[Secure-testing-commits] r6628 - data/CVE

Mon Sep 17 22:08:29 UTC 2007

Author: nion
Date: 2007-09-17 22:08:29 +0000 (Mon, 17 Sep 2007)
New Revision: 6628

Modified:
   data/CVE/list
Log:
NFUs
CVE-2007-4897 ekiga fixed in 2.0.9-1 (low)
CVE-2007-4894, CVE-2007-4893 fixed in wordpress 2.2.3 (medium,low)


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2007-09-17 21:14:07 UTC (rev 6627)
+++ data/CVE/list	2007-09-17 22:08:29 UTC (rev 6628)
@@ -1,23 +1,23 @@
 CVE-2007-4901 (Unspecified vulnerability in AOL Instant Messenger (AIM) 6.1.41.2 ...)
-	TODO: check
+	NOT-FOR-US: AOL Instant Messenger
 CVE-2007-4900 (Cross-site scripting (XSS) vulnerability in the logon page in RSA ...)
-	TODO: check
+	NOT-FOR-US: RSA EnVision
 CVE-2007-4899 (Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum ...)
-	TODO: check
+	NOT-FOR-US: Boinc Forum
 CVE-2007-4898 (Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1 ...)
-	TODO: check
+	NOT-FOR-US: Xwiki
 CVE-2007-4897 (The SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting) ...)
-	TODO: check
+	- ekiga 2.0.9-1 (low)
 CVE-2007-4896 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: Toms Gaestebuch
 CVE-2007-4895 (Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 ...)
-	TODO: check
+	NOT-FOR-US: Sisfo Kampus
 CVE-2007-4894 (Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and ...)
-	TODO: check
+	- wordpress 2.2.3-1 (medium)
 CVE-2007-4893 (wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress ...)
-	TODO: check
+	- wordpress 2.2.3-1 (low)
 CVE-2007-4892 (Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, ...)
-	TODO: check
+	NOT-FOR-US: Plesk (Windows)
 CVE-2007-XXXX [duplicity exposes FTP password in command line args]
 	- duplicity <unfixed> (bug #442840)
 CVE-2007-XXXX [libgd2: gdImageColorTransparent can write outside buffer]


