Author: stef-guest Date: 2007-05-11 19:43:59 +0000 (Fri, 11 May 2007) New Revision: 5825 Modified: data/CVE/list Log: CVE-2007-2525 linux CVE-2007-2500 gnash CVE-2005-4836 tomcat4 Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-11 19:25:17 UTC (rev 5824) +++ data/CVE/list 2007-05-11 19:43:59 UTC (rev 5825) @@ -126,7 +126,7 @@ CVE-2007-2526 (Heap-based buffer overflow in the ConnectAsyncEx function in VNC ...) TODO: check CVE-2007-2525 (Memory leak in the PPPoE socket implementation in the Linux kernel ...) - TODO: check + - linux-2.6 <unfixed> CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS (Open ...) TODO: check CVE-2007-2523 @@ -177,7 +177,7 @@ CVE-2007-2501 (Eval injection vulnerability in codepress.html in CodePress before ...) TODO: check CVE-2007-2500 (server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash ...) - TODO: check + - gnash <unfixed> (bug #423433) CVE-2007-2499 (Multiple cross-site scripting (XSS) vulnerabilities in DVDdb 0.6 and ...) TODO: check CVE-2007-2498 (libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote ...) @@ -1612,7 +1612,7 @@ CVE-2005-4837 (snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before ...) - net-snmp 5.2.2-1 (medium) CVE-2005-4836 (The HTTP/1.1 connector in Apache Tomcat 4.1.15 and later does not ...) - TODO: check + - tomcat4 <no-dsa> (affects deprecated HTTP/1.1 connector only) CVE-2007-XXXX [initramfs-tools creates /dev/root world-readable] - initramfs-tools 0.85g (low; bug #417995) CVE-2007-1840 (lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not ...)