[Secure-testing-commits] r8463 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Tue Apr 1 09:14:11 UTC 2008


Author: joeyh
Date: 2008-04-01 09:14:10 +0000 (Tue, 01 Apr 2008)
New Revision: 8463

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-04-01 07:55:48 UTC (rev 8462)
+++ data/CVE/list	2008-04-01 09:14:10 UTC (rev 8463)
@@ -1,19 +1,163 @@
-CVE-2008-1570 [policyd-weight tempfile race]
+CVE-2008-1601 (Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and ...)
+	TODO: check
+CVE-2008-1600 (The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly ...)
+	TODO: check
+CVE-2008-1599 (The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly ...)
+	TODO: check
+CVE-2008-1598 (The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges ...)
+	TODO: check
+CVE-2008-1597 (The WPAR system call implementation in the kernel in IBM AIX 6.1 ...)
+	TODO: check
+CVE-2008-1596 (Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument ...)
+	TODO: check
+CVE-2008-1595 (The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not ...)
+	TODO: check
+CVE-2008-1594 (The kernel in IBM AIX 5.2 and 5.3 does not properly handle resizing ...)
+	TODO: check
+CVE-2008-1593 (The checkpoint and restart feature in the kernel in IBM AIX 5.2, 5.3, ...)
+	TODO: check
+CVE-2008-1592 (MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop ...)
+	TODO: check
+CVE-2008-1591 (The pnVarPrepForStore function in PostNuke 0.764 and earlier skips ...)
+	TODO: check
+CVE-2008-1590
+	RESERVED
+CVE-2008-1589
+	RESERVED
+CVE-2008-1588
+	RESERVED
+CVE-2008-1587
+	RESERVED
+CVE-2008-1586
+	RESERVED
+CVE-2008-1585
+	RESERVED
+CVE-2008-1584
+	RESERVED
+CVE-2008-1583
+	RESERVED
+CVE-2008-1582
+	RESERVED
+CVE-2008-1581
+	RESERVED
+CVE-2008-1580
+	RESERVED
+CVE-2008-1579
+	RESERVED
+CVE-2008-1578
+	RESERVED
+CVE-2008-1577
+	RESERVED
+CVE-2008-1576
+	RESERVED
+CVE-2008-1575
+	RESERVED
+CVE-2008-1574
+	RESERVED
+CVE-2008-1573
+	RESERVED
+CVE-2008-1572
+	RESERVED
+CVE-2008-1571
+	RESERVED
+CVE-2008-1566 (Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine ...)
+	TODO: check
+CVE-2008-1565 (Directory traversal vulnerability in forum/irc/irc.php in the PJIRC ...)
+	TODO: check
+CVE-2008-1564 (Directory traversal vulnerability in Dan Costin File Transfer before ...)
+	TODO: check
+CVE-2008-1563 (The "decode as" feature in packet-bssap.c in the SCCP dissector in ...)
+	TODO: check
+CVE-2008-1562 (The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through ...)
+	TODO: check
+CVE-2008-1561 (Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) ...)
+	TODO: check
+CVE-2008-1560 (Multiple cross-site scripting (XSS) vulnerabilities in Digiappz ...)
+	TODO: check
+CVE-2008-1559 (SQL injection vulnerability in the Bernard Gilly AlphaContent ...)
+	TODO: check
+CVE-2008-1558 (Uncontrolled array index in the sdpplin_parse function in ...)
+	TODO: check
+CVE-2008-1557 (BolinOS 4.6.1 allows remote attackers to obtain sensitive information ...)
+	TODO: check
+CVE-2008-1556 (Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 ...)
+	TODO: check
+CVE-2008-1555 (Directory traversal vulnerability in ...)
+	TODO: check
+CVE-2008-1554 (SQL injection vulnerability in account/index.php in TopperMod 2.0, ...)
+	TODO: check
+CVE-2008-1553 (Directory traversal vulnerability in mod.php in TopperMod 1.0 allows ...)
+	TODO: check
+CVE-2008-1552 (The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) ...)
