[Secure-testing-commits] r15688 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Sun Dec 12 22:40:24 UTC 2010
Author: gilbert-guest
Date: 2010-12-12 22:40:24 +0000 (Sun, 12 Dec 2010)
New Revision: 15688
Modified:
data/CVE/list
Log:
info on a couple old issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-12-12 21:57:35 UTC (rev 15687)
+++ data/CVE/list 2010-12-12 22:40:24 UTC (rev 15688)
@@ -53081,7 +53081,8 @@
CVE-2007-2715 (Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to ...)
NOT-FOR-US: Snaps! Gallery
CVE-2007-2714 (Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet ...)
- - wordpress <undetermined>
+ - wordpress 3.0.1-1
+ NOTE: 3.0.1 has akismet 2.3.0 and issue is claimed fixed in 2.0.2 but i couldn't find any info to check, so i'm assume notes are correct
CVE-2007-2713 (ifdate 2.x sends a redirect to the web browser but does not exit when ...)
NOT-FOR-US: iFdate
CVE-2007-2712 (Unspecified vulnerability in MH Software Connect Daily before 3.3.3 ...)
@@ -53923,7 +53924,9 @@
CVE-2007-2379 (The jQuery framework exchanges data using JavaScript Object Notation ...)
- jquery <undetermined> (low)
CVE-2007-2378 (The Google Web Toolkit (GWT) framework exchanges data using JavaScript ...)
- - gwt <undetermined> (low; bug #563542)
+ - gwt <unfixed> (unimportant; bug #563542)
+ NOTE: javascript security guidelines provided to developers to avoid these issues
+ NOTE: http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications
CVE-2007-2377 (The Getahead Direct Web Remoting (DWR) framework 1.1.4 exchanges data ...)
NOT-FOR-US: Getahead Direct Web Remoting
CVE-2007-2376 (The Dojo framework exchanges data using JavaScript Object Notation ...)
More information about the Secure-testing-commits
mailing list