Author: stef-guest Date: 2007-02-11 19:53:29 +0100 (Sun, 11 Feb 2007) New Revision: 5436 Modified: data/CVE/list Log: - new ikiwiki issue fixed - CVE-2007-0770: new *magick issue fixed - CVE-2007-0669: new twiki issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-02-11 18:02:04 UTC (rev 5435) +++ data/CVE/list 2007-02-11 18:53:29 UTC (rev 5436) @@ -1,3 +1,5 @@ +CVE-2007-XXXX [ikiwiki allows web user to edit images and other non-page format files in the wiki] + - ikiwiki 1.42 CVE-2007-0858 RESERVED CVE-2007-0857 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before ...) @@ -174,8 +176,10 @@ RESERVED CVE-2007-0771 RESERVED -CVE-2007-0770 +CVE-2007-0770 [graphicsmagick bogus second read in macro call] RESERVED + - graphicsmagick 1.1.7-12 + - imagemagick 7:6.2.4.5.dfsg1-0.14 (bug #410435) CVE-2006-6982 (3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic ...) NOT-FOR-US: 3proxy CVE-2006-6981 (3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows ...) @@ -421,8 +425,9 @@ NOT-FOR-US: Microsoft Excel CVE-2007-0670 (Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local ...) NOT-FOR-US: IBM AIX -CVE-2007-0669 +CVE-2007-0669 [TWiki CGI Session File Unspecified (local) Perl Code Execution] RESERVED + - twiki <unfixed> (bug #410256) CVE-2007-0668 (The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in ...) NOT-FOR-US: Sun Solaris. CVE-2007-0667 (The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and ...)