Author: joeyh
Date: 2007-07-31 21:14:08 +0000 (Tue, 31 Jul 2007)
New Revision: 6202
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-31 20:38:30 UTC (rev 6201)
+++ data/CVE/list 2007-07-31 21:14:08 UTC (rev 6202)
@@ -778,29 +778,29 @@
CVE-2007-3739
RESERVED
CVE-2007-3738 (Multiple unspecified vulnerabilities in Mozilla Firefox before
2.0.0.5 ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
- iceape 1.1.3-1 (medium)
- xulrunner 1.8.1.5-1 (medium)
- iceweasel 2.0.0.5-1 (medium)
CVE-2007-3737 (Mozilla Firefox before 2.0.0.5 allows remote attackers to
execute ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
- iceape 1.1.3-1 (high)
- xulrunner 1.8.1.5-1 (high)
- iceweasel 2.0.0.5-1 (high)
CVE-2007-3736 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox
before ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
- iceweasel 2.0.0.5-1 (high)
- iceape 1.1.3-1 (high)
- xulrunner 1.8.1.5-1 (high)
CVE-2007-3735 (Multiple unspecified vulnerabilities in the JavaScript engine
in ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
- iceweasel 2.0.0.5-1 (high)
- icedove <unfixed> (low)
NOTE: Affects only broken setups, enabling js in Icedove is strongly
not recommended
- iceape 1.1.3-1 (high)
- xulrunner 1.8.1.5-1 (high)
CVE-2007-3734 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
- iceweasel 2.0.0.5-1 (high)
- icedove <unfixed> (high)
- iceape 1.1.3-1 (high)
@@ -968,7 +968,7 @@
CVE-2007-3657 (** DISPUTED ** ...)
TODO: check
CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does
not ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
- iceweasel 2.0.0.5-1 (high)
- iceape 1.1.3-1 (high)
- xulrunner 1.8.1.5-1 (high)
@@ -2307,7 +2307,7 @@
- mozilla <removed> (medium)
- xulrunner <unfixed> (medium)
CVE-2007-3089 (Mozilla Firefox before 2.0.0.5 does not prevent use of
document.write ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
- iceweasel 2.0.0.5-1 (low)
- iceape 1.1.3-1 (low)
- xulrunner 1.8.1.5-1 (low)
@@ -2780,7 +2780,7 @@
NOTE: Only triggerable by malicious script
NOTE: Fix from 5.2.3 was ineffective
CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4,
and ...)
- {DSA-1308-1 DSA-1306-1 DSA-1300-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1}
NOTE: MFSA2007-17
- iceweasel 2.0.0.4-1 (low)
- iceape 1.1.2-1 (low)
@@ -2788,7 +2788,7 @@
- mozilla <removed> (low)
- xulrunner 1.8.1.4-1 (low)
CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4,
and ...)
- {DSA-1308-1 DSA-1306-1 DSA-1300-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1}
NOTE: MFSA2007-16
- iceweasel 2.0.0.4-1 (medium)
- iceape 1.1.2-1 (medium)
@@ -2796,7 +2796,7 @@
- mozilla <removed> (medium)
- xulrunner 1.8.1.4-1 (medium)
CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before
...)
- {DSA-1308-1 DSA-1306-1}
+ {DSA-1308-1 DSA-1306-1 DTSA-45-1}
NOTE: MFSA2007-13
- iceweasel 2.0.0.4-1 (unimportant)
- iceape 1.1.2-1 (unimportant)
@@ -2804,7 +2804,7 @@
- mozilla <removed> (unimportant)
- xulrunner 1.8.1.4-1 (unimportant)
CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla
Firefox ...)
- {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1}
NOTE: MFSA2007-12
- iceweasel 2.0.0.4-1 (high)
- iceape 1.1.2-1 (high)
@@ -2815,7 +2815,7 @@
- xulrunner 1.8.1.4-1 (high)
[sarge] - mozilla-thunderbird <unfixed> (low)
CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla
Firefox ...)
- {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1}
NOTE: MFSA2007-12
- iceweasel 2.0.0.4-1 (high)
- iceape 1.1.2-1 (high)
@@ -5240,6 +5240,7 @@
CVE-2007-1805 (SQL injection vulnerability in genre.php in the debaser 0.92
and ...)
NOT-FOR-US: debaser module for Xoops
CVE-2007-1804 (PulseAudio 0.9.5 allows remote attackers to cause a denial of
service ...)
+ {DTSA-44-1}
- pulseaudio 0.9.6-1 (low)
CVE-2007-1803 (Unspecified vulnerability in MailDwarf 3.01 and earlier allows
remote ...)
NOT-FOR-US: MailDwarf
@@ -6338,7 +6339,7 @@
CVE-2007-1363 (Multiple SQL injection vulnerabilities in DropAFew before 0.2.1
allow ...)
NOT-FOR-US: DropAFew
CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4,
and ...)
- {DSA-1308-1 DSA-1306-1 DSA-1300-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1}
NOTE: MFSA2007-14
- iceape 1.1.2-1 (low)
- iceweasel 2.0.0.4-1 (low)
@@ -7042,7 +7043,7 @@
CVE-2007-1117 (Unspecified vulnerability in Publisher 2007 in Microsoft Office
2007 ...)
NOT-FOR-US: Microsoft Office
CVE-2007-1116 (The CheckLoadURI function in Mozilla Firefox 1.8 lists the
about: URI ...)
- {DSA-1308-1 DSA-1306-1 DSA-1300-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1}
- iceweasel 2.0.0.4-1 (low)
- iceape 1.1.2-1 (low)
- xulrunner 1.8.1.4-1 (bug #415919; bug #415944; bug #415945; low)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
