[Secure-testing-commits] r7776 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Tue Jan 1 11:11:34 UTC 2008
Author: stef-guest
Date: 2008-01-01 11:11:33 +0000 (Tue, 01 Jan 2008)
New Revision: 7776
Modified:
data/CVE/list
Log:
new mozilla/konqueror issues
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-12-31 21:14:29 UTC (rev 7775)
+++ data/CVE/list 2008-01-01 11:11:33 UTC (rev 7776)
@@ -1,63 +1,68 @@
CVE-2007-6594 (IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak ...)
- TODO: check
+ NOT-FOR-US: Lotus Notes
CVE-2007-6593 (Multiple stack-based buffer overflows in l123sr.dll in Autonomy ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes
CVE-2007-6592 (Apple Safari 2, when a user accepts an SSL server certificate on the ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2007-6591 (KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server ...)
- TODO: check
+ - konqueror <unfixed> (medium)
+ NOTE: filed http://bugs.kde.org/show_bug.cgi?id=154921
CVE-2007-6590 (Mozilla 1.9 M8 and earlier, Mozilla Firefox 2, SeaMonkey 1.1.5, ...)
- TODO: check
+ - iceape <unfixed> (medium)
+ - iceweasel <unfixed> (medium)
+ TODO: check mozilla derivatives/xulrunner
CVE-2007-6589 (The jar protocol handler in Mozilla Firefox before 2.0.0.10 and ...)
- TODO: check
+ - iceape 1.1.7-1 (medium)
+ - iceweasel 2.0.0.10-1 (medium)
+ TODO: check mozilla derivatives/xulrunner
CVE-2007-6588 (Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows ...)
- TODO: check
+ NOT-FOR-US: PHCDownload
CVE-2007-6587 (SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 ...)
- TODO: check
+ NOT-FOR-US: Plogger
CVE-2007-6586 (SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows ...)
- TODO: check
+ NOT-FOR-US: nicLOR-CMS
CVE-2007-6585 (PHP remote file inclusion vulnerability in confirmUnsubscription.php ...)
- TODO: check
+ NOT-FOR-US: NmnNewsletter
CVE-2007-6584 (Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow ...)
- TODO: check
+ NOT-FOR-US: 1024 CMS
CVE-2007-6583 (SQL injection vulnerability in admin/ops/findip/ajax/search.php in ...)
- TODO: check
+ NOT-FOR-US: 1024 CMS
CVE-2007-6582 (Directory traversal vulnerability in index.php in mBlog 1.2 allows ...)
- TODO: check
+ NOT-FOR-US: mBlog
CVE-2007-6581 (Multiple directory traversal vulnerabilities in Social Engine 2.0 ...)
- TODO: check
+ NOT-FOR-US: Social Engine
CVE-2007-6580 (Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow ...)
- TODO: check
+ NOT-FOR-US: Wallpaper Site
CVE-2007-6579 (Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote ...)
- TODO: check
+ NOT-FOR-US: Ip Reg
CVE-2007-6578 (SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote ...)
- TODO: check
+ NOT-FOR-US: PHP ZLink
CVE-2007-6577 (Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow ...)
- TODO: check
+ NOT-FOR-US: zBlog
CVE-2007-6576 (Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and ...)
- TODO: check
+ NOT-FOR-US: Adult Script
CVE-2007-6575 (SQL injection vulnerability in default.php in MMSLamp allows remote ...)
- TODO: check
+ NOT-FOR-US: MMSLamp
CVE-2007-6574 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 ...)
- TODO: check
+ NOT-FOR-US: Dokeos
CVE-2007-6573 (QK SMTP Server 3 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: QK SMTP
CVE-2007-6572 (Cross-site scripting (XSS) vulnerability in Sun Java System Web Server ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Web Server
CVE-2007-6571 (Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Web Proxy
CVE-2007-6570 (Cross-site scripting (XSS) vulnerability in the View URL Database ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Web Proxy Server
CVE-2007-6569 (Cross-site scripting (XSS) vulnerability in the View Error Log ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Web Proxy Server
CVE-2007-6568 (PHP remote file inclusion vulnerability in config.inc.php in XZero ...)
- TODO: check
+ NOT-FOR-US: XZero Community Classifieds
CVE-2007-6567 (Directory traversal vulnerability in index.php in XZero Community ...)
- TODO: check
+ NOT-FOR-US: XZero Community Classifieds
CVE-2007-6566 (SQL injection vulnerability in post.php in XZero Community Classifieds ...)
- TODO: check
+ NOT-FOR-US: XZero Community Classifieds
CVE-2007-6565 (Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta ...)
- TODO: check
+ NOT-FOR-US: Blakord Portal
CVE-2007-XXXX [XSS via file upload in mantis]
- mantis 1.0.8-4 (low; bug #458377)
CVE-2007-XXXX [vlc mozilla plugin arbitrary file overwrite vulnerability]
More information about the Secure-testing-commits
mailing list