Author: keescook-guest
Date: 2007-03-12 21:10:46 +0000 (Mon, 12 Mar 2007)
New Revision: 5540
Modified:
data/CVE/list
Log:
merge capi vuln into assigned CVE
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-03-10 21:14:12 UTC (rev 5539)
+++ data/CVE/list 2007-03-12 21:10:46 UTC (rev 5540)
@@ -199,8 +199,11 @@
CVE-2007-1219 (PHP remote file inclusion vulnerability in actions/del.php in
Admin ...)
NOT-FOR-US: Phorum
CVE-2007-1217 (Buffer overflow in the bufprint function in capiutil.c in
libcapi, as ...)
- - isdnutils <unfixed> (low)
- - linux-2.6 <unfixed> (low)
+ - isdnutils 1:3.9.20060704-3 (bug #408530; low)
+ [sarge] - isdnutils <no-dsa> (Not exploitable over ISDN network)
+ - asterisk-chan-capi 0.7.1-1.1 (bug #411293)
+ - linux-2.6 <unfixed> (bug #411294; low)
+ NOTE: Not exploitable over ISDN network, only through a CAPI server
CVE-2007-1216
RESERVED
CVE-2007-1215
@@ -913,12 +916,6 @@
NOT-FOR-US: AT Contenator
CVE-2007-0982 (Cross-site scripting (XSS) vulnerability in error.php in
TaskFreak! ...)
NOT-FOR-US: TaskFreak!
-CVE-2007-XXXX [capi_{cmsg,message}2str not thread-safe; vulnerable to buffer
overflow]
- - isdnutils 1:3.9.20060704-3 (bug #408530)
- [sarge] - isdnutils <no-dsa> (Not exploitable over ISDN network)
- - asterisk-chan-capi 0.7.1-1.1 (bug #411293)
- - linux-2.6 <unfixed> (bug #411294)
- NOTE: Not exploitable over ISDN network, only through a CAPI server
CVE-2007-0981 (Mozilla based browsers, including Firefox before 1.5.0.10 and
2.x ...)
NOTE: MFSA-2007-07
- iceweasel 2.0.0.1+dfsg-3 (bug #411192; high)