stef-guest at alioth.debian.org
2007-May-17 10:32 UTC
[Secure-testing-commits] r5860 - data/CVE
Author: stef-guest Date: 2007-05-17 10:32:14 +0000 (Thu, 17 May 2007) New Revision: 5860 Modified: data/CVE/list Log: CVE-2007-2645 new libexif issue CVE-2007-269[1-3] new mysql issues NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-17 09:43:04 UTC (rev 5859) +++ data/CVE/list 2007-05-17 10:32:14 UTC (rev 5860) @@ -27,27 +27,33 @@ CVE-2007-2702 (Cross-site scripting (XSS) vulnerability in the GroupSpace application ...) TODO: check CVE-2007-2701 (The JMS Message Bridge in BEA WebLogic Server 7.0 through SP7 and 8.1 ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-2700 (The WLST script generated by the configToScript command in BEA ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-2699 (The Administration Console in BEA WebLogic Express and WebLogic Server ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-2698 (The Administration Console in BEA WebLogic Server 9.0 may show ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-2697 (The embedded LDAP server in BEA WebLogic Express and WebLogic Server ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-2696 (The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0 through ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-2695 (The HttpClusterServlet and HttpProxyServlet in BEA WebLogic Express ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-2694 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-2693 (MySQL before 5.1.18 allows remote authenticated users without SELECT ...) - TODO: check + - mysql-dfsg-5.0 <unfixed> (bug #424778) + [sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830) + [sarge] - mysql-dfsg <unfixed> CVE-2007-2692 (The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x ...) - TODO: check + - mysql-dfsg-5.0 5.0.41-1 (bug #424778) + [sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830) + [sarge] - mysql-dfsg <unfixed> CVE-2007-2691 (MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does ...) - TODO: check + - mysql-dfsg-5.0 <unfixed> (bug #424778) + [sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830) + [sarge] - mysql-dfsg <unfixed> CVE-2007-2690 (Multiple IBM ISS Proventia Series products, including the A, G, and M ...) TODO: check CVE-2007-2689 (Check Point Web Intelligence does not properly handle certain ...) @@ -139,7 +145,7 @@ CVE-2007-2646 (Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted ...) TODO: check CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in ...) - TODO: check + - libexif <unfixed> (bug #424775) CVE-2007-2644 (A certain ActiveX control in Morovia Barcode ActiveX Professional ...) TODO: check CVE-2007-2643 (Directory traversal vulnerability in phpThumb.php in PinkCrow Designs ...)