stef-guest at alioth.debian.org
2007-Jul-25 21:11 UTC
[Secure-testing-commits] r6172 - data/CVE
Author: stef-guest Date: 2007-07-25 21:11:52 +0000 (Wed, 25 Jul 2007) New Revision: 6172 Modified: data/CVE/list Log: fixed: java unfixed: ice* NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-25 20:53:35 UTC (rev 6171) +++ data/CVE/list 2007-07-25 21:11:52 UTC (rev 6172) @@ -371,27 +371,30 @@ CVE-2007-3699 RESERVED CVE-2007-3698 (The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 ...) - TODO: check + - sun-java5 1.5.0-12-1 + - sun-java6 6-02-1 + [sarge] - sun-java5 <no-dsa> (non-free not supported) + [etch] - sun-java6 <no-dsa> (non-free not supported) CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in ...) - TODO: check + NOT-FOR-US: FlashBB CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model ...) - TODO: check + NOT-FOR-US: CA ERwin Data Model Validator CVE-2007-3695 (Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly ...) - TODO: check + NOT-FOR-US: CA ERwin CVE-2007-3694 RESERVED CVE-2007-3693 (Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built ...) - TODO: check + NOT-FOR-US: gobi CVE-2007-3692 (Directory traversal vulnerability in download.cgi in EZFactory KDDI ...) - TODO: check + NOT-FOR-US: EZFactory KDDI Download CGI CVE-2007-3691 (Multiple SQL injection vulnerabilities in changePW.php in AV Tutorial ...) - TODO: check + NOT-FOR-US: AV Tutorial CVE-2007-3690 (The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal ...) - TODO: check + NOT-FOR-US: Forward module for Drupal CVE-2007-3689 (The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal ...) - TODO: check + NOT-FOR-US: Print module for Drupal CVE-2007-3688 (Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear ...) - TODO: check + NOT-FOR-US: DotClear CVE-2007-3687 (SQL injection vulnerability in inferno.php in the Inferno Technologies ...) TODO: check CVE-2007-3686 (CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating ...) @@ -1836,7 +1839,9 @@ - mozilla <removed> (low) - xulrunner <unfixed> (low) CVE-2007-3073 (Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and ...) - TODO: check + - iceweasel <unfixed> + - iceape <unfixed> + - xulrunner <unfixed> CVE-2007-3072 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on ...) - iceweasel <not-affected> (Only affects Windows versions of Firefox) CVE-2007-3071 (Buffer overflow in the GetWebStoreURL function in a certain ActiveX ...) @@ -1948,21 +1953,21 @@ CVE-2007-3019 RESERVED CVE-2007-3018 (activeWeb contentserver CMS before 5.6.2964 does not limit the ...) - TODO: check + NOT-FOR-US: activeWeb contentserver CMS CVE-2007-3017 (The WYSIWYG editor applet in activeWeb contentserver CMS before ...) - TODO: check + NOT-FOR-US: activeWeb contentserver CMS CVE-2007-3016 RESERVED CVE-2007-3015 RESERVED CVE-2007-3014 (Multiple cross-site scripting (XSS) vulnerabilities in activeWeb ...) - TODO: check + NOT-FOR-US: activeWeb contentserver CMS CVE-2007-3013 (SQL injection vulnerability in activeWeb contentserver before 5.6.2964 ...) - TODO: check + NOT-FOR-US: activeWeb contentserver CMS CVE-2007-3012 (The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch ...) - TODO: check + NOT-FOR-US: Fujitsu-Siemens CVE-2007-3011 (The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens ...) - TODO: check + NOT-FOR-US: Fujitsu-Siemens CVE-2007-3010 RESERVED CVE-2007-3009 (Format string vulnerability in the MprLogToFile::logEvent function in ...)