[Secure-testing-commits] r8418 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Mar 26 19:25:25 UTC 2008
Author: nion
Date: 2008-03-26 19:25:24 +0000 (Wed, 26 Mar 2008)
New Revision: 8418
Modified:
data/CVE/list
Log:
setting CVE-2008-1467 to unimportant as there is hardly any real life attack vector
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-03-26 19:07:23 UTC (rev 8417)
+++ data/CVE/list 2008-03-26 19:25:24 UTC (rev 8418)
@@ -44,10 +44,9 @@
CVE-2008-1468 (Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu ...)
- namazu2 <unfixed> (low; bug #472644)
CVE-2008-1467 (CenterIM 4.22.3 and earlier allows remote attackers to execute ...)
- - centerim <unfixed> (low; bug #472649)
+ - centerim <unfixed> (unimportant; bug #472649)
NOTE: the victim needs to list the URLs in the message with F2 and press enter on it
- NOTE: the victim can see the complete URL including the commands however so the impact
- NOTE: is really low, setting it to unimportant maybe?
+ NOTE: the victim can see the complete URL including the commands however so the impact is really low
CVE-2008-1466 (Multiple PHP remote file inclusion vulnerabilities in W-Agora 4.0 ...)
NOT-FOR-US: W-Agora
CVE-2008-1465 (SQL injection vulnerability in the Detodas Restaurante ...)
More information about the Secure-testing-commits
mailing list