+	TODO: check
+CVE-2008-1551 (SQL injection vulnerability in viewcat.php in the Photo 3.02 module ...)
+	TODO: check
+CVE-2008-1550 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+	TODO: check
+CVE-2008-1549 (Multiple SQL injection vulnerabilities in Aeries Browser Interface ...)
+	TODO: check
+CVE-2008-1548 (Multiple cross-site scripting (XSS) vulnerabilities in Aeries Browser ...)
+	TODO: check
+CVE-2008-1547
+	RESERVED
+CVE-2008-1546 (servlet/MIMEReceiveServlet in the web controller for Mitsubishi ...)
+	TODO: check
+CVE-2008-1545 (The setRequestHeader method of the XMLHttpRequest object in Microsoft ...)
+	TODO: check
+CVE-2008-1544 (The setRequestHeader method of the XMLHttpRequest object in Microsoft ...)
+	TODO: check
+CVE-2008-1543 (The Advanced User Interface Pages in the ProST Web Management ...)
+	TODO: check
+CVE-2008-1542 (Airspan Base Station Distribution Unit (BSDU) has "topsecret" as its ...)
+	TODO: check
+CVE-2008-1541 (Directory traversal vulnerability in cgi-bin/his-webshop.pl in HIS ...)
+	TODO: check
+CVE-2008-1540 (SQL injection vulnerability in the Datsogallery (com_datsogallery) ...)
+	TODO: check
+CVE-2008-1539 (SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke ...)
+	TODO: check
+CVE-2008-1538 (Cross-site scripting (XSS) vulnerability in searchAction.do in ...)
+	TODO: check
+CVE-2008-1537 (Directory traversal vulnerability in pb_inc/admincenter/index.php in ...)
+	TODO: check
+CVE-2008-1536 (Cross-site scripting (XSS) vulnerability in index.php in Pictures Pro ...)
+	TODO: check
+CVE-2008-1535 (SQL injection vulnerability in the Matti Kiviharju rekry (aka ...)
+	TODO: check
+CVE-2008-1534 (Multiple directory traversal vulnerabilities in PowerPHPBoard 1.00b ...)
+	TODO: check
+CVE-2008-1533 (Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! ...)
+	TODO: check
+CVE-2008-1532 (Perlbal before 1.70, when buffered upload is enabled, allows remote ...)
+	TODO: check
+CVE-2008-1531 (lighttpd 1.4.19 and earlier allows remote attackers to cause a denial ...)
+	TODO: check
+CVE-2005-4874 (The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE ...)
+	TODO: check
+CVE-2003-1555 (ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2003-1554 (Cross-site scripting (XSS) vulnerability in scozbook/add.php in ...)
+	TODO: check
+CVE-2003-1553 (Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores ...)
+	TODO: check
+CVE-2008-1570 (Race condition in the create_lockpath function in policyd-weight ...)
+	{DSA-1531-2}
 	- policyd-weight 0.1.14.17-1 (low)
 	NOTE: http://www.mail-archive.com/policyd-weight-list%40ek-muc.de/msg00798.html
-CVE-2008-1569 [policyd-weight tempfile race]
+CVE-2008-1569 (policyd-weight before 0.1.14 beta-16 allows local users to modify or ...)
+	{DSA-1531-2}
 	- policyd-weight 0.1.14.17-1 (low)
-CVE-2008-1568 [code execution via crafted file name in comix]
+CVE-2008-1568 (comix 3.6.4 allows attackers to execute arbitrary commands via a ...)
 	- comix <unfixed> (low; bug #462840)
 	NOTE: comix can't be used in a non-interactive setup thus the impact level
-CVE-2008-1567 [phpMyAdmin sensitive data in session PMASA-2008-2]
+CVE-2008-1567 (phpMyAdmin before 2.11.5.1 stores the (1) MySQL username, (2) ...)
 	- phpmyadmin 2.11.5.1 (unimportant)
 	NOTE: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-2
 	NOTE: It is a workaround for the limited security that PHP has for
 	NOTE: session files on a shared host. This limitation is documented with
 	NOTE: PHP, warned against and not a specific vulnerability in phpMyAdmin.
