Author: jmm-guest
Date: 2007-07-04 19:32:36 +0000 (Wed, 04 Jul 2007)
New Revision: 6095
Modified:
data/CVE/list
Log:
new kernel issue
glibc non-issue
two new vlc CVE IDs
iceape no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-04 09:14:09 UTC (rev 6094)
+++ data/CVE/list 2007-07-04 19:32:36 UTC (rev 6095)
@@ -1,7 +1,7 @@
CVE-2007-3514 (Cross-domain vulnerability in Apple Safari for Windows 3.0.2
allows ...)
TODO: check
CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the
Linux ...)
- TODO: check
+ - linux-2.6 <unfixed>
CVE-2007-3512 (Stack-based buffer overflow in Lhaca File Archiver before 1.22
allows ...)
TODO: check
CVE-2007-3511 (The focus handling for the onkeydown event in Mozilla Firefox
1.5.0.12 ...)
@@ -10,8 +10,10 @@
RESERVED
CVE-2007-3509
RESERVED
-CVE-2007-3508
+CVE-2007-3508 [glibc hwcaps integer overflow]
RESERVED
+ - glibc <unfixed> (unimportant)
+ NOTE: Not security-relevant
CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value
function ...)
TODO: check
CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in
FreeType ...)
@@ -91,9 +93,9 @@
CVE-2007-3469 (Unspecified vulnerability in the TCP Loopback/Fusion
implementation in ...)
TODO: check
CVE-2007-3468 (input.c in VideoLAN VLC Media Player before 0.8.6c allows
remote ...)
- TODO: check
+ - vlc 0.8.6.c.debian-1 (bug #429726)
CVE-2007-3467 (Integer overflow in the __status_Update function in stats.c
VideoLAN ...)
- TODO: check
+ - vlc 0.8.6.c.debian-1 (bug #429726)
CVE-2007-3466
RESERVED
CVE-2007-3465 (Check Point SofaWare [EMAIL PROTECTED], with firmware before
Embedded NGX ...)
@@ -165,11 +167,11 @@
CVE-2007-3438 (Buffer overflow in the SIP header parsing module in the Nortel
PC ...)
NOT-FOR-US: Nortel PC Client SIP Soft Phone
CVE-2007-3437 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows
remote ...)
- TODO: check
+ NOT-FOR-US: AOL Instant Messenger
CVE-2007-3436 (Microsoft MSN Messenger 4.7 on Windows XP allows remote
attackers to ...)
NOT-FOR-US: Microsoft
CVE-2007-3435 (Stack-based buffer overflow in the BeginPrint method in a
certain ...)
- TODO: check
+ NOT-FOR-US: BarCodeAx.dll
CVE-2007-3434 (index.php in Pharmacy System 2 and earlier allows remote
attackers to ...)
NOT-FOR-US: Pharmacy System
CVE-2007-3433 (SQL injection vulnerability in index.php in Pharmacy System 2
and ...)
@@ -5746,6 +5748,7 @@
- iceweasel <unfixed> (low)
[etch] - iceweasel <no-dsa> (Minor issue)
- iceape <unfixed> (low)
+ [etch] - iceape <no-dsa> (Minor issue)
NOTE: xulrunner by itself is not affeced, but other browsers based on
xulrunner may be affected
TODO: check epiphany, galeon and kazehakase
CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk)
ActiveX ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
