Author: nion Date: 2007-11-15 12:53:50 +0000 (Thu, 15 Nov 2007) New Revision: 7304 Modified: data/CVE/list Log: NFUs new issue for bandersnatch(CVE-2007-5942) CVE-2007-5940 fixed in texlive-bin 2005.dfsg.2-1 and feynmf 1.08-1 CVE-2007-5937 fixed in texlive-bin 2007-13 CVE-2007-5936 fixed in texlive-bin 2007-13 CVE-2007-5935 fixed in 2007.dfsg.1-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-15 05:25:08 UTC (rev 7303) +++ data/CVE/list 2007-11-15 12:53:50 UTC (rev 7304) @@ -1,49 +1,51 @@ CVE-2007-5957 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) ...) - TODO: check + NOT-FOR-US: IBM Informix Dynamic Server CVE-2007-5956 (Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) ...) - TODO: check + NOT-FOR-US: IBM Informix Dynamic Server CVE-2007-5955 (Cross-site scripting (XSS) vulnerability in updir.php in UPDIR.NET ...) - TODO: check + NOT-FOR-US: UPDIR.NET CVE-2007-5954 (Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo ...) - TODO: check + NOT-FOR-US: JLMForo System CVE-2007-5953 (Unspecified vulnerability in Really Simple CalDAV Store (RSCDS) before ...) - TODO: check + NOT-FOR-US: Really Simple CalDAV Store CVE-2007-5952 (Cross-site scripting (XSS) vulnerability in admin/index.php in Helios ...) - TODO: check + NOT-FOR-US: Helios Calendar CVE-2007-5951 (SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows ...) - TODO: check + NOT-FOR-US: E-Vendejo CVE-2007-5950 (Cross-site scripting (XSS) vulnerability in NetCommons before 1.0.11, ...) - TODO: check + NOT-FOR-US: NetCommons CVE-2007-5949 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk ...) - TODO: check + NOT-FOR-US: IBM Tivoli Service Desk CVE-2007-5948 (Multiple cross-site scripting (XSS) vulnerabilities in main.php in ...) - TODO: check + NOT-FOR-US: SF-Shoutbox CVE-2007-5947 (The jar protocol handler in Mozilla Firefox retrieves the inner URL ...) TODO: check CVE-2007-5946 (Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX ...) - TODO: check + NOT-FOR-US: HP-UX CVE-2007-5945 (USVN before 0.6.5 allows remote attackers to obtain a list of ...) - TODO: check + NOT-FOR-US: usvn CVE-2007-5944 (Cross-site scripting (XSS) vulnerability in Servlet Engine / Web ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2007-5943 (Simple Machines Forum (SMF) 1.1.4 allows remote attackers to read a ...) - TODO: check + NOT-FOR-US: Simple Machines Forum CVE-2007-5942 (Bandersnatch 0.4 allows remote attackers to obtain sensitive ...) - TODO: check + - bandersnatch <unfixed> (low; bug #451365) + NOTE: bandersnatch is likely to be removed CVE-2007-5941 (Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in ...) - TODO: check + NOT-FOR-US: Adobe Shockwave CVE-2007-5940 (feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users ...) - TODO: check + - texlive-bin 2005.dfsg.2-1 + - feynmf 1.08-1 CVE-2007-5939 RESERVED CVE-2007-5938 RESERVED CVE-2007-5937 (Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive ...) - TODO: check + - texlive-bin 2007-13 CVE-2007-5936 (dvips in teTeX and TeXlive 2007 and earlier allows local users to ...) - TODO: check + - texlive-bin 2007-13 CVE-2007-5935 (Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive ...) - TODO: check + - texlive-bin 2007.dfsg.1-1 CVE-2007-5934 (The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request ...) TODO: check CVE-2007-5933 (Pioneers (formerly gnocatan) before 0.11.3 allows remote attackers to ...)