[Secure-testing-commits] r7075 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Tue Oct 23 15:01:21 UTC 2007


Author: nion
Date: 2007-10-23 15:01:20 +0000 (Tue, 23 Oct 2007)
New Revision: 7075

Modified:
   data/CVE/list
Log:
NFUs
new issue: CVE-2007-5598 drupal (low)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-23 14:38:30 UTC (rev 7074)
+++ data/CVE/list	2007-10-23 15:01:20 UTC (rev 7075)
@@ -42,13 +42,15 @@
 CVE-2007-5602
 	RESERVED
 CVE-2007-5601 (Stack-based buffer overflow in the Database Component in MPAMedia.dll ...)
-	TODO: check
+	NOT-FOR-US: RealPlayer (windows only issue)
 CVE-2007-5600 (Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 ...)
-	TODO: check
+	NOT-FOR-US: Artmedic CMS
 CVE-2007-5599 (Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow ...)
-	TODO: check
+	NOT-FOR-US: awrate
 CVE-2007-5598 (Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x ...)
-	TODO: check
+	- drupal5 <unfixed> (low; bug #447748)
+	- drupal4.7 <unfixed> (low; bug #447746)
+
 CVE-2007-5597 (The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 ...)
 	- drupal5 5.3-1
 	- drupal 4.7.8-1




More information about the Secure-testing-commits mailing list