Author: fw Date: 2007-04-21 09:16:51 +0000 (Sat, 21 Apr 2007) New Revision: 5697 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-04-21 09:14:15 UTC (rev 5696) +++ data/CVE/list 2007-04-21 09:16:51 UTC (rev 5697) @@ -84,7 +84,7 @@ CVE-2007-2069 (Directory traversal vulnerability in scr/soustab.php in openMairie ...) NOT-FOR-US: openMairie CVE-2007-2068 (Multiple PHP remote file inclusion vulnerabilities in the StoreFront ...) - TODO: check + NOT-FOR-US: StoreFront extension for Gallery CVE-2007-2067 (Multiple PHP remote file inclusion vulnerabilities in Marco Antonio ...) NOT-FOR-US: WebSlider CVE-2007-2066 (UseBB before 1.0.6 allows remote attackers to obtain sensitive ...) @@ -1227,7 +1227,7 @@ - squid 2.6.5-6 (low) [sarge] - squid <not-affected> (Vulnerable code not present) CVE-2007-1559 (Stack-based buffer overflow in SonicDVDDashVRNav.dll in Roxio ...) - TODO: check + NOT-FOR-US: Roxio CVE-2007-1558 (The APOP protocol allows remote attackers to guess the first 3 ...) NOT-FOR-US: No practical security implications CVE-2007-1557 (Format string vulnerability in F-Secure Anti-Virus Client Security ...) @@ -1938,13 +1938,13 @@ CVE-2007-1280 RESERVED CVE-2007-1279 (Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2007-1278 (Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 ...) NOT-FOR-US: Adobe JRun and Coldfusion CVE-2007-1277 (WordPress 2.1.1, as downloaded from some official distribution sites ...) - wordpress <not-affected> (orig.tar.gz not compromised) CVE-2007-1276 (Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in ...) - NOT-FOR-US: Webmin + - webmin <removed> CVE-2007-1275 RESERVED CVE-2007-1274 @@ -3619,7 +3619,7 @@ CVE-2007-0727 RESERVED CVE-2007-0726 (The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and ...) - TODO: check + NOT-FOR-US: Apple OpenSSH CVE-2007-0725 RESERVED CVE-2007-0724 (The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through ...) @@ -5748,7 +5748,8 @@ CVE-2006-6731 (Multiple buffer overflows in Sun Java Development Kit (JDK) and Java ...) - sun-java5 1.5.0-08-1 CVE-2006-6730 (OpenBSD and NetBSD permit usermode code to kill the display server and ...) - TODO: check, this probably also affects linux + NOTE: Access to DMA-capable hardware such as graphics cards can, + NOTE: by design, bypass security restrictions. Not a real issue. CVE-2006-6729 (Cross-site scripting (XSS) vulnerability in a-blog 1.51 and earlier ...) NOT-FOR-US: a-blog CVE-2006-6728 (Unspecified vulnerability in the info request mechanism in LAN ...)