Author: nion Date: 2008-03-26 19:25:24 +0000 (Wed, 26 Mar 2008) New Revision: 8418 Modified: data/CVE/list Log: setting CVE-2008-1467 to unimportant as there is hardly any real life attack vector Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-03-26 19:07:23 UTC (rev 8417) +++ data/CVE/list 2008-03-26 19:25:24 UTC (rev 8418) @@ -44,10 +44,9 @@ CVE-2008-1468 (Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu ...) - namazu2 <unfixed> (low; bug #472644) CVE-2008-1467 (CenterIM 4.22.3 and earlier allows remote attackers to execute ...) - - centerim <unfixed> (low; bug #472649) + - centerim <unfixed> (unimportant; bug #472649) NOTE: the victim needs to list the URLs in the message with F2 and press enter on it - NOTE: the victim can see the complete URL including the commands however so the impact - NOTE: is really low, setting it to unimportant maybe? + NOTE: the victim can see the complete URL including the commands however so the impact is really low CVE-2008-1466 (Multiple PHP remote file inclusion vulnerabilities in W-Agora 4.0 ...) NOT-FOR-US: W-Agora CVE-2008-1465 (SQL injection vulnerability in the Detodas Restaurante ...)