Author: joeyh
Date: 2007-08-01 21:14:07 +0000 (Wed, 01 Aug 2007)
New Revision: 6212
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-01 20:42:38 UTC (rev 6211)
+++ data/CVE/list 2007-08-01 21:14:07 UTC (rev 6212)
@@ -794,29 +794,29 @@
CVE-2007-3739
RESERVED
CVE-2007-3738 (Multiple unspecified vulnerabilities in Mozilla Firefox before
2.0.0.5 ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1}
- iceape 1.1.3-1 (medium)
- xulrunner 1.8.1.5-1 (medium)
- iceweasel 2.0.0.5-1 (medium)
CVE-2007-3737 (Mozilla Firefox before 2.0.0.5 allows remote attackers to
execute ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1}
- iceape 1.1.3-1 (high)
- xulrunner 1.8.1.5-1 (high)
- iceweasel 2.0.0.5-1 (high)
CVE-2007-3736 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox
before ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1}
- iceweasel 2.0.0.5-1 (high)
- iceape 1.1.3-1 (high)
- xulrunner 1.8.1.5-1 (high)
CVE-2007-3735 (Multiple unspecified vulnerabilities in the JavaScript engine
in ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1}
- iceweasel 2.0.0.5-1 (high)
- icedove <unfixed> (low)
NOTE: Affects only broken setups, enabling js in Icedove is strongly
not recommended
- iceape 1.1.3-1 (high)
- xulrunner 1.8.1.5-1 (high)
CVE-2007-3734 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1}
- iceweasel 2.0.0.5-1 (high)
- icedove <unfixed> (high)
- iceape 1.1.3-1 (high)
@@ -984,7 +984,7 @@
CVE-2007-3657 (** DISPUTED ** ...)
TODO: check
CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does
not ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1}
- iceweasel 2.0.0.5-1 (high)
- iceape 1.1.3-1 (high)
- xulrunner 1.8.1.5-1 (high)
@@ -2336,7 +2336,7 @@
- mozilla <removed> (medium)
- xulrunner <unfixed> (medium)
CVE-2007-3089 (Mozilla Firefox before 2.0.0.5 does not prevent use of
document.write ...)
- {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1}
+ {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1}
- iceweasel 2.0.0.5-1 (low)
- iceape 1.1.3-1 (low)
- xulrunner 1.8.1.5-1 (low)
@@ -2809,7 +2809,7 @@
NOTE: Only triggerable by malicious script
NOTE: Fix from 5.2.3 was ineffective
CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4,
and ...)
- {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1}
NOTE: MFSA2007-17
- iceweasel 2.0.0.4-1 (low)
- iceape 1.1.2-1 (low)
@@ -2817,7 +2817,7 @@
- mozilla <removed> (low)
- xulrunner 1.8.1.4-1 (low)
CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4,
and ...)
- {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1}
NOTE: MFSA2007-16
- iceweasel 2.0.0.4-1 (medium)
- iceape 1.1.2-1 (medium)
@@ -2833,7 +2833,7 @@
- mozilla <removed> (unimportant)
- xulrunner 1.8.1.4-1 (unimportant)
CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla
Firefox ...)
- {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1
DTSA-47-1}
NOTE: MFSA2007-12
- iceweasel 2.0.0.4-1 (high)
- iceape 1.1.2-1 (high)
@@ -2844,7 +2844,7 @@
- xulrunner 1.8.1.4-1 (high)
[sarge] - mozilla-thunderbird <unfixed> (low)
CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla
Firefox ...)
- {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1
DTSA-47-1}
NOTE: MFSA2007-12
- iceweasel 2.0.0.4-1 (high)
- iceape 1.1.2-1 (high)
@@ -5876,7 +5876,7 @@
CVE-2007-1559 (Stack-based buffer overflow in SonicDVDDashVRNav.dll in Roxio
...)
NOT-FOR-US: Roxio
CVE-2007-1558 (The APOP protocol allows remote attackers to guess the first 3
...)
- {DSA-1305-1 DSA-1300-1}
+ {DSA-1305-1 DSA-1300-1 DTSA-46-1 DTSA-47-1}
NOTE: Affects various clients, but no practical security implications
NOTE: MFSA2007-15
- icedove 2.0.0.4-1 (unimportant)
@@ -6378,7 +6378,7 @@
CVE-2007-1363 (Multiple SQL injection vulnerabilities in DropAFew before 0.2.1
allow ...)
NOT-FOR-US: DropAFew
CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4,
and ...)
- {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1}
NOTE: MFSA2007-14
- iceape 1.1.2-1 (low)
- iceweasel 2.0.0.4-1 (low)
@@ -7082,7 +7082,7 @@
CVE-2007-1117 (Unspecified vulnerability in Publisher 2007 in Microsoft Office
2007 ...)
NOT-FOR-US: Microsoft Office
CVE-2007-1116 (The CheckLoadURI function in Mozilla Firefox 1.8 lists the
about: URI ...)
- {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1}
+ {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1}
- iceweasel 2.0.0.4-1 (low)
- iceape 1.1.2-1 (low)
- xulrunner 1.8.1.4-1 (bug #415919; bug #415944; bug #415945; low)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
