jmm-guest at alioth.debian.org
2007-Jul-26 17:08 UTC
[Secure-testing-commits] r6177 - data/CVE
Author: jmm-guest Date: 2007-07-26 17:08:13 +0000 (Thu, 26 Jul 2007) New Revision: 6177 Modified: data/CVE/list Log: iceweasel status checks fck editor appears to be a non-issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-26 11:10:10 UTC (rev 6176) +++ data/CVE/list 2007-07-26 17:08:13 UTC (rev 6177) @@ -1607,9 +1607,14 @@ CVE-2007-3164 (Microsoft Internet Explorer 7, when prompting for HTTP Basic ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in Frederico ...) - - moin <unfixed> (bug #429205) - - knowledgeroot 0.9.8.2-2 (bug #429204) - - karrigell <unfixed> (bug #429207) + - moin <unfixed> (unimportant; bug #429205) + - knowledgeroot 0.9.8.2-2 (unimportant; bug #429204) + - karrigell <unfixed> (unimportant; bug #429207) + NOTE: This is only exploitable on NTFS filesystems + NOTE: Given the state of Linux'' NTFS support it seems highly unlikely + NOTE: and given the state of ext3/XFS highly stupid to run a Debian-based + NOTE: web server with NTFS + TODO: Check, whether NTFS on Linux is affected at all, I doubt so CVE-2007-3162 (Buffer overflow in the NotSafe function in the idaiehlp ActiveX ...) NOT-FOR-US: Internet Download Accelerator CVE-2007-3161 (Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote ...) @@ -6194,7 +6199,8 @@ CVE-2007-1257 (The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, ...) NOT-FOR-US: Cisco CVE-2007-1256 (Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address ...) - - iceweasel <unfixed> (medium) + - iceweasel <unfixed> (unimportant) + NOTE: Not exploitable CVE-2007-1255 (Unrestricted file upload vulnerability in admin.bbcode.php in ...) NOT-FOR-US: Connectix Boards CVE-2007-1254 (SQL injection vulnerability in part.userprofile.php in Connectix ...) @@ -6579,6 +6585,7 @@ NOT-FOR-US: VirtueMart CVE-2007-1095 (Mozilla Firefox does not properly implement JavaScript onUnload ...) - iceweasel <unfixed> (low) + NOTE: Pending for upcoming security releases CVE-2007-1094 (Microsoft Internet Explorer 7 allows remote attackers to cause a ...) NOT-FOR-US: Microsoft IE CVE-2007-1093 (Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager ...)