[Secure-testing-commits] r6724 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Sep 27 11:31:44 UTC 2007
Author: nion
Date: 2007-09-27 11:31:43 +0000 (Thu, 27 Sep 2007)
New Revision: 6724
Modified:
data/CVE/list
Log:
NFUs
CVE-2007-4497,CVE-2007-4496 vmware-package not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-27 11:25:24 UTC (rev 6723)
+++ data/CVE/list 2007-09-27 11:31:43 UTC (rev 6724)
@@ -77,7 +77,6 @@
NOTE: links to poppler since 0.8-4, thus marking as fixed
- libextractor 0.5.12-1
NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed
- TODO: check
CVE-2007-5048 (Heap-based buffer overflow in Lhaplus before 1.55 allows remote ...)
NOT-FOR-US: lhaplus
CVE-2007-5047 (Norton Internet Security 2008 15.0.0.60 does not properly validate ...)
@@ -307,11 +306,11 @@
CVE-2007-4952 (SQL injection vulnerability in article.php in OmniStar Article Manager ...)
NOT-FOR-US: OmniStar Article Manager
CVE-2007-4951 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: YaPiG
CVE-2007-4950 (** DISPUTED ** PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: Phportal
CVE-2007-4949 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: phpreactor
CVE-2007-4948 (Multiple PHP remote file inclusion vulnerabilities in Webmedia ...)
NOT-FOR-US: Webmedia Explorer
CVE-2007-4947 (Multiple PHP remote file inclusion vulnerabilities in myphpPagetool ...)
@@ -585,7 +584,7 @@
- mediawiki 1.10.2-1 (low; bug #442255)
[etch] - mediawiki <not-affected> (Does not include the vulnerable code)
CVE-2007-4827 (Unspecified vulnerability in the Modbus/TCP Diagnostic function in ...)
- TODO: check
+ NOT-FOR-US: Modbus Slave ActiveX Control
CVE-2007-4826 (bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to ...)
- quagga 0.99.9-1 (low; bug #442133)
NOTE: Upstream says that this can only be exploited by configured peers.
@@ -744,9 +743,9 @@
CVE-2007-4753 (The Thomson ST 2030 SIP phone with software 1.52.1 allows remote ...)
NOT-FOR-US: Thomson ST 2030 SIP phone
CVE-2007-4751 (RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in ...)
- TODO: check
+ NOT-FOR-US: RemoteDocs R-Viewer
CVE-2007-4750 (Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 ...)
- TODO: check
+ NOT-FOR-US: RemoteDocs R-Viewer
CVE-2007-4749 (The cmdjob utility in Autodesk Backburner 3.0.2 allows remote ...)
NOT-FOR-US: Autodesk Backburner
CVE-2007-4752 (ssh in OpenSSH before 4.7 does not properly handle when an untrusted ...)
@@ -1334,9 +1333,9 @@
CVE-2007-4498 (The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader ...)
NOT-FOR-US: Grandstream SIP Phone
CVE-2007-4497 (Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build ...)
- TODO: check
+ - vmware-package <not-affected> (package just downloads vmware products but not including them)
CVE-2007-4496 (Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build ...)
- TODO: check
+ - vmware-package <not-affected> (package just downloads vmware products but not including them)
CVE-2007-4495 (Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on ...)
NOT-FOR-US: Solaris
CVE-2007-4494 (The tipafriend function in eZ publish before 3.8.9, and 3.9 before ...)
More information about the Secure-testing-commits
mailing list