[Secure-testing-commits] r6608 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Fri Sep 14 12:03:42 UTC 2007
Author: nion
Date: 2007-09-14 12:03:41 +0000 (Fri, 14 Sep 2007)
New Revision: 6608
Modified:
data/CVE/list
Log:
CVE-2007-4849,CVE-2007-4840,CVE-2007-4828 maintainer informed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-13 22:01:40 UTC (rev 6607)
+++ data/CVE/list 2007-09-14 12:03:41 UTC (rev 6608)
@@ -1,7 +1,8 @@
CVE-2007-4850
RESERVED
CVE-2007-4849 (JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 <unfixed> (bug #442245; low)
+ TODO: check 2.4 kernel
CVE-2007-4848 (Microsoft Internet Explorer 4.0 through 7 allows remote attackers to ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-4847 (Google Picasa allows remote attackers to read image files stored by ...)
@@ -20,8 +21,8 @@
TODO: check
NOTE: this vulnerability is unspecified
CVE-2007-4840 (PHP 5.2.4 and earlier allows context-dependent attackers to cause a ...)
- - php5 <unfixed> (low)
- - php4 <unfixed> (low)
+ - php5 <unfixed> (low; bug #442247)
+ - php4 <unfixed> (low; bug #442250)
NOTE: can be reproduced on etch, lenny and sid
NOTE: this might not be a vulnerability in most web server environments
NOTE: that support multiple threads, unless these issues can be demonstrated for
@@ -49,7 +50,7 @@
CVE-2007-4829
RESERVED
CVE-2007-4828 (Cross-site scripting (XSS) vulnerability in the API pretty-printing ...)
- - mediawiki <unfixed> (low)
+ - mediawiki <unfixed> (low; bug #442255)
[etch] - mediawiki <not-affected> (Does not include the vulnerable code)
CVE-2007-4827
RESERVED
More information about the Secure-testing-commits
mailing list