Author: stef-guest
Date: 2007-05-17 10:32:14 +0000 (Thu, 17 May 2007)
New Revision: 5860
Modified:
data/CVE/list
Log:
CVE-2007-2645 new libexif issue
CVE-2007-269[1-3] new mysql issues
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-17 09:43:04 UTC (rev 5859)
+++ data/CVE/list 2007-05-17 10:32:14 UTC (rev 5860)
@@ -27,27 +27,33 @@
CVE-2007-2702 (Cross-site scripting (XSS) vulnerability in the GroupSpace
application ...)
TODO: check
CVE-2007-2701 (The JMS Message Bridge in BEA WebLogic Server 7.0 through SP7
and 8.1 ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2700 (The WLST script generated by the configToScript command in BEA
...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2699 (The Administration Console in BEA WebLogic Express and WebLogic
Server ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2698 (The Administration Console in BEA WebLogic Server 9.0 may show
...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2697 (The embedded LDAP server in BEA WebLogic Express and WebLogic
Server ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2696 (The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0
through ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2695 (The HttpClusterServlet and HttpProxyServlet in BEA WebLogic
Express ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2694 (Multiple cross-site scripting (XSS) vulnerabilities in BEA
WebLogic ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2007-2693 (MySQL before 5.1.18 allows remote authenticated users without
SELECT ...)
- TODO: check
+ - mysql-dfsg-5.0 <unfixed> (bug #424778)
+ [sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830)
+ [sarge] - mysql-dfsg <unfixed>
CVE-2007-2692 (The mysql_change_db function in MySQL 5.0.x before 5.0.40 and
5.1.x ...)
- TODO: check
+ - mysql-dfsg-5.0 5.0.41-1 (bug #424778)
+ [sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830)
+ [sarge] - mysql-dfsg <unfixed>
CVE-2007-2691 (MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before
5.1.18 does ...)
- TODO: check
+ - mysql-dfsg-5.0 <unfixed> (bug #424778)
+ [sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830)
+ [sarge] - mysql-dfsg <unfixed>
CVE-2007-2690 (Multiple IBM ISS Proventia Series products, including the A, G,
and M ...)
TODO: check
CVE-2007-2689 (Check Point Web Intelligence does not properly handle certain
...)
@@ -139,7 +145,7 @@
CVE-2007-2646 (Heap-based buffer overflow in yEnc32 1.0.7.207 allows
user-assisted ...)
TODO: check
CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in
...)
- TODO: check
+ - libexif <unfixed> (bug #424775)
CVE-2007-2644 (A certain ActiveX control in Morovia Barcode ActiveX
Professional ...)
TODO: check
CVE-2007-2643 (Directory traversal vulnerability in phpThumb.php in PinkCrow
Designs ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits