[Secure-testing-commits] r8329 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Fri Mar 14 13:01:07 UTC 2008
Author: nion
Date: 2008-03-14 13:01:06 +0000 (Fri, 14 Mar 2008)
New Revision: 8329
Modified:
data/CVE/list
Log:
NFUs
vdccm was removed
new imagemagick/graphicsmagick issues (CVE-2008-1096)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-03-14 12:21:55 UTC (rev 8328)
+++ data/CVE/list 2008-03-14 13:01:06 UTC (rev 8329)
@@ -309,39 +309,39 @@
CVE-2008-1138 (DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users ...)
NOT-FOR-US: DESlock+
CVE-2008-1137 (SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) ...)
- TODO: check
+ NOT-FOR-US: com_garyscookbook component for Mambo and Joomla!
CVE-2008-1136 (The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through ...)
- TODO: check
+ - vdccm <removed>
CVE-2008-1135 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates ...)
NOT-FOR-US: OMEGA
CVE-2008-1134 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports ...)
NOT-FOR-US: OMEGA
CVE-2008-1133 (The Drupal.checkPlain function in Drupal 6.0 only escapes the first ...)
- TODO: check
+ - drupal5 <not-affected> (Vulnerable code introduced in 6.x)
CVE-2007-6706 (Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus ...)
NOT-FOR-US: IBM Lotus Notes
CVE-2007-6705 (The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client ...)
NOT-FOR-US: WebSphere
CVE-2007-6704 (Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass ...)
- TODO: check
+ NOT-FOR-US: F5 FirePass
CVE-2007-6703 (Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) ...)
- TODO: check
+ - vdccm <removed>
CVE-2007-6702 (goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka ...)
- TODO: check
+ NOT-FOR-US: FS4104-AW firmware
CVE-2003-1552 (Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 ...)
- TODO: check
+ NOT-FOR-US: Uploader
CVE-2003-1551 (Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2003-1550 (XOOPS 2.0, and possibly earlier versions, allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: XOOPS
CVE-2003-1549 (Cross-site scripting (XSS) vulnerability in header.php in ...)
- TODO: check
+ NOT-FOR-US: MyABraCaDaWeb
CVE-2003-1548 (MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: MyABraCaDaWeb
CVE-2003-1547 (Cross-site scripting (XSS) vulnerability in block-Forums.php in the ...)
- TODO: check
+ NOT-FOR-US: Splatt Forum module for PHP-Nuke
CVE-2003-1546 (Cross-site scripting (XSS) vulnerability in gbook.php in Filebased ...)
- TODO: check
+ NOT-FOR-US: Filebased guestbook
CVE-2008-1218 (Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and ...)
- dovecot 1:1.0.13-1
[etch] - dovecot <not-affected> (Vulnerable code not present)
@@ -437,7 +437,8 @@
- graphicsmagick 1.1.7-13
- imagemagick 7:6.2.4.5.dfsg1-1
CVE-2008-1096 (The load_tile function in the XCF coder in coders/xcf.c in (1) ...)
- TODO: check
+ - imagemagick <unfixed> (medium; bug #414370)
+ - grapicsmagick <unfixed> (medium; bug #414370)
CVE-2008-1095 (Unspecified vulnerability in the Internet Protocol (IP) implementation ...)
NOT-FOR-US: Sun Solaris
CVE-2008-1094
More information about the Secure-testing-commits
mailing list