[Secure-testing-commits] r19199 - data/CVE

[Henri Salo]

Author: fgeek-guest
Date: 2012-05-10 21:25:58 +0000 (Thu, 10 May 2012)
New Revision: 19199

Modified:
   data/CVE/list
Log:
Merged CVE-2007-1054 and CVE-2007-XXXX MediaWiki XSS based on Microsoft Internet Explorer\'s UTF-7 charset autodetection.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-05-10 21:14:38 UTC (rev 19198)
+++ data/CVE/list	2012-05-10 21:25:58 UTC (rev 19199)
@@ -79430,6 +79430,7 @@
 	- mediawiki 1.7.1-9 (bug #406238; medium)
 CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features in ...)
 	- mediawiki 1.7.1-9 (bug #406238; medium)
+    NOTE: http://osvdb.org/show/osvdb/32078
 CVE-2007-1053 (** DISPUTED ** ...)
 	NOT-FOR-US: phpXmms
 CVE-2007-1052 (** DISPUTED ** ...)
@@ -79635,8 +79636,6 @@
 CVE-2006-XXXX [pure-ftpd-mysql: any problems with a home dir will allow rw to the entire filesystem]
 	- pure-ftpd 1.0.21-1 (low)
 	NOTE: oldstable is affected
-CVE-2007-XXXX [MediaWiki XSS based on Microsoft Internet Explorer's UTF-7 charset autodetection]
-	- mediawiki1.7 1.7.1-9 (low)
 CVE-2007-1049 (Cross-site scripting (XSS) vulnerability in the wp_explain_nonce ...)
 	{DTSA-34-1}
 	- wordpress 2.1.1-1 (low)