[Secure-testing-commits] r6730 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Sep 27 22:55:24 UTC 2007
Author: nion
Date: 2007-09-27 22:55:24 +0000 (Thu, 27 Sep 2007)
New Revision: 6730
Modified:
data/CVE/list
Log:
CVE-2007-5105 fixed in wordpress 2.0.4-1
NFUs
new issue: egroupware (CVE-2007-5091)
CVE-2007-5087 kernel-image-2.4 was removed
CVE-2002-2227 fixed in ssldump 0.9b3-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-27 22:28:12 UTC (rev 6729)
+++ data/CVE/list 2007-09-27 22:55:24 UTC (rev 6730)
@@ -19,47 +19,47 @@
CVE-2007-5106 (Cross-site scripting (XSS) vulnerability in wp-register.php in ...)
- wordpress 2.0.2-1 (low)
CVE-2007-5105 (Cross-site scripting (XSS) vulnerability in wp-register.php in ...)
- TODO: check
+ - wordpress 2.0.4-1 (low)
CVE-2007-5104 (SQL injection vulnerability in index.php in the Arcade module in bcoos ...)
- TODO: check
+ NOT-FOR-US: bcoos
CVE-2007-5103 (Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 ...)
- TODO: check
+ NOT-FOR-US: Wordsmith
CVE-2007-5102 (PHP remote file inclusion vulnerability in config.inc.php in Wordsmith ...)
- TODO: check
+ NOT-FOR-US: Wordsmith
CVE-2007-5101 (ChironFS before 1.0 RC7 sets user/group ownership to the mounter ...)
- TODO: check
+ NOT-FOR-US: ChironFS
CVE-2007-5100 (Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, ...)
- TODO: check
+ NOT-FOR-US: phpBB plus (phpbb2 does not include this module)
CVE-2007-5099 (PHP remote file inclusion vulnerability in show.php in David Watters ...)
- TODO: check
+ NOT-FOR-US: helplink
CVE-2007-5098 (Multiple PHP remote file inclusion vulnerabilities in DFD Cart 1.1.4 ...)
- TODO: check
+ NOT-FOR-US: DFD Cart
CVE-2007-5097 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Online Fantasy Football League
CVE-2007-5096 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: guanxiCRM Business Solution
CVE-2007-5095 (Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes ...)
- TODO: check
+ NOT-FOR-US: Windows Media Player
CVE-2007-5094 (Heap-based buffer overflow in iaspam.dll in the SMTP Server in ...)
- TODO: check
+ NOT-FOR-US: Ipswitch IMail Server
CVE-2007-5093 (The disconnect method in the Philips USB Webcam (pwc) driver in Linux ...)
- TODO: check
+ NOT-FOR-US: Philips firmware
CVE-2007-5092 (Directory traversal vulnerability in index.php in the Dance Music ...)
- TODO: check
+ NOT-FOR-US: phpNuke module
CVE-2007-5091 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare ...)
- TODO: check
+ - egroupware <unfixed> (low; bug #444351)
CVE-2007-5090 (Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a ...)
- TODO: check
+ NOT-FOR-US: IBM Rational ClearQuest
CVE-2007-5089 (PHP remote file inclusion vulnerability in php-inc/log.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Sklog
CVE-2007-5088 (Cross-site scripting (XSS) vulnerability in search/cust_bill_event.cgi ...)
- TODO: check
+ NOT-FOR-US: freeside
CVE-2007-5087 (The ATM module in the Linux kernel before 2.4.35.3, when CLIP support ...)
- TODO: check
+ - kernel-image-2.4 <removed>
CVE-2007-5086 (Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not ...)
- TODO: check
+ NOT-FOR-US: Kaspersky Anti-Virus and Internet Security 7.0
CVE-2007-5085 (Unspecified vulnerability in the management EJB (MEJB) in Apache ...)
- TODO: check
+ NOT-FOR-US: Geronimo Apache
CVE-2007-5084
RESERVED
CVE-2007-5083
@@ -67,7 +67,7 @@
CVE-2007-5082
RESERVED
CVE-2002-2227 (Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers ...)
- TODO: check
+ - ssldump 0.9b3-1 (low)
CVE-2007-5081
RESERVED
CVE-2007-5080
More information about the Secure-testing-commits
mailing list