Author: nion Date: 2007-09-15 01:14:43 +0000 (Sat, 15 Sep 2007) New Revision: 6613 Modified: data/CVE/list Log: NFUs CVE-2007-4889, CVE-2007-4887 php5 unfixed (unimportant) CVE-2007-4883 mediawiki-extensions not-affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-09-15 00:07:37 UTC (rev 6612) +++ data/CVE/list 2007-09-15 01:14:43 UTC (rev 6613) @@ -1,25 +1,27 @@ CVE-2007-4891 (A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in ...) - TODO: check + NOT-FOR-US: PDWizard CVE-2007-4890 (Absolute directory traversal vulnerability in a certain ActiveX ...) - TODO: check + NOT-FOR-US: Microsoft Visual Studio CVE-2007-4889 (The MySQL extension in PHP 5.2.4 and earlier allows remote attackers ...) - TODO: check + - php5 <unfixed> (unimportant) + NOTE: Only triggerable by malicious script CVE-2007-4888 (The "You are not allowed..." error handler in XWiki 1.0 B1 and 1.0 B2 ...) - TODO: check + NOT-FOR-US: Xwiki CVE-2007-4887 (The dl function in PHP 5.2.4 and earlier allows context-dependent ...) - TODO: check + - php5 <unfixed> (unimportant) + NOTE: Only triggerable by malicious script CVE-2007-4886 (Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and ...) - TODO: check + NOT-FOR-US: Aura CMS CVE-2007-4885 (Avnex AV MP3 Player allows user-assisted remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Avnex AV MP3 Player CVE-2007-4884 (Media Player Classic (MPC) allows user-assisted remote attackers to ...) - TODO: check + NOT-FOR-US: Windows CVE-2007-4883 (Cross-site scripting (XSS) vulnerability in the BotQuery extension in ...) - TODO: check + - mediawiki-extensions <not-affected> (We don''t ship this extension) CVE-2007-4882 (Multiple cross-site scripting (XSS) vulnerabilities in TechExcel ...) - TODO: check + NOT-FOR-US: TechExcel CustomerWise CVE-2007-4881 (SQL injection vulnerability in profile/myprofile.php in psi-labs.com ...) - TODO: check + NOT-FOR-US: Psilabs CVE-2007-4880 RESERVED CVE-2007-4879 (Mozilla Firefox 2.0.x can automatically install TLS client ...) @@ -81,9 +83,9 @@ CVE-2007-4851 RESERVED CVE-2006-7223 (PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the ...) - TODO: check + NOT-FOR-US: Xwiki CVE-2005-4862 (The search functionality in XWiki 0.9.793 indexes cleartext user ...) - TODO: check + NOT-FOR-US: Xwiki CVE-2007-4850 RESERVED CVE-2007-4849 (JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly ...)