Author: djoume-guest Date: 2007-01-17 23:55:56 +0100 (Wed, 17 Jan 2007) New Revision: 5291 Modified: data/CVE/list Log: - 2 bogus CVE - NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-01-17 20:58:39 UTC (rev 5290) +++ data/CVE/list 2007-01-17 22:55:56 UTC (rev 5291) @@ -73,7 +73,7 @@ CVE-2007-0261 (snews.php in sNews 1.5.30 and earlier does not properly exit when ...) NOT-FOR-US: sNews CVE-2007-0260 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Naig CVE-2007-0259 (Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to ...) NOT-FOR-US: Ezboxx Portal CVE-2007-0258 (Cross-site scripting (XSS) vulnerability in index.php in (1) Fastilo ...) @@ -87,11 +87,15 @@ CVE-2007-0255 (XINE 0.99.4 allows user-assisted remote attackers to cause a denial of ...) - xine-ui <unfixed> (low) CVE-2007-0254 (Format string vulnerability in the errors_create_window function in ...) - TODO: check + - xine-ui <unfixed> + NOTE: My understanding is that this CVE is bogus. + NOTE: I failed to see where the format string vulnerability is, I have report + NOTE: a bug in case I have missed something. CVE-2007-0253 (Unspecified vulnerability in the grsecurity patch has unspecified ...) - TODO: check + - kernel-patch-grsecurity2 <unfixed> (unimportant; bug #407350) + NOTE: See CVE-2007-0257 CVE-2007-0252 (Unspecified vulnerability in easy-content filemanager allows remote ...) - TODO: check + NOT-FOR-US: easy-content CVE-2007-0251 (Integer underflow in the DecodeGRE function in src/decode.c in Snort ...) TODO: check CVE-2007-0250 (index.php in Nwom topsites 3.0 allows remote attackers to obtain ...)