thr3ads.net - Secure testing commits - [Secure-testing-commits] r5509

If this information is useful, please help other people find it:
Share via:

Micah Anderson

2007-Mar-04 21:48 UTC

[Secure-testing-commits] r5509 - data/CVE

Author: micah
Date: 2007-03-04 21:48:07 +0000 (Sun, 04 Mar 2007)
New Revision: 5509

Modified:
   data/CVE/list
Log:
mediawiki fix and NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-03-04 20:14:16 UTC (rev 5508)
+++ data/CVE/list	2007-03-04 21:48:07 UTC (rev 5509)
@@ -219,9 +219,9 @@
 CVE-2007-1056 (VMware Workstation 5.5.3 build 34685 does not provide per-user
...)
 	NOT-FOR-US: VMware
 CVE-2007-1055 (Cross-site scripting (XSS) vulnerability in the AJAX features in
...)
-	TODO: check
+	- mediawiki 1.7.1-9 (bug #406238; medium)
 CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features in
...)
-	TODO: check
+	- mediawiki 1.7.1-9 (bug #406238; medium)
 CVE-2007-1053 (** DISPUTED ** ...)
 	NOT-FOR-US: phpXmms
 CVE-2007-1052 (** DISPUTED ** ...)
@@ -295,7 +295,7 @@
 CVE-2006-7074 (admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass
...)
 	NOT-FOR-US: SmartSiteCMS
 CVE-2006-7073 (Cross-site scripting (XSS) vulnerability in Opentools Attachment
Mod ...)
-	TODO: check
+	NOT-FOR-US: Opentools Attachment Mod
 CVE-2006-7072 (Cross-site scripting (XSS) vulnerability in GeoClassifieds
Enterprise ...)
 	NOT-FOR-US: GeoClassifieds Enterprise
 CVE-2006-7071 (SQL injection vulnerability in classes/class_session.php in
Invision ...)
@@ -399,7 +399,7 @@
 CVE-2004-2678 (Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and
...)
 	NOT-FOR-US: HP Tru64 UNIX
 CVE-2004-2677 (Format string vulnerability in qwik-smtpd.c in QwikMail SMTP
...)
-	TODO: check
+	NOT-FOR-US: QwikMail SMTP
 CVE-2003-1320 (SonicWALL firmware before 6.4.0.1 allows remote attackers to
cause a ...)
 	NOT-FOR-US: SonicWALL
 CVE-2002-2225 (SafeNet VPN client allows remote attackers to cause a denial of
...)
@@ -4075,7 +4075,7 @@
 CVE-2006-6491
 	REJECTED
 CVE-2006-6490 (Multiple buffer overflows in the SupportSoft (1) SmartIssue ...)
-	TODO: check
+	NOT-FOR-US: SupportSoft ActiveX
 CVE-2006-6489 (The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for
...)
 	NOT-FOR-US: SISCO OSI stack
 CVE-2006-6488 (Stack-based buffer overflow in the DoModal function in the
Dialog Wrapper ...)

Secure testing commits - Mar 2007 - r5509 - data/CVE

[Secure-testing-commits] r5509 - data/CVE