 	NOTE: I hence consider it a security enhancement/feature, not a vulnerability.
-CVE-2008-1530 [gnupg key import memory corruption]
+CVE-2008-1530 (GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial ...)
 	- gnupg <not-affected> (Only 1.4.8 is affected)
 	TODO: Verify that the next maintainer upload uses 1.4.9 directly
 	[etch] - gnupg <not-affected> (Only 1.4.8 is affected)
@@ -56,7 +200,7 @@
 	NOTE: s390 specific issue, counterpart for x86 not reproducible with 2.6.24 here
 CVE-2008-1513 (SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and ...)
 	NOT-FOR-US: Danneo CMS
-CVE-2008-1512 (Directory traversal vulnerability in admin/admin_xs.php in phpBB ...)
+CVE-2008-1512 (Directory traversal vulnerability in admin/admin_xs.php in eXtreme ...)
 	NOT-FOR-US: XS module for phpBB
 CVE-2008-1511 (Multiple PHP remote file inclusion vulnerabilities in ooComments 1.0 ...)
 	NOT-FOR-US: ooComments
@@ -135,7 +279,7 @@
 	- roundup <unfixed> (low; bug #472643)
 CVE-2008-1473 (The Altiris Client Service (AClient.exe) in Symantec Altiris ...)
 	NOT-FOR-US: Symantec Altiris
-CVE-2008-1472 (Stack-based buffer overflow in the ListCtrl.ocx ActiveX Control in CA ...)
+CVE-2008-1472 (Stack-based buffer overflow in the ListCtrl ActiveX Control ...)
 	NOT-FOR-US: ARCserve Backup
 CVE-2008-1471 (The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ ...)
 	NOT-FOR-US: Panda Internet Security/Antivirus+ Firewall
@@ -145,7 +289,7 @@
 	NOT-FOR-US: Gallarific
 CVE-2008-1468 (Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu ...)
 	- namazu2 <unfixed> (low; bug #472644)
-CVE-2008-1467 (CenterIM 4.22.3 and earlier allows remote attackers to execute ...)
+CVE-2008-1467 (** DISPUTED ** ...)
 	- centerim 4.22.3-1 (unimportant; bug #472649)
 	NOTE: the victim needs to list the URLs in the message with F2 and press enter on it
 	NOTE: the victim can see the complete URL including the commands however so the impact is really low
@@ -313,8 +457,8 @@
 	[etch] - otrs <not-affected> (Vulnerable code not present)
 	[sarge] - otrs <not-affected> (Vulnerable code not present)
 	NOTE: http://packages.qa.debian.org/o/otrs2/news/20080320T211729Z.html
-CVE-2008-1391
-	RESERVED
+CVE-2008-1391 (Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, ...)
+	TODO: check
 CVE-2008-1390 (The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before ...)
 	- asterisk <unfixed> (low)
 	[etch] - asterisk <not-affected> (Only 1.4.x affected)
@@ -329,8 +473,7 @@
 	RESERVED
 CVE-2008-1385
 	RESERVED
-CVE-2008-1384
-	RESERVED
+CVE-2008-1384 (Integer overflow in PHP 5.2.5 and earlier allows context-dependent ...)
 	- php5 <unfixed> (unimportant)
 	NOTE: http://securityreason.com/achievement_securityalert/52
 	NOTE: Only exploitable through malicious script
@@ -545,7 +688,7 @@
 CVE-2008-1294 [setrlimit(RLIMIT_CPUINFO) with zero value doesn't inherit properly across children]
 	RESERVED
 	- linux-2.6 <unfixed> (bug #419706)
-CVE-2008-1318 (Unspecified vulnerability in MediaWiki 1.11 to 1.11.2 allows remote ...)
+CVE-2008-1318 (Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows ...)
 	- mediawiki 1:1.11.2-1 (low)
 CVE-2008-1288 (IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 might allow local or ...)
 	NOT-FOR-US: IBM Rational ClearQuest
@@ -646,52 +789,44 @@
 	NOT-FOR-US: Linksys WRT300N router
 CVE-2008-1242 (The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 ...)
