Author: fgeek-guest
Date: 2012-05-10 21:25:58 +0000 (Thu, 10 May 2012)
New Revision: 19199
Modified:
data/CVE/list
Log:
Merged CVE-2007-1054 and CVE-2007-XXXX MediaWiki XSS based on Microsoft Internet
Explorer\''s UTF-7 charset autodetection.
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-05-10 21:14:38 UTC (rev 19198)
+++ data/CVE/list 2012-05-10 21:25:58 UTC (rev 19199)
@@ -79430,6 +79430,7 @@
- mediawiki 1.7.1-9 (bug #406238; medium)
CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features in
...)
- mediawiki 1.7.1-9 (bug #406238; medium)
+ NOTE: http://osvdb.org/show/osvdb/32078
CVE-2007-1053 (** DISPUTED ** ...)
NOT-FOR-US: phpXmms
CVE-2007-1052 (** DISPUTED ** ...)
@@ -79635,8 +79636,6 @@
CVE-2006-XXXX [pure-ftpd-mysql: any problems with a home dir will allow rw to
the entire filesystem]
- pure-ftpd 1.0.21-1 (low)
NOTE: oldstable is affected
-CVE-2007-XXXX [MediaWiki XSS based on Microsoft Internet Explorer''s
UTF-7 charset autodetection]
- - mediawiki1.7 1.7.1-9 (low)
CVE-2007-1049 (Cross-site scripting (XSS) vulnerability in the wp_explain_nonce
...)
{DTSA-34-1}
- wordpress 2.1.1-1 (low)