Author: nion
Date: 2007-09-15 01:14:43 +0000 (Sat, 15 Sep 2007)
New Revision: 6613
Modified:
data/CVE/list
Log:
NFUs
CVE-2007-4889, CVE-2007-4887 php5 unfixed (unimportant)
CVE-2007-4883 mediawiki-extensions not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-15 00:07:37 UTC (rev 6612)
+++ data/CVE/list 2007-09-15 01:14:43 UTC (rev 6613)
@@ -1,25 +1,27 @@
CVE-2007-4891 (A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and
earlier in ...)
- TODO: check
+ NOT-FOR-US: PDWizard
CVE-2007-4890 (Absolute directory traversal vulnerability in a certain ActiveX
...)
- TODO: check
+ NOT-FOR-US: Microsoft Visual Studio
CVE-2007-4889 (The MySQL extension in PHP 5.2.4 and earlier allows remote
attackers ...)
- TODO: check
+ - php5 <unfixed> (unimportant)
+ NOTE: Only triggerable by malicious script
CVE-2007-4888 (The "You are not allowed..." error handler in XWiki
1.0 B1 and 1.0 B2 ...)
- TODO: check
+ NOT-FOR-US: Xwiki
CVE-2007-4887 (The dl function in PHP 5.2.4 and earlier allows
context-dependent ...)
- TODO: check
+ - php5 <unfixed> (unimportant)
+ NOTE: Only triggerable by malicious script
CVE-2007-4886 (Incomplete blacklist vulnerability in index.php in AuraCMS 1.x
and ...)
- TODO: check
+ NOT-FOR-US: Aura CMS
CVE-2007-4885 (Avnex AV MP3 Player allows user-assisted remote attackers to
cause a ...)
- TODO: check
+ NOT-FOR-US: Avnex AV MP3 Player
CVE-2007-4884 (Media Player Classic (MPC) allows user-assisted remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-2007-4883 (Cross-site scripting (XSS) vulnerability in the BotQuery
extension in ...)
- TODO: check
+ - mediawiki-extensions <not-affected> (We don't ship this extension)
CVE-2007-4882 (Multiple cross-site scripting (XSS) vulnerabilities in
TechExcel ...)
- TODO: check
+ NOT-FOR-US: TechExcel CustomerWise
CVE-2007-4881 (SQL injection vulnerability in profile/myprofile.php in
psi-labs.com ...)
- TODO: check
+ NOT-FOR-US: Psilabs
CVE-2007-4880
RESERVED
CVE-2007-4879 (Mozilla Firefox 2.0.x can automatically install TLS client ...)
@@ -81,9 +83,9 @@
CVE-2007-4851
RESERVED
CVE-2006-7223 (PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set
the ...)
- TODO: check
+ NOT-FOR-US: Xwiki
CVE-2005-4862 (The search functionality in XWiki 0.9.793 indexes cleartext
user ...)
- TODO: check
+ NOT-FOR-US: Xwiki
CVE-2007-4850
RESERVED
CVE-2007-4849 (JFFS2, as used on One Laptop Per Child (OLPC) build 542 and
possibly ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
