[Secure-testing-commits] r7040 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sat Oct 20 14:08:20 UTC 2007
Author: nion
Date: 2007-10-20 14:08:20 +0000 (Sat, 20 Oct 2007)
New Revision: 7040
Modified:
data/CVE/list
Log:
checked jspwiki vulnerabilities
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-10-20 13:11:18 UTC (rev 7039)
+++ data/CVE/list 2007-10-20 14:08:20 UTC (rev 7040)
@@ -1404,17 +1404,14 @@
CVE-2007-5122 (SQL injection vulnerability in store_info.php in SoftBiz Classifieds ...)
NOT-FOR-US: SoftBiz Classifieds PLUS
CVE-2007-5121 (Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta ...)
- - jspwiki <unfixed> (medium; bug #445477)
+ - jspwiki <not-affected> (The version we ship does not process a redirect parameter in Login.jsp and other source files)
[sarge] - jspwiki <no-dsa> (Contrib not supported)
- TODO: check, if affected at all
CVE-2007-5120 (Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 ...)
- jspwiki <unfixed> (medium; bug #445477)
[sarge] - jspwiki <no-dsa> (Contrib not supported)
- TODO: check, if affected at all
CVE-2007-5119 (JSPWiki 2.4.103 and 2.5.139-beta allows remote attackers to obtain ...)
- jspwiki <unfixed> (medium; bug #445477)
[sarge] - jspwiki <no-dsa> (Contrib not supported)
- TODO: check, if affected at all
CVE-2007-5118 (Unspecified vulnerability in the HID (Human Interface Device) class ...)
NOT-FOR-US: Solaris
CVE-2007-5117 (Multiple PHP remote file inclusion vulnerabilities in FrontAccounting ...)
More information about the Secure-testing-commits
mailing list