[Secure-testing-commits] r14887 - data/CVE
Nico Golde
nion at alioth.debian.org
Sun Jun 20 12:08:57 UTC 2010
Author: nion
Date: 2010-06-20 12:08:54 +0000 (Sun, 20 Jun 2010)
New Revision: 14887
Modified:
data/CVE/list
Log:
adjusting impact of CVE-2010-1648/CVE-2010-1647, we usually use low for web related issues with this kind of impact
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-19 22:40:58 UTC (rev 14886)
+++ data/CVE/list 2010-06-20 12:08:54 UTC (rev 14887)
@@ -1640,10 +1640,10 @@
CVE-2010-1649 (Multiple cross-site scripting (XSS) vulnerabilities in the back end in ...)
NOT-FOR-US: Joomla
CVE-2010-1648 (Cross-site request forgery (CSRF) vulnerability in the login interface ...)
- - mediawiki <unfixed> (bug #585918; medium)
+ - mediawiki <unfixed> (bug #585918; low)
NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
CVE-2010-1647 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before ...)
- - mediawiki <unfixed> (bug #585918; medium)
+ - mediawiki <unfixed> (bug #585918; low)
NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
CVE-2010-1646 (The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and ...)
{DSA-2062-1}
More information about the Secure-testing-commits
mailing list