
+++ data/CVE/list	2007-10-09 21:53:27 UTC (rev 6881)
@@ -1,37 +1,42 @@
 CVE-2007-5288 (The TSC Domain Manager in Hitachi TPBroker Object Transaction Monitor ...)
-	TODO: check
+	NOT-FOR-US: Hitachi TPBroker
 CVE-2007-5287 (Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Cosminexus Agent
 CVE-2007-5286 (The Java Secure Socket Extension (JSSE) in the Hitachi Cosminexus ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Cosminexus
 CVE-2007-5285 (Multiple cross-site scripting (XSS) vulnerabilities in messages.jsp in ...)
-	TODO: check
+	NOT-FOR-US: Appfuse
 CVE-2007-5284 (Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 ...)
-	TODO: check
+	NOT-FOR-US: PowerArchiver
 CVE-2007-5283 (The TSC Domain Manager in Hitachi TPBroker Object Transaction Monitor ...)
-	TODO: check
+	NOT-FOR-US: Hitachi TPBroker
 CVE-2007-5282 (Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Cosminexus
 CVE-2007-5281 (The Java Secure Socket Extension (JSSE) in the Hitachi Cosminexus ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Cosminexus
 CVE-2007-5280 (Multiple cross-site scripting (XSS) vulnerabilities in messages.jsp in ...)
-	TODO: check
+	NOT-FOR-US: Appfuse
 CVE-2007-5279 (Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 ...)
-	TODO: check
+	NOT-FOR-US: PowerArchiver
 CVE-2007-5278 (Zomplog 3.8.1 and earlier stores potentially sensitive information ...)
-	TODO: check
+	NOT-FOR-US: Zomplog
 CVE-2007-5277 (Microsoft Internet Explorer 6 drops DNS pins based on failed ...)
-	TODO: check
+	NOT-FOR-US: Internet Explorer
 CVE-2007-5276 (Opera 9 drops DNS pins based on failed connections to irrelevant TCP ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2007-5275 (The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause ...)
 	TODO: check
+	NOTE: not really clear if the whole 9.x series is affected
 CVE-2007-5274 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and ...)
-	TODO: check
+	- sun-java6 6-03-1 (low)
+	- sun-java5 1.5.0-13-1 (low)
+	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2007-5273 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and ...)
-	TODO: check
+	- sun-java6 6-03-1 (low)
+	- sun-java5 1.5.0-13-1 (low)
+	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 CVE-2007-5272 (SQL injection vulnerability in kategori.asp in Furkan Tastan Blog ...)
-	TODO: check
+	NOT-FOR-US: Furkan Tastan Blog
 CVE-2007-5271 (Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS ...)
 	TODO: check
 CVE-2007-5270 (Unspecified vulnerability in the Boost module before 4.7.x-1.0, and ...)