joeyh at alioth.debian.org
2007-Aug-01 21:14 UTC
[Secure-testing-commits] r6212 - data/CVE
Author: joeyh Date: 2007-08-01 21:14:07 +0000 (Wed, 01 Aug 2007) New Revision: 6212 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-01 20:42:38 UTC (rev 6211) +++ data/CVE/list 2007-08-01 21:14:07 UTC (rev 6212) @@ -794,29 +794,29 @@ CVE-2007-3739 RESERVED CVE-2007-3738 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} - iceape 1.1.3-1 (medium) - xulrunner 1.8.1.5-1 (medium) - iceweasel 2.0.0.5-1 (medium) CVE-2007-3737 (Mozilla Firefox before 2.0.0.5 allows remote attackers to execute ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} - iceape 1.1.3-1 (high) - xulrunner 1.8.1.5-1 (high) - iceweasel 2.0.0.5-1 (high) CVE-2007-3736 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} - iceweasel 2.0.0.5-1 (high) - iceape 1.1.3-1 (high) - xulrunner 1.8.1.5-1 (high) CVE-2007-3735 (Multiple unspecified vulnerabilities in the JavaScript engine in ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} - iceweasel 2.0.0.5-1 (high) - icedove <unfixed> (low) NOTE: Affects only broken setups, enabling js in Icedove is strongly not recommended - iceape 1.1.3-1 (high) - xulrunner 1.8.1.5-1 (high) CVE-2007-3734 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} - iceweasel 2.0.0.5-1 (high) - icedove <unfixed> (high) - iceape 1.1.3-1 (high) @@ -984,7 +984,7 @@ CVE-2007-3657 (** DISPUTED ** ...) TODO: check CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} - iceweasel 2.0.0.5-1 (high) - iceape 1.1.3-1 (high) - xulrunner 1.8.1.5-1 (high) @@ -2336,7 +2336,7 @@ - mozilla <removed> (medium) - xulrunner <unfixed> (medium) CVE-2007-3089 (Mozilla Firefox before 2.0.0.5 does not prevent use of document.write ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} - iceweasel 2.0.0.5-1 (low) - iceape 1.1.3-1 (low) - xulrunner 1.8.1.5-1 (low) @@ -2809,7 +2809,7 @@ NOTE: Only triggerable by malicious script NOTE: Fix from 5.2.3 was ineffective CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...) - {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1} + {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1} NOTE: MFSA2007-17 - iceweasel 2.0.0.4-1 (low) - iceape 1.1.2-1 (low) @@ -2817,7 +2817,7 @@ - mozilla <removed> (low) - xulrunner 1.8.1.4-1 (low) CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...) - {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1} + {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1} NOTE: MFSA2007-16 - iceweasel 2.0.0.4-1 (medium) - iceape 1.1.2-1 (medium) @@ -2833,7 +2833,7 @@ - mozilla <removed> (unimportant) - xulrunner 1.8.1.4-1 (unimportant) CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox ...) - {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1} + {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1} NOTE: MFSA2007-12 - iceweasel 2.0.0.4-1 (high) - iceape 1.1.2-1 (high) @@ -2844,7 +2844,7 @@ - xulrunner 1.8.1.4-1 (high) [sarge] - mozilla-thunderbird <unfixed> (low) CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla Firefox ...) - {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1} + {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1} NOTE: MFSA2007-12 - iceweasel 2.0.0.4-1 (high) - iceape 1.1.2-1 (high) @@ -5876,7 +5876,7 @@ CVE-2007-1559 (Stack-based buffer overflow in SonicDVDDashVRNav.dll in Roxio ...) NOT-FOR-US: Roxio CVE-2007-1558 (The APOP protocol allows remote attackers to guess the first 3 ...) - {DSA-1305-1 DSA-1300-1} + {DSA-1305-1 DSA-1300-1 DTSA-46-1 DTSA-47-1} NOTE: Affects various clients, but no practical security implications NOTE: MFSA2007-15 - icedove 2.0.0.4-1 (unimportant) @@ -6378,7 +6378,7 @@ CVE-2007-1363 (Multiple SQL injection vulnerabilities in DropAFew before 0.2.1 allow ...) NOT-FOR-US: DropAFew CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...) - {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1} + {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1} NOTE: MFSA2007-14 - iceape 1.1.2-1 (low) - iceweasel 2.0.0.4-1 (low) @@ -7082,7 +7082,7 @@ CVE-2007-1117 (Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 ...) NOT-FOR-US: Microsoft Office CVE-2007-1116 (The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI ...) - {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1} + {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1} - iceweasel 2.0.0.4-1 (low) - iceape 1.1.2-1 (low) - xulrunner 1.8.1.4-1 (bug #415919; bug #415944; bug #415945; low)