 	NOT-FOR-US: Belkin router
-CVE-2008-1241
-	RESERVED
+CVE-2008-1241 (GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and ...)
 	{DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1240
-	RESERVED
+CVE-2008-1240 (LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before ...)
 	{DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
 CVE-2008-1239
 	RESERVED
-CVE-2008-1238
-	RESERVED
+CVE-2008-1238 (Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when ...)
 	{DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1237
-	RESERVED
+CVE-2008-1237 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
 	{DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1236
-	RESERVED
+CVE-2008-1236 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
 	{DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1235
-	RESERVED
+CVE-2008-1235 (Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, ...)
 	{DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1234
-	RESERVED
+CVE-2008-1234 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
 	{DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
 	- iceape 1.1.9-1
-CVE-2008-1233
-	RESERVED
+CVE-2008-1233 (Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, ...)
 	{DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1
 	- xulrunner 1.8.1.13-1
@@ -869,20 +1004,20 @@
 	RESERVED
 CVE-2008-1157 (Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a ...)
 	NOT-FOR-US: Cisco IPM
-CVE-2008-1156
-	RESERVED
+CVE-2008-1156 (Unspecified vulnerability in the Multicast Virtual Private Network ...)
+	TODO: check
 CVE-2008-1155
 	RESERVED
 CVE-2008-1154
 	RESERVED
-CVE-2008-1153
-	RESERVED
-CVE-2008-1152
-	RESERVED
-CVE-2008-1151
-	RESERVED
-CVE-2008-1150
-	RESERVED
+CVE-2008-1153 (Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the ...)
+	TODO: check
+CVE-2008-1152 (The data-link switching (DLSw) component in Cisco IOS 12.0 through ...)
+	TODO: check
+CVE-2008-1151 (Memory leak in the virtual private dial-up network (VPDN) component in ...)
+	TODO: check
+CVE-2008-1150 (The virtual private dial-up network (VPDN) component in Cisco IOS ...)
+	TODO: check
 CVE-2008-1149 (phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters ...)
 	- phpmyadmin 4:2.11.5-1 (low)
 	[etch] - phpmyadmin <no-dsa> (Minor issue)
@@ -1291,7 +1426,7 @@
 	NOT-FOR-US: Apple Mac OS X
 CVE-2008-0988 (Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2008-0987 (Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2 ...)
+CVE-2008-0987 (Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2008-0986 (Integer overflow in the BMP::readFromStream method in the libsgl.so ...)
 	NOT-FOR-US: Google Android
@@ -1423,12 +1558,12 @@
 	- kvm 63+dfsg-1 (bug #469666)
 CVE-2008-0927
 	RESERVED
-CVE-2008-0926
-	RESERVED
+CVE-2008-0926 (Unspecified vulnerability in the eMBox utility in Novell eDirectory ...)
+	TODO: check
 CVE-2008-0925
 	RESERVED
-CVE-2008-0924
-	RESERVED
+CVE-2008-0924 (Stack-based buffer overflow in the DoLBURPRequest function in libnldap ...)
+	TODO: check
 CVE-2008-0923 (Directory traversal vulnerability in the Shared Folders feature for ...)
 	- vmware-package <not-affected> (Only vulnerable on windows hosted systems)
 CVE-2008-0922 (SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke ...)
@@ -1896,12 +2031,12 @@
 	RESERVED
 CVE-2008-0707 (HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX ...)
 	NOT-FOR-US: HP-UX
-CVE-2008-0706
-	RESERVED
+CVE-2008-0706 (Unspecified vulnerability in the BIOS F.26 and earlier for the HP ...)
+	TODO: check
 CVE-2008-0705
 	RESERVED
-CVE-2008-0704
-	RESERVED
+CVE-2008-0704 (Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP ...)
+	TODO: check
 CVE-2008-0703 (Multiple directory traversal vulnerabilities in sflog! 0.96 allow ...)
 	NOT-FOR-US: sflog!
 CVE-2008-0702 (Multiple heap-based buffer overflows in Titan FTP Server 6.03 and ...)
