Secure testing commits - Sep 2007 - r6723 - data/CVE

Author: nion
Date: 2007-09-27 11:25:24 +0000 (Thu, 27 Sep 2007)
New Revision: 6723

Modified:
   data/CVE/list
Log:
new issues: graphicsmagick, imagemagick (CVE-2007-4985, CVE-2007-4986,
CVE-2007-4987, CVE-2007-4988)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-09-27 10:42:25 UTC (rev 6722)
+++ data/CVE/list	2007-09-27 11:25:24 UTC (rev 6723)
@@ -218,19 +218,23 @@
 CVE-2007-4992
 	RESERVED
 CVE-2007-4991 (The SOCKS4 Proxy in Microsoft Internet Security and Acceleration
(ISA) ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Security and Acceleration
 CVE-2007-4990
 	RESERVED
 CVE-2007-4989
 	RESERVED
 CVE-2007-4988 (Sign extension error in the ReadDIBImage function in ImageMagick
...)
-	TODO: check
+	- imagemagick <unfixed> (medium; bug #444267)
+	- graphicsmagick <unfixed> (medium; bug #444266)
 CVE-2007-4987 (Off-by-one error in the ReadBlobString function in blob.c in
...)
-	TODO: check
+	- imagemagick <unfixed> (medium; bug #444267)
+	- graphicsmagick <unfixed> (medium; bug #444266)
 CVE-2007-4986 (Multiple integer overflows in ImageMagick before 6.3.5-9 allow
...)
-	TODO: check
+	- imagemagick <unfixed> (medium; bug #444267)
+	- graphicsmagick <unfixed> (medium; bug #444266)
 CVE-2007-4985 (ImageMagick before 6.3.5-9 allows context-dependent attackers to
cause ...)
-	TODO: check
+	- imagemagick <unfixed> (medium; bug #444267)
+	- graphicsmagick <unfixed> (medium; bug #444266)
 CVE-2007-4984 (SQL injection vulnerability in index.php in the Ktauber.com
StylesDemo ...)
 	NOT-FOR-US: StylesDemo
 CVE-2007-4983 (Directory traversal vulnerability in the JetAudio.Interface.1
ActiveX ...)