Author: nion Date: 2007-10-23 15:01:20 +0000 (Tue, 23 Oct 2007) New Revision: 7075 Modified: data/CVE/list Log: NFUs new issue: CVE-2007-5598 drupal (low) Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-23 14:38:30 UTC (rev 7074) +++ data/CVE/list 2007-10-23 15:01:20 UTC (rev 7075) @@ -42,13 +42,15 @@ CVE-2007-5602 RESERVED CVE-2007-5601 (Stack-based buffer overflow in the Database Component in MPAMedia.dll ...) - TODO: check + NOT-FOR-US: RealPlayer (windows only issue) CVE-2007-5600 (Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 ...) - TODO: check + NOT-FOR-US: Artmedic CMS CVE-2007-5599 (Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow ...) - TODO: check + NOT-FOR-US: awrate CVE-2007-5598 (Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x ...) - TODO: check + - drupal5 <unfixed> (low; bug #447748) + - drupal4.7 <unfixed> (low; bug #447746) + CVE-2007-5597 (The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 ...) - drupal5 5.3-1 - drupal 4.7.8-1