thijs at alioth.debian.org
2007-Nov-09 22:04 UTC
[Secure-testing-commits] r7260 - data/CVE
Author: thijs Date: 2007-11-09 22:04:13 +0000 (Fri, 09 Nov 2007) New Revision: 7260 Modified: data/CVE/list Log: iceweasel: crashes not security problems phpbb2: too old some other too old NFU''s Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-09 21:14:09 UTC (rev 7259) +++ data/CVE/list 2007-11-09 22:04:13 UTC (rev 7260) @@ -5,9 +5,10 @@ CVE-2007-5898 RESERVED CVE-2007-5897 (Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-5896 (Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of ...) - TODO: check + - iceweasel <unfixed> (unimportant) + NOTE: Browser crashes not treated as security problems CVE-2007-5895 RESERVED CVE-2007-5894 @@ -15,29 +16,29 @@ CVE-2006-7224 (Multiple integer overflows in Perl-Compatible Regular Expression ...) TODO: check CVE-2004-2748 (viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition ...) - TODO: check + NOT-FOR-US: WebTrends Reporting Center CVE-2004-2747 (Directory traversal vulnerability in Pablo Software Solutions Quick ''n ...) - TODO: check + NOT-FOR-US: Quick ''n Easy FTP Server (Windows only) CVE-2004-2746 (SQL injection vulnerability in adminlogin.asp in XTREME ASP Photo ...) - TODO: check + NOT-FOR-US: XTREME ASP Photo Gallery CVE-2003-1536 (Multiple cross-site scripting (XSS) vulnerabilities in Codeworx ...) - TODO: check + NOT-FOR-US: Codeworx Technologies DCP-Portal CVE-2003-1535 (Justice Guestbook 1.3 allows remote attackers to obtain the full ...) - TODO: check + NOT-FOR-US: Justice Guestbook CVE-2003-1534 (Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice ...) - TODO: check + NOT-FOR-US: Justice Guestbook CVE-2003-1533 (SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows ...) - TODO: check + NOT-FOR-US: PhpPass CVE-2003-1532 (SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows ...) - TODO: check + NOT-FOR-US: PhpMyShop CVE-2003-1531 (Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi ...) - TODO: check + NOT-FOR-US: Lilikoi Software Ceilidh CVE-2003-1530 (SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier ...) - TODO: check + - phpbb2 <not-affected> (Vulnerable versions too old to have been in Debian) CVE-2003-1529 (Directory traversal vulnerability in Seagull Software Systems J Walk ...) - TODO: check + NOT-FOR-US: Seagull Software Systems J Walk CVE-2003-1528 (nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to ...) - TODO: check + NOT-FOR-US: Fujitsu Siemens NetWorker CVE-2007-5893 (HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote ...) NOT-FOR-US: Sockets Library CVE-2007-5892 (Stack-based buffer overflow in the pdg2.dll ActiveX control in ...)