stef-guest at alioth.debian.org
2007-Aug-29 19:49 UTC
[Secure-testing-commits] r6433 - data/CVE
Author: stef-guest Date: 2007-08-29 19:49:33 +0000 (Wed, 29 Aug 2007) New Revision: 6433 Modified: data/CVE/list Log: new bugzilla issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-29 19:39:53 UTC (rev 6432) +++ data/CVE/list 2007-08-29 19:49:33 UTC (rev 6433) @@ -75,7 +75,7 @@ CVE-2007-4544 (Cross-site scripting (XSS) vulnerability in wp-newblog.php in ...) NOT-FOR-US: WordPress multi-user (MU) CVE-2007-4543 (Cross-site scripting (XSS) vulnerability in enter_bug.cgi in Bugzilla ...) - TODO: check + - bugzilla <unfixed> (bug #440106) CVE-2007-4542 (Multiple cross-site scripting (XSS) vulnerabilities in MapServer ...) TODO: check CVE-2007-4541 (Multiple cross-site scripting (XSS) vulnerabilities in Olate Download ...) @@ -83,9 +83,11 @@ CVE-2007-4540 (Multiple SQL injection vulnerabilities in download.php in Olate ...) NOT-FOR-US: Olate Download CVE-2007-4539 (The WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 ...) - TODO: check + TODO: check again when new upstream is in unstable + NOTE: - bugzilla version in unstable (2.22.1) is too old to be affected CVE-2007-4538 (email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers ...) - TODO: check + TODO: check again when new upstream is in unstable + NOTE: - bugzilla version in unstable (2.22.1) is too old to be affected CVE-2007-4537 (Heap-based buffer overflow in the Huffman decompression algorithm ...) NOT-FOR-US: Skulltag CVE-2007-4536 (TorrentTrader 1.07 and earlier sets insecure permissions for files in ...)