[Secure-testing-commits] r7968 - data/CVE

Sat Jan 19 11:46:00 UTC 2008

Author: thijs
Date: 2008-01-19 11:45:59 +0000 (Sat, 19 Jan 2008)
New Revision: 7968

Modified:
   data/CVE/list
Log:
Gallery CVEified, need to check with gallery(1)
2 NFU


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2008-01-19 11:24:52 UTC (rev 7967)
+++ data/CVE/list	2008-01-19 11:45:59 UTC (rev 7968)
@@ -104,38 +104,48 @@
 	RESERVED
 CVE-2008-0298 (KHTML WebKit as used in Apple Safari 2.x allows remote attackers to ...)
 	TODO: check
+	NOTE: khtml originates from konqueror. browser crashes are considered unimportant
 CVE-2008-0297 (PhotoKorn allows remote attackers to obtain database credentials via a ...)
-	TODO: check
+	NOT-FOR-US: PhotoKorn
 CVE-2008-0296 (Heap-based buffer overflow in the libaccess_realrtsp plugin in ...)
 	TODO: check
 CVE-2008-0295 (Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in ...)
 	TODO: check
 CVE-2008-0294 (Unspecified vulnerability in the seat-locking implementation in ...)
-	TODO: check
+	NOT-FOR-US: FreeSeat
 CVE-2008-0293 (Unspecified vulnerability in cron.php in FreeSeat before 1.1.5d, when ...)
-	TODO: check
+	NOT-FOR-US: FreeSeat
 CVE-2008-0292 (Cross-site scripting (XSS) vulnerability in photo_album.pl in Dansie ...)
-	TODO: check
+	NOT-FOR-US: Dansie Photo Album
 CVE-2008-0291 (SQL injection vulnerability in showproduct.asp in RichStrong CMS ...)
-	TODO: check
+	NOT-FOR-US: RichStrong CMS
 CVE-2007-6693 (Unspecified vulnerability in the WebCam module in Menalto Gallery ...)
-	TODO: check
+	- gallery2 2.2.4-1 (bug #457644)
+	TODO: check gallery
 CVE-2007-6692 (Open redirect vulnerability in Menalto Gallery before 2.2.4 allows ...)
-	TODO: check
+	- gallery2 2.2.4-1 (bug #457644)
+	TODO: check gallery
 CVE-2007-6691 (Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 ...)
-	TODO: check
+	- gallery2 2.2.4-1 (bug #457644)
+	TODO: check gallery
 CVE-2007-6690 (The Gallery Remote module in Menalto Gallery before 2.2.4 does not ...)
-	TODO: check
+	- gallery2 2.2.4-1 (bug #457644)
+	TODO: check gallery
 CVE-2007-6689 (Menalto Gallery before 2.2.4 does not properly check for malicious ...)
-	TODO: check
+	- gallery2 2.2.4-1 (bug #457644)
+	TODO: check gallery
 CVE-2007-6688 (Unspecified vulnerability in the Installation application in Menalto ...)
-	TODO: check
+	- gallery2 2.2.4-1 (bug #457644)
+	TODO: check gallery
 CVE-2007-6687 (Multiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery ...)
-	TODO: check
+	- gallery2 2.2.4-1 (bug #457644)
+	TODO: check gallery
 CVE-2007-6686 (The URL rewrite module in Menalto Gallery before 2.2.4 allows ...)
-	TODO: check
+	- gallery2 2.2.4-1 (bug #457644)
+	TODO: check gallery
 CVE-2007-6685 (Unspecified vulnerability in the Publish XP module Menalto Gallery ...)
-	TODO: check
+	- gallery2 2.2.4-1 (bug #457644)
+	TODO: check gallery
 CVE-2008-0161
 	RESERVED
 CVE-2008-0290 (Multiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and ...)
@@ -634,7 +644,7 @@
 CVE-2008-0082
 	RESERVED
 CVE-2008-0081 (Unspecified vulnerability in Microsoft Excel 2004 and earlier, and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2008-0080
 	RESERVED
 CVE-2008-0079
@@ -1096,10 +1106,6 @@
 	NOT-FOR-US: Appian Enterprise Business Process Management Suite
 CVE-2007-6508 (Directory traversal vulnerability in view.php in xeCMS 1.0 allows ...)
 	NOT-FOR-US: xeCMS
-CVE-2007-XXXX [multiple security issues in gallery2]
-	- gallery2 2.2.4-1 (bug #457644)
-	NOTE: http://gallery.menalto.com/gallery_2.2.4_released
-	NOTE: requested CVE id
 CVE-2007-6514 (Apache HTTP Server, when running on Linux with a document root on a ...)
 	- apache <unfixed> (low)
 	- apache2 <unfixed> (low)
@@ -1281,7 +1287,7 @@
 CVE-2008-0028
 	RESERVED
 CVE-2008-0027 (Heap-based buffer overflow in the Certificate Trust List (CTL) ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2008-0026
 	RESERVED
 CVE-2007-6436 (Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, ...)


