white at alioth.debian.org
2007-Oct-21 14:06 UTC
[Secure-testing-commits] r7050 - data/CVE
Author: white Date: 2007-10-21 14:06:55 +0000 (Sun, 21 Oct 2007) New Revision: 7050 Modified: data/CVE/list Log: Add some of these nice blacklist problems with fckeditor Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-21 13:44:15 UTC (rev 7049) +++ data/CVE/list 2007-10-21 14:06:55 UTC (rev 7050) @@ -1342,6 +1342,8 @@ NOT-FOR-US: PHP Fidonet Tosser CVE-2007-5156 (Incomplete blacklist vulnerability in ...) - knowledgeroot 0.9.8.4-1.1 (medium; bug #444928) + - moin <unfixed> + - karrigell <unfixed> CVE-2007-5155 (IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect ...) NOT-FOR-US: ICEOWS CVE-2007-5154 (Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and ...) @@ -7256,7 +7258,9 @@ CVE-2007-2631 (Cross-site request forgery (CSRF) vulnerability in SquirrelMail ...) NOTE: Duplicate of CVE-2007-2589 CVE-2007-2630 (Incomplete blacklist vulnerability in ...) - NOT-FOR-US: ActiveCampaign products + - moin <unfixed> + - karrigell <unfixed> + - knowledgeroot 0.9.8.2-2 CVE-2007-2629 (Bradford CampusManager Network Control Application Server 3.1(6) ...) NOT-FOR-US: Bradford CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php in ...) @@ -28514,6 +28518,8 @@ NOT-FOR-US: Runcms CVE-2006-0658 (Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 ...) - knowledgeroot <not-affected> (fixed before first upload; see bug #381912) + - moin <unfixed> + - karrigell <unfixed> CVE-2006-0657 (Cross-site scripting (XSS) vulnerability in Softcomplex PHP Event ...) NOT-FOR-US: Softcomplex CVE-2006-0656 (Directory traversal vulnerability in HP Systems Insight Manager 4.2 ...)