joeyh at alioth.debian.org
2007-Aug-12 09:14 UTC
[Secure-testing-commits] r6283 - data/CVE
Author: joeyh Date: 2007-08-12 09:14:07 +0000 (Sun, 12 Aug 2007) New Revision: 6283 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-12 08:40:38 UTC (rev 6282) +++ data/CVE/list 2007-08-12 09:14:07 UTC (rev 6283) @@ -463,7 +463,7 @@ CVE-2007-4042 (Multiple argument injection vulnerabilities in Netscape Navigator 9 ...) NOT-FOR-US: Netscape Navigator CVE-2007-4041 (Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 ...) - {DSA-1346-1 DSA-1345-1 DSA-1344-1} + {DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1} - iceweasel 2.0.0.6-1 CVE-2007-4040 (Argument injection vulnerability involving Microsoft Outlook and ...) NOT-FOR-US: Micrsoft Outlook @@ -867,13 +867,13 @@ CVE-2007-3846 RESERVED CVE-2007-3845 (Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x ...) - {DSA-1346-1 DSA-1345-1 DSA-1344-1} + {DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1} - iceweasel 2.0.0.6-1 (medium) - xulrunner 1.8.1.6-1 (medium) - iceape 1.1.3-2 (medium) - icedove <unfixed> (medium) CVE-2007-3844 (Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and ...) - {DSA-1346-1 DSA-1345-1 DSA-1344-1} + {DSA-1346-1 DSA-1345-1 DSA-1344-1 DTSA-51-1} - iceweasel 2.0.0.6-1 (medium) - xulrunner 1.8.1.6-1 (medium) - iceape 1.1.3-2 (medium) @@ -1105,29 +1105,29 @@ CVE-2007-3739 RESERVED CVE-2007-3738 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} - iceape 1.1.3-1 (medium) - xulrunner 1.8.1.5-1 (medium) - iceweasel 2.0.0.5-1 (medium) CVE-2007-3737 (Mozilla Firefox before 2.0.0.5 allows remote attackers to execute ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} - iceape 1.1.3-1 (high) - xulrunner 1.8.1.5-1 (high) - iceweasel 2.0.0.5-1 (high) CVE-2007-3736 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} - iceweasel 2.0.0.5-1 (high) - iceape 1.1.3-1 (high) - xulrunner 1.8.1.5-1 (high) CVE-2007-3735 (Multiple unspecified vulnerabilities in the JavaScript engine in ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} - iceweasel 2.0.0.5-1 (high) - icedove <unfixed> (low) NOTE: Affects only broken setups, enabling js in Icedove is strongly not recommended - iceape 1.1.3-1 (high) - xulrunner 1.8.1.5-1 (high) CVE-2007-3734 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} - iceweasel 2.0.0.5-1 (high) - icedove <unfixed> (high) - iceape 1.1.3-1 (high) @@ -1296,7 +1296,7 @@ CVE-2007-3657 (** DISPUTED ** ...) TODO: check CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} - iceweasel 2.0.0.5-1 (high) - iceape 1.1.3-1 (high) - xulrunner 1.8.1.5-1 (high) @@ -2657,7 +2657,7 @@ - mozilla <removed> (medium) - xulrunner <unfixed> (medium) CVE-2007-3089 (Mozilla Firefox before 2.0.0.5 does not prevent use of document.write ...) - {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1} + {DSA-1339-1 DSA-1338-1 DSA-1337-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} - iceweasel 2.0.0.5-1 (low) - iceape 1.1.3-1 (low) - xulrunner 1.8.1.5-1 (low) @@ -3131,7 +3131,7 @@ NOTE: Only triggerable by malicious script NOTE: Fix from 5.2.3 was ineffective CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...) - {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1} + {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} NOTE: MFSA2007-17 - iceweasel 2.0.0.4-1 (low) - iceape 1.1.2-1 (low) @@ -3139,7 +3139,7 @@ - mozilla <removed> (low) - xulrunner 1.8.1.4-1 (low) CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...) - {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1} + {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} NOTE: MFSA2007-16 - iceweasel 2.0.0.4-1 (medium) - iceape 1.1.2-1 (medium) @@ -3147,7 +3147,7 @@ - mozilla <removed> (medium) - xulrunner 1.8.1.4-1 (medium) CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before ...) - {DSA-1308-1 DSA-1306-1 DTSA-45-1} + {DSA-1308-1 DSA-1306-1 DTSA-45-1 DTSA-51-1} NOTE: MFSA2007-13 - iceweasel 2.0.0.4-1 (unimportant) - iceape 1.1.2-1 (unimportant) @@ -3155,7 +3155,7 @@ - mozilla <removed> (unimportant) - xulrunner 1.8.1.4-1 (unimportant) CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox ...) - {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1} + {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1 DTSA-51-1} NOTE: MFSA2007-12 - iceweasel 2.0.0.4-1 (high) - iceape 1.1.2-1 (high) @@ -3166,7 +3166,7 @@ - xulrunner 1.8.1.4-1 (high) [sarge] - mozilla-thunderbird <unfixed> (low) CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla Firefox ...) - {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1} + {DSA-1308-1 DSA-1306-1 DSA-1305-1 DSA-1300-1 DTSA-45-1 DTSA-46-1 DTSA-47-1 DTSA-51-1} NOTE: MFSA2007-12 - iceweasel 2.0.0.4-1 (high) - iceape 1.1.2-1 (high) @@ -6701,7 +6701,7 @@ CVE-2007-1363 (Multiple SQL injection vulnerabilities in DropAFew before 0.2.1 allow ...) NOT-FOR-US: DropAFew CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...) - {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1} + {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} NOTE: MFSA2007-14 - iceape 1.1.2-1 (low) - iceweasel 2.0.0.4-1 (low) @@ -7405,7 +7405,7 @@ CVE-2007-1117 (Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 ...) NOT-FOR-US: Microsoft Office CVE-2007-1116 (The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI ...) - {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1} + {DSA-1308-1 DSA-1306-1 DSA-1300-1 DTSA-45-1 DTSA-47-1 DTSA-51-1} - iceweasel 2.0.0.4-1 (low) - iceape 1.1.2-1 (low) - xulrunner 1.8.1.4-1 (bug #415919; bug #415944; bug #415945; low)