Author: keescook-guest Date: 2007-02-13 22:56:33 +0100 (Tue, 13 Feb 2007) New Revision: 5453 Modified: data/CVE/list Log: kolabd & iceweasel not-affected, amarok medium Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-02-13 20:14:09 UTC (rev 5452) +++ data/CVE/list 2007-02-13 21:56:33 UTC (rev 5453) @@ -89,7 +89,7 @@ CVE-2006-6993 (Multiple SQL injection vulnerabilities in pages/addcomment2.php in ...) TODO: check CVE-2005-4828 (Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large ...) - TODO: check + - kolabd <not-affected> (Only vulnerable in 2.0-2.1; not packaged Debian) CVE-2007-XXXX [dokuwiki conf directory accessible by web users] - dokuwiki 0.0.20061106-3 (bug #410557) CVE-2007-0870 (Unspecified vulnerability in Microsoft Word 2000 allows remote ...) @@ -340,7 +340,7 @@ CVE-2006-6980 (The magnatune.com album browser in Amarok allows attackers to cause a ...) TODO: check CVE-2006-6979 (The ruby handlers in Amarok do not properly quote text in certain ...) - TODO: check + - amarok <unfixed> (bug #410850; medium) CVE-2006-6978 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar ...) NOT-FOR-US: FCKEditor CVE-2006-6977 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar ...) @@ -356,7 +356,7 @@ CVE-2006-6972 (SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows ...) NOT-FOR-US: BtitTracker CVE-2006-6971 (Mozilla Firefox 2.0, possibly only when running on Windows, allows ...) - TODO: check + - iceweasel <not-affected> (Windows only) CVE-2006-6970 (Opera 9.10 Final allows remote attackers to bypass the Fraud ...) TODO: check CVE-2006-6969 (Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 ...)