Author: nion Date: 2007-10-12 15:25:12 +0000 (Fri, 12 Oct 2007) New Revision: 6917 Modified: data/CVE/list Log: new issue: CVE-2007-5372 sql-ledger NFU new issue: CVE-2007-4992 firebird1.5 CVE-2007-4992 firebird2.0 fixed in 2.0.3.12981.ds1-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-12 12:54:19 UTC (rev 6916) +++ data/CVE/list 2007-10-12 15:25:12 UTC (rev 6917) @@ -5,7 +5,7 @@ CVE-2007-5373 (ldapscripts 1.4 and 1.7 sends a password as a command line argument ...) - ldapscripts <unfixed> (bug #445582; medium) CVE-2007-5372 (Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through ...) - TODO: check + - sql-ledger <unfixed> (low; bug #446366) CVE-2007-5371 (Multiple SQL injection vulnerabilities in mutate_content.dynamic.php ...) NOT-FOR-US: MODx CVE-2007-5370 (Multiple cross-site scripting (XSS) vulnerabilities in ...) @@ -583,7 +583,7 @@ CVE-2007-5170 (Unspecified vulnerability in the embedded service processor (SP) ...) NOT-FOR-US: Sun Fire CVE-2007-5169 (Stack-based buffer overflow in MAIPM6.dll in Adobe PageMaker 7.0.1 and ...) - TODO: check + NOT-FOR-US: Adobe PageMaker CVE-2007-5168 (Multiple PHP remote file inclusion vulnerabilities in ClanLite ...) NOT-FOR-US: Clan lite CVE-2007-5167 (PHP remote file inclusion vulnerability in .systeme/fonctions.php in ...) @@ -983,7 +983,8 @@ - xen-3 <unfixed> (medium; bug #444430) - xen-3.0 <removed> CVE-2007-4992 (Stack-based buffer overflow in the process_packet function in ...) - TODO: check + - firebird1.5 <unfixed> (medium; bug #446373) + - firebird2.0 2.0.3.12981.ds1-1 (medium) CVE-2007-4991 (The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) ...) NOT-FOR-US: Microsoft Internet Security and Acceleration CVE-2007-4990 (The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 ...)