jmm-guest at alioth.debian.org
2007-Jul-19 07:53 UTC
[Secure-testing-commits] r6152 - data/CVE
Author: jmm-guest Date: 2007-07-19 07:53:04 +0000 (Thu, 19 Jul 2007) New Revision: 6152 Modified: data/CVE/list Log: new mozilla issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-18 22:08:52 UTC (rev 6151) +++ data/CVE/list 2007-07-19 07:53:04 UTC (rev 6152) @@ -47,16 +47,23 @@ RESERVED CVE-2007-3739 RESERVED -CVE-2007-3738 +CVE-2007-3738 [Firefox XPCNativeWrapper code injection] RESERVED -CVE-2007-3737 + - iceweasel <unfixed> (medium) +CVE-2007-3737 [Firefox insecure event handler code injection] RESERVED -CVE-2007-3736 + - iceweasel <unfixed> +CVE-2007-3736 [Firefox addEventListener() and setTimeout () same-origin bypass] RESERVED -CVE-2007-3735 + - iceweasel <unfixed> (high) +CVE-2007-3735 [memory corruption in layout engine] RESERVED -CVE-2007-3734 + - iceweasel <unfixed> (high) + - icedove <unfixed> (high) +CVE-2007-3734 [memory corruption in js engine] RESERVED + - iceweasel <unfixed> (high) + - icedove <unfixed> (high) CVE-2007-3733 RESERVED CVE-2007-3732 @@ -186,7 +193,8 @@ CVE-2007-3671 (Unspecified vulnerability in the kernel in Microsoft Windows Vista has ...) TODO: check CVE-2007-3670 (Argument injection vulnerability in Microsoft Internet Explorer, when ...) - TODO: check + - iceweasel <not-affected> (Only affects Firefox/Thunderbird on Windows) + - icedove <not-affected> (Only affects Firefox/Thunderbird on Windows) CVE-2007-3669 (Multiple unspecified vulnerabilities in the Innovasys DockStudioXP ...) TODO: check CVE-2007-3668 (Multiple unspecified vulnerabilities in NMSDVDXU.DLL in NuMedia ...) @@ -214,7 +222,7 @@ CVE-2007-3657 (** DISPUTED ** ...) TODO: check CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not ...) - TODO: check + - iceweasel <unfixed> (medium) CVE-2007-3655 (Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE ...) TODO: check CVE-2007-3654 @@ -1085,11 +1093,11 @@ CVE-2007-3286 RESERVED CVE-2007-3285 (Mozilla Firefox allows remote attackers to bypass file type checks via ...) - - iceweasel <unfixed> (medium) - - iceape <unfixed> (medium) - - firefox <removed> (medium) - - mozilla <removed> (medium) - - xulrunner <unfixed> (medium) + - iceweasel <unfixed> (low) + - iceape <unfixed> (low) + - firefox <removed> (low) + - mozilla <removed> (low) + - xulrunner <unfixed> (low) CVE-2007-3284 (corefoundation.dll in Apple Safari 3.0.1 (552.12.2) for Windows allows ...) NOT-FOR-US: Apple Safari CVE-2007-3283 (GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root ...)