Author: nion Date: 2007-11-26 12:21:51 +0000 (Mon, 26 Nov 2007) New Revision: 7393 Modified: data/CVE/list Log: CVE-2007-5415 unimportant Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-26 11:17:28 UTC (rev 7392) +++ data/CVE/list 2007-11-26 12:21:51 UTC (rev 7393) @@ -2075,8 +2075,9 @@ NOTE: The underlying PHP issue has been fixed in DSA 1206. NOTE: Plus, register_globals is not supported in Debian CVE-2007-5415 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0, when ...) - TODO: check - NOTE: can not reproduce any of the PoC urls in unstable version, anyone knows more? + - iceweasel <unfixed> (unimportant) + NOTE: if you are on a site which allows UTF-7 sure you need to sanitize the + NOTE: equivalent strings in UTF-7 NOTE: referring to the mozilla security team this is a non-issue and a duplicate of NOTE: CVE-2007-5414, mailed mitre CVE-2007-5414 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)