Author: fw Date: 2007-06-02 07:41:09 +0000 (Sat, 02 Jun 2007) New Revision: 5964 Modified: data/CVE/list Log: CVE-2007-2865: phppgadmin CVE-2007-2844: php5 fixed CVE-2007-2829, CVE-2007-2830, CVE-2007-2831: madwifi-source CVE-2007-2821: wordpress fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-06-02 07:04:50 UTC (rev 5963) +++ data/CVE/list 2007-06-02 07:41:09 UTC (rev 5964) @@ -218,7 +218,7 @@ CVE-2007-2866 (Multiple SQL injection vulnerabilities in ...) TODO: check CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin ...) - TODO: check + - phppgadmin <unfixed> (low; bug #427151) CVE-2007-2864 RESERVED CVE-2007-2863 @@ -260,9 +260,11 @@ CVE-2007-2845 (Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus ...) TODO: check CVE-2007-2844 (PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, ...) - TODO: check + - php5 5.2.2-1 (low) + - php4 <unfixed> (low) CVE-2007-2843 (Cross-domain vulnerability in Apple Safari 2.0.4 allows remote ...) TODO: check + NOTE: Does not seem to work with Konqueror. CVE-2007-2842 RESERVED CVE-2007-2841 @@ -286,11 +288,11 @@ CVE-2007-2832 (Cross-site scripting (XSS) vulnerability in the web application ...) TODO: check CVE-2007-2831 (Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ...) - TODO: check + - madwifi-source <unfixed> (high) CVE-2007-2830 (The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 ...) - TODO: check + - madwifi-source <unfixed> (medium) CVE-2007-2829 (The 802.11 network stack in net80211/ieee80211_input.c in MadWifi ...) - TODO: check + - madwifi-source <unfixed> (medium) CVE-2007-2828 (Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php ...) TODO: check CVE-2007-2827 (Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX ...) @@ -306,7 +308,7 @@ CVE-2007-2822 (TutorialCMS 1.01 and earlier, when register_globals is enabled, allows ...) TODO: check CVE-2007-2821 (SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress ...) - TODO: check + - wordpress 2.2-1 (high) CVE-2007-2820 (Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX ...) TODO: check CVE-2007-2819 (Cross-site scripting (XSS) vulnerability in reportItem.do in Track+ ...)