@@ -2255,8 +2390,8 @@
 	NOT-FOR-US: F5 BIG-IP Application Security Manager
 CVE-2008-0538 (Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow ...)
 	NOT-FOR-US: phpIP Management
-CVE-2008-0537
-	RESERVED
+CVE-2008-0537 (Unspecified vulnerability in the Supervisor Engine 32 (Sup32), ...)
+	TODO: check
 CVE-2008-0536
 	RESERVED
 CVE-2008-0535
@@ -2572,7 +2707,7 @@
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
-CVE-2008-0416 (Multiple unspecified vulnerabilities in Mozilla Firefox, as used in ...)
+CVE-2008-0416 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	TODO: check xulrunner and iceape
@@ -3072,8 +3207,8 @@
 	NOT-FOR-US: HP Virtual Rooms
 CVE-2008-0212 (ovtopmd in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
-CVE-2008-0211
-	RESERVED
+CVE-2008-0211 (Unspecified vulnerability in the BIOS F.04 through F.11 for the HP ...)
+	TODO: check
 CVE-2008-0210 (Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication ...)
 	NOT-FOR-US: Uebimiau Webmail
 CVE-2008-0209 (Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 ...)
@@ -3434,8 +3569,8 @@
 	NOTE: SA29057
 CVE-2008-0071
 	RESERVED
-CVE-2008-0070
-	RESERVED
+CVE-2008-0070 (Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA ...)
+	TODO: check
 CVE-2008-0069
 	RESERVED
 CVE-2008-0068
@@ -4201,13 +4336,13 @@
 	NOTE: wrapper script as an example but the original script is installed
 	NOTE: under /usr/lib/cups/filters
 CVE-2007-6356 (exiftags before 1.01 allows attackers to cause a denial of service ...)
-	{DSA-1533-1}
+	{DSA-1533-2 DSA-1533-1}
 	- exiftags 1.01-0.1 (low; bug #457062)
 CVE-2007-6355 (Integer overflow in exiftags before 1.01 has unknown impact and attack ...)
-	{DSA-1533-1}
+	{DSA-1533-2 DSA-1533-1}
 	- exiftags 1.01-0.1 (bug #457062)
 CVE-2007-6354 (Unspecified vulnerability in exiftags before 1.01 has unknown impact ...)
-	{DSA-1533-1}
+	{DSA-1533-2 DSA-1533-1}
 	- exiftags 1.01-0.1 (bug #457062)
 CVE-2007-6352 (Integer overflow in libexif 0.6.16 and earlier allows ...)
 	{DSA-1487-1}
@@ -8823,7 +8958,7 @@
 	NOT-FOR-US: Psilabs
 CVE-2007-4880 (Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager (TSM)
-CVE-2007-4879 (Mozilla Firefox 2.0.x can automatically install TLS client ...)
+CVE-2007-4879 (Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, ...)
 	{DSA-1535-1 DSA-1534-1 DSA-1532-1}
 	- iceweasel 2.0.0.13-1 (low; bug #444803)
 	- iceape 1.1.9-1 (low; bug #444805)
@@ -9559,7 +9694,7 @@
 CVE-2007-4576
 	REJECTED
 	NOTE: duplicate of CVE-2007-4575, will be rejected
-CVE-2007-4575 (Unspecified vulnerability in HSQLDB before 1.8.0.9, as used in ...)
+CVE-2007-4575 (HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, ...)
 	{DSA-1419-1}
 	- openoffice.org 2.3.1~rc1-1 (medium; bug #454463)
 	- hsqldb 1.8.0.9-1
@@ -17571,7 +17706,7 @@
 	NOT-FOR-US: ISS BlackICE
 CVE-2006-7128 (PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 ...)
 	NOT-FOR-US: JAF CMS
-CVE-2006-7127 (Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 ...)
+CVE-2006-7127 (Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and ...)
 	NOT-FOR-US: JAF CMS
 CVE-2006-7126 (SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 ...)
 	NOT-FOR-US: Joomla component BSQ Sitestats




More information about the Secure-testing-commits mailing list