[Secure-testing-commits] r6613 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sat Sep 15 01:14:44 UTC 2007
Author: nion
Date: 2007-09-15 01:14:43 +0000 (Sat, 15 Sep 2007)
New Revision: 6613
Modified:
data/CVE/list
Log:
NFUs
CVE-2007-4889, CVE-2007-4887 php5 unfixed (unimportant)
CVE-2007-4883 mediawiki-extensions not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-15 00:07:37 UTC (rev 6612)
+++ data/CVE/list 2007-09-15 01:14:43 UTC (rev 6613)
@@ -1,25 +1,27 @@
CVE-2007-4891 (A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in ...)
- TODO: check
+ NOT-FOR-US: PDWizard
CVE-2007-4890 (Absolute directory traversal vulnerability in a certain ActiveX ...)
- TODO: check
+ NOT-FOR-US: Microsoft Visual Studio
CVE-2007-4889 (The MySQL extension in PHP 5.2.4 and earlier allows remote attackers ...)
- TODO: check
+ - php5 <unfixed> (unimportant)
+ NOTE: Only triggerable by malicious script
CVE-2007-4888 (The "You are not allowed..." error handler in XWiki 1.0 B1 and 1.0 B2 ...)
- TODO: check
+ NOT-FOR-US: Xwiki
CVE-2007-4887 (The dl function in PHP 5.2.4 and earlier allows context-dependent ...)
- TODO: check
+ - php5 <unfixed> (unimportant)
+ NOTE: Only triggerable by malicious script
CVE-2007-4886 (Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and ...)
- TODO: check
+ NOT-FOR-US: Aura CMS
CVE-2007-4885 (Avnex AV MP3 Player allows user-assisted remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Avnex AV MP3 Player
CVE-2007-4884 (Media Player Classic (MPC) allows user-assisted remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-2007-4883 (Cross-site scripting (XSS) vulnerability in the BotQuery extension in ...)
- TODO: check
+ - mediawiki-extensions <not-affected> (We don't ship this extension)
CVE-2007-4882 (Multiple cross-site scripting (XSS) vulnerabilities in TechExcel ...)
- TODO: check
+ NOT-FOR-US: TechExcel CustomerWise
CVE-2007-4881 (SQL injection vulnerability in profile/myprofile.php in psi-labs.com ...)
- TODO: check
+ NOT-FOR-US: Psilabs
CVE-2007-4880
RESERVED
CVE-2007-4879 (Mozilla Firefox 2.0.x can automatically install TLS client ...)
@@ -81,9 +83,9 @@
CVE-2007-4851
RESERVED
CVE-2006-7223 (PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the ...)
- TODO: check
+ NOT-FOR-US: Xwiki
CVE-2005-4862 (The search functionality in XWiki 0.9.793 indexes cleartext user ...)
- TODO: check
+ NOT-FOR-US: Xwiki
CVE-2007-4850
RESERVED
CVE-2007-4849 (JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly ...)
More information about the Secure-testing-commits
mailing list