Author: fgeek-guest
Date: 2012-05-10 21:25:58 +0000 (Thu, 10 May 2012)
New Revision: 19199
Modified:
data/CVE/list
Log:
Merged CVE-2007-1054 and CVE-2007-XXXX MediaWiki XSS based on Microsoft
Internet Explorer\'s UTF-7 charset autodetection.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-05-10 21:14:38 UTC (rev 19198)
+++ data/CVE/list 2012-05-10 21:25:58 UTC (rev 19199)
@@ -79430,6 +79430,7 @@
- mediawiki 1.7.1-9 (bug #406238; medium)
CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features
in ...)
- mediawiki 1.7.1-9 (bug #406238; medium)
+ NOTE: http://osvdb.org/show/osvdb/32078
CVE-2007-1053 (** DISPUTED ** ...)
NOT-FOR-US: phpXmms
CVE-2007-1052 (** DISPUTED ** ...)
@@ -79635,8 +79636,6 @@
CVE-2006-XXXX [pure-ftpd-mysql: any problems with a home dir will allow rw to
the entire filesystem]
- pure-ftpd 1.0.21-1 (low)
NOTE: oldstable is affected
-CVE-2007-XXXX [MediaWiki XSS based on Microsoft Internet Explorer's UTF-7
charset autodetection]
- - mediawiki1.7 1.7.1-9 (low)
CVE-2007-1049 (Cross-site scripting (XSS) vulnerability in the
wp_explain_nonce ...)
{DTSA-34-1}
- wordpress 2.1.1-1 (low)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
