white at alioth.debian.org
2007-Nov-28 12:19 UTC
[Secure-testing-commits] r7425 - data/CVE
Author: white Date: 2007-11-28 12:19:50 +0000 (Wed, 28 Nov 2007) New Revision: 7425 Modified: data/CVE/list Log: NFUs; report all the php5 issues to the BTS Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-28 12:12:43 UTC (rev 7424) +++ data/CVE/list 2007-11-28 12:19:50 UTC (rev 7425) @@ -123,7 +123,7 @@ CVE-2007-6061 (Audacity 1.3.2 creates a temporary directory with a predictable name ...) - audacity <unfixed> (bug #453283) CVE-2007-6060 (AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a ...) - NOT-FOR-US: AhnLab Antivirus + NOT-FOR-US: AhnLab Antivirus 3 Internet Security 2008 Platinum CVE-2007-6059 (Javamail does not properly handle a series of invalid login attempts ...) NOT-FOR-US: Javamail CVE-2007-6058 (Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 ...) @@ -135,7 +135,7 @@ CVE-2007-6055 (Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay ...) NOT-FOR-US: Liferay Portal CVE-2007-6054 (Cross-site scripting (XSS) vulnerability in the login page in the ...) - TODO: check + NOT-FOR-US: Aruba 800 Mobility Controller CVE-2007-6053 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large ...) NOT-FOR-US: IBM DB2 CVE-2007-6052 (IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector ...) @@ -159,13 +159,13 @@ CVE-2007-6043 (The CryptGenRandom function in Microsoft Windows 2000 generates ...) NOT-FOR-US: Windows CVE-2007-6042 (PHP remote file inclusion vulnerability in fehler.inc.php in SWSoft ...) - TODO: check + NOT-FOR-US: SWSoft Confixx Professional CVE-2007-6041 (Buffer overflow in the Sequencer::queueMessage function in ...) - TODO: check + NOT-FOR-US: Rigs of Rods (RoR) CVE-2007-6040 (The Belkin F5D7230-4 Wireless G Router allows remote attackers to ...) - TODO: check + NOT-FOR-US: Belkin F5D7230-4 Wireless G Router CVE-2007-6039 (PHP 5.2.5 and earlier allows context-dependent attackers to cause a ...) - TODO: check + - php5 <unfixed> (bug #453295) CVE-2007-6077 (The session fixation protection mechanism in cgi_process.rb in Rails ...) - rails <unfixed> (low; bug #452748) CVE-2007-6111 (Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) ...) @@ -549,11 +549,11 @@ CVE-2007-5901 RESERVED CVE-2007-5900 (PHP before 5.2.5 allows local users to bypass protection mechanisms ...) - TODO: check + - php5 <unfixed> (bug #453295) CVE-2007-5899 (The output_add_rewrite_var function in PHP before 5.2.5 rewrites local ...) - TODO: check + - php5 <unfixed> (bug #453295) CVE-2007-5898 (The (1) htmlentities and (2) htmlspecialchars functions in PHP before ...) - TODO: check + - php5 <unfixed> (bug #453295) CVE-2007-5897 (Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, ...) NOT-FOR-US: Oracle CVE-2007-5896 (Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of ...)