Author: fw Date: 2007-04-21 08:49:32 +0000 (Sat, 21 Apr 2007) New Revision: 5694 Modified: data/CVE/list Log: CVE-2007-1869, CVE-2007-1870: lighttpd fixed NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-04-21 08:41:10 UTC (rev 5693) +++ data/CVE/list 2007-04-21 08:49:32 UTC (rev 5694) @@ -280,7 +280,7 @@ CVE-2007-1974 (SQL injection vulnerability in the getArticle function in ...) NOT-FOR-US: Xoops modules CVE-2007-1973 (Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel ...) - TODO: check + NOT-FOR-US: Microsoft Windows CVE-2007-1972 RESERVED CVE-2006-7194 (PHP remote file inclusion vulnerability in ...) @@ -288,7 +288,7 @@ CVE-2006-7193 (** DISPUTED ** ...) NOT-FOR-US: disputed (SMARTY_DIR is a constant) CVE-2003-1325 (The SV_CheckForDuplicateNames function in Valve Software Half-Life ...) - TODO: check + NOT-FOR-US: Half-Life CVE-2007-XXXX [mydms SQL injection] - mydms 1.4.4+1-5 CVE-2007-1971 (SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi ...) @@ -450,9 +450,9 @@ CVE-2007-1893 (xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows ...) - wordpress 2.1.3-1 (medium) CVE-2007-1892 (Stack-based buffer overflow in Akamai Technologies Download Manager ...) - TODO: check + NOT-FOR-US: Akamai CVE-2007-1891 (Stack-based buffer overflow in the GetPrivateProfileSectionW function ...) - TODO: check + NOT-FOR-US: Akamai CVE-2007-1890 (Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and ...) - php4 <unfixed> (unimportant) - php5 <unfixed> (unimportant) @@ -506,9 +506,9 @@ CVE-2007-1871 (Cross-site scripting (XSS) vulnerability in chcounter 3.1.3 allows ...) NOT-FOR-US: chcounter CVE-2007-1870 (lighttpd before 1.4.14 allows attackers to cause a denial of service ...) - TODO: check + - lighttpd 1.4.15-1 (low) CVE-2007-1869 (lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial ...) - TODO: check + - lighttpd 1.4.15-1 (medium) CVE-2007-1868 (The management service in IBM Tivoli Provisioning Manager for OS ...) NOT-FOR-US: IBM Tivoli Provisioning Manager CVE-2007-1867 (Buffer overflow in IrfanView 3.99 allows remote attackers to execute ...)