Author: keescook-guest
Date: 2007-02-15 02:51:05 +0100 (Thu, 15 Feb 2007)
New Revision: 5460
Modified:
data/CVE/list
Log:
NFUs, php5 & iceweasel open, ejabberd & firefox-sage fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-14 08:14:14 UTC (rev 5459)
+++ data/CVE/list 2007-02-15 01:51:05 UTC (rev 5460)
@@ -1,29 +1,29 @@
CVE-2007-0912 (Cross-Site Request Forgery (CSRF) vulnerability in
admin/admin.adm.php ...)
- TODO: check
+ NOT-FOR-US: JPortal
CVE-2007-0911 (Off-by-one error in the str_ireplace function in PHP 5.2.1
might allow ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0910 (Unspecified vulnerability PHP before 5.2.1 allows attackers to
...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0909 (Multiple format string vulnerabilities in PHP before 5.2.1
might allow ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0908 (The wddx extension in PHP before 5.2.1 allows remote attackers
to ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0907 (Buffer underflow in PHP before 5.2.1 allows attackers to cause
a ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0906 (Multiple buffer overflows in PHP before 5.2.1 allow attackers
to cause ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0905 (PHP before 5.2.1 allows attackers to bypass safe_mode and
open_basedir ...)
- TODO: check
+ - php5 <unfixed> (bug #410561; medium)
CVE-2007-0904 (SQL injection vulnerability in projects.php in LightRO CMS 1.0
allows ...)
- TODO: check
+ NOT-FOR-US: LightRO CMS
CVE-2007-0903 (Unspecified vulnerability in the mod_roster_odbc module in
ejabberd ...)
- TODO: check
+ - ejabberd 1.1.2-5
CVE-2007-0902 (Unspecified vulnerability in the "Show debugging
information" feature ...)
TODO: check
CVE-2007-0901 (Multiple cross-site scripting (XSS) vulnerabilities in Info
pages in ...)
TODO: check
CVE-2007-0900 (Multiple PHP remote file inclusion vulnerabilities in TagIt!
Tagboard ...)
- TODO: check
+ NOT-FOR-US: TagIt! Tagboard
CVE-2007-0899
RESERVED
CVE-2007-0898
@@ -31,7 +31,7 @@
CVE-2007-0897
RESERVED
CVE-2007-0896 (Cross-site scripting (XSS) vulnerability in the (1) Sage before
...)
- TODO: check
+ - firefox-sage 1.3.10-1
CVE-2007-0451
RESERVED
- spamassassin 3.1.8 (bug #410843)
@@ -300,11 +300,11 @@
CVE-2007-0803 (Multiple buffer overflows in STLport before 5.0.3 allow remote
...)
- stlport5 <unfixed> (bug #410864; low)
CVE-2007-0802 (Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the
Phishing ...)
- TODO: check
+ - iceweasel <unfixed> (low)
CVE-2007-0801 (The nsExternalAppHandler::SetUpTempFile function in Mozilla
Firefox ...)
- TODO: check
+ - iceweasel <unfixed> (low)
CVE-2007-0800 (Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers
blocked ...)
- TODO: check
+ - iceweasel <unfixed> (medium)
CVE-2007-0799 (SQL injection vulnerability in badword.asp in Ublog Reload
1.0.5 ...)
NOT-FOR-US: Ublog Reload
CVE-2007-0798 (Multiple cross-site scripting (XSS) vulnerabilities in Ublog
Reload ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
