[Secure-testing-commits] r6974 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Mon Oct 15 22:45:24 UTC 2007


Author: nion
Date: 2007-10-15 22:45:24 +0000 (Mon, 15 Oct 2007)
New Revision: 6974

Modified:
   data/CVE/list
Log:
NFUs
new issue: CVE-2007-5448 madwifi-source
CVE-2007-5438 vmware-package not-affected


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-15 21:14:08 UTC (rev 6973)
+++ data/CVE/list	2007-10-15 22:45:24 UTC (rev 6974)
@@ -1,65 +1,66 @@
 CVE-2007-5459 (Cross-site scripting (XSS) vulnerability in the sidebar HTML page in ...)
-	TODO: check
+	NOT-FOR-US: MouseoverDictionary
 CVE-2007-5458 (SQL injection vulnerability in index.php in the newsletter module 1.0 ...)
-	TODO: check
+	NOT-FOR-US: KwsPHP
 CVE-2007-5457 (Multiple PHP remote file inclusion vulnerabilities in Michael Dempfle ...)
-	TODO: check
+	NOT-FOR-US: Joomla! extension
 CVE-2007-5456 (Microsoft Internet Explorer 7 and earlier allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Internet Explorer
 CVE-2007-5455 (Cross-site scripting (XSS) vulnerability in cgi-bin/wxis.exe in ...)
-	TODO: check
+	NOT-FOR-US: WWWISIS
 CVE-2007-5454 (Directory traversal vulnerability in index.php in PHP File Sharing ...)
-	TODO: check
+	NOT-FOR-US: PHP File Sharing
 CVE-2007-5453 (Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow ...)
-	TODO: check
+	NOT-FOR-US: Php-Stats
 CVE-2007-5452 (Multiple SQL injection vulnerabilities in php-stats.recjs.php in ...)
-	TODO: check
+	NOT-FOR-US: Php-Stats
 CVE-2007-5451 (PHP remote file inclusion vulnerability in admin.color.php in the ...)
-	TODO: check
+	NOT-FOR-US: Joomla! extension
 CVE-2007-5450 (Unspecified vulnerability in Safari on the Apple iPod touch (aka ...)
-	TODO: check
+	NOT-FOR-US: Apple firmware
 CVE-2007-5449 (SQL injection vulnerability in searchresult.php in Softbiz Recipes ...)
-	TODO: check
+	NOT-FOR-US: Softbiz Recipes Portal Script
 CVE-2007-5448 (Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial ...)
-	TODO: check
+	- madwifi-source <unfixed> (medium; bug #446824)
+	NOTE: this results in a kernel panic
 CVE-2007-5447 (ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP ...)
-	TODO: check
+	NOT-FOR-US: ionCube
 CVE-2007-5446 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
-	TODO: check
+	NOT-FOR-US: PBEmail
 CVE-2007-5445 (Buffer overflow in the DB Software Laboratory VImpX (VImpAX1) ActiveX ...)
-	TODO: check
+	NOT-FOR-US: VImpX
 CVE-2007-5444 (CMS Made Simple 1.1.3.1 allows remote attackers to obtain the full ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simpe
 CVE-2007-5443 (Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simpe
 CVE-2007-5442 (CMS Made Simple 1.1.3.1 does not check the permissions assigned to ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simpe
 CVE-2007-5441 (CMS Made Simple 1.1.3.1 does not check the permissions assigned to ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simpe
 CVE-2007-5440 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: Crs Manager
 CVE-2007-5439 (CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 ...)
-	TODO: check
+	NOT-FOR-US: eTrust ITM
 CVE-2007-5438 (Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL ...)
-	TODO: check
+	- vmware-package <not-affected> (Windows only)
 CVE-2007-5437 (The web console in CA (formerly Computer Associates) eTrust ITM ...)
-	TODO: check
+	NOT-FOR-US: eTrust ITM
 CVE-2007-5436 (Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL ...)
-	TODO: check
+	NOT-FOR-US: G DATA Antivirus
 CVE-2007-5435 (Unspecified vulnerability in CA ERwin Process Modeler (formerly ...)
-	TODO: check
+	NOT-FOR-US: CA ERwin Process Modeler
 CVE-2007-5434 (Cross-site scripting (XSS) vulnerability in PRO-search 0.17.1 and ...)
-	TODO: check
+	NOT-FOR-US: PRO-search
 CVE-2007-5433 (Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in ...)
-	TODO: check
+	NOT-FOR-US: Site-Up
 CVE-2007-5432 (Stride 1.0 has a default administrator username of &quot;scott&quot; with the ...)
-	TODO: check
+	NOT-FOR-US: Stride
 CVE-2007-5431 (include/imageupload.js in the MyFTPUploader module in Stride 1.0 ...)
-	TODO: check
+	NOT-FOR-US: Stride module
 CVE-2007-5430 (Multiple SQL injection vulnerabilities in Stride 1.0 allow remote ...)
-	TODO: check
+	NOT-FOR-US: Stride
 CVE-2007-5429 (Cross-site scripting (XSS) vulnerability in index.php in Nucleus 3.01 ...)
-	TODO: check
+	NOT-FOR-US: Nucleus
 CVE-2007-5428 (Cross-site scripting (XSS) vulnerability in UMI CMS allows remote ...)
 	TODO: check
 CVE-2007-5427 (Cross-site scripting (XSS) vulnerability in the com_search component ...)




More information about the Secure-testing-commits mailing list