keescook-guest at alioth.debian.org
2007-May-18 18:43 UTC
[Secure-testing-commits] r5879 - data/CVE
Author: keescook-guest Date: 2007-05-18 18:43:16 +0000 (Fri, 18 May 2007) New Revision: 5879 Modified: data/CVE/list Log: NFUs: 3, unfixed: mutt wordpress, fixed: moin squirrelmail Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-18 16:16:41 UTC (rev 5878) +++ data/CVE/list 2007-05-18 18:43:16 UTC (rev 5879) @@ -71,7 +71,7 @@ CVE-2007-2684 RESERVED CVE-2007-2683 (Buffer overflow in Mutt 1.4.2 might allow local users to execute ...) - TODO: check + - mutt <unfixed> (low) CVE-2007-2682 RESERVED CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in b2evolution ...) @@ -79,7 +79,7 @@ CVE-2007-2680 (Cross-site scripting (XSS) vulnerability in the management interface ...) NOT-FOR-US: Canon CVE-2007-2679 (PHP file inclusion vulnerability in index.php in Ivan Peevski gallery ...) - TODO: check + NOT-FOR-US: Simple PHP Scripts CVE-2007-2678 (Buffer overflow in the isChecked function in toolbar.dll in Netsprint ...) NOT-FOR-US: Netsprint CVE-2007-2677 (Multiple PHP remote file inclusion vulnerabilities in phpChess ...) @@ -163,7 +163,7 @@ CVE-2007-2638 (eFileCabinet 3.3 allows remote attackers to bypass authentication and ...) NOT-FOR-US: eFileCabinet CVE-2007-2637 (MoinMoin before 20070507 does not properly enforce ACLs for calendars ...) - TODO: check + - moin 1.5.7-2 (low) CVE-2007-2636 (Unspecified vulnerability in phpTodo before 0.8.1 allows remote ...) NOT-FOR-US: phpTodo CVE-2007-2635 (Unspecified vulnerability in Interchange before 5.4.2 allows remote ...) @@ -183,7 +183,7 @@ CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php in ...) NOT-FOR-US: PHPSecurityAdmin CVE-2007-2627 (Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, ...) - TODO: check + - wordpress <unfixed> (low) CVE-2007-2626 (** DISPUTED ** ...) NOT-FOR-US: SchoolBoard CVE-2007-2625 (Cross-site scripting (XSS) vulnerability in ...) @@ -203,7 +203,7 @@ CVE-2007-2618 (CRLF injection vulnerability in index.php in Drake CMS 0.4.0 allows ...) NOT-FOR-US: Drake CMS CVE-2007-2617 (srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core ...) - TODO: check + NOT-FOR-US: Sun Solaris CVE-2007-2616 (Stack-based buffer overflow in the SSL version of the NMDMC.EXE ...) NOT-FOR-US: Novell NetMail CVE-2007-2615 (Multiple PHP remote file inclusion vulnerabilities in Crie seu ...) @@ -219,7 +219,7 @@ CVE-2007-2610 (Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and ...) NOT-FOR-US: OpenLD CVE-2007-2609 (Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 ...) - TODO: check + NOT-FOR-US: gnuedu CVE-2007-2608 (PHP remote file inclusion vulnerability in ...) NOT-FOR-US: Miplex2 CVE-2007-2607 (PHP remote file inclusion vulnerability in views/print/printbar.php in ...) @@ -259,7 +259,7 @@ CVE-2007-2590 (Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, ...) NOT-FOR-US: Nokia CVE-2007-2589 (Cross-site request forgery (CSRF) vulnerability in compose.php in ...) - TODO: check + - squirrelmail 2:1.4.10a-1 (low) CVE-2003-1327 (Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and ...) TODO: check CVE-2006-XXXX [PHP SOAP Extension HTTP Authentication Weak Nonce]