Author: nion Date: 2007-11-18 17:01:41 +0000 (Sun, 18 Nov 2007) New Revision: 7351 Modified: data/CVE/list Log: CVE-2007-6000 is unimportant Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-18 13:51:14 UTC (rev 7350) +++ data/CVE/list 2007-11-18 17:01:41 UTC (rev 7351) @@ -21,11 +21,12 @@ CVE-2007-6001 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - bandersnatch <unfixed> (low; bug #435709) CVE-2007-6000 (KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a ...) - TODO: check + - kdebase <unfixed> (unimportant; bug #451794) NOTE: not reproducible with 4:3.5.8.dfsg.1-1, poked maintainer - NOTE: on etch it seems konqueror only treats the cookie value until some special length + NOTE: it seems konqueror only treats the cookie value until some special length NOTE: as cookie, after this length it will open the rest as site content. This eats alot - NOTE: ram and cpu but depending on how much ram the system has, konqueror does not crash. + NOTE: ram and cpu but depending on how much ram the system has, konqueror will die after + NOTE: no memory is left, not treated as security problem. CVE-2007-5999 (SQL injection vulnerability in product_desc.php in Softbiz Auctions ...) NOT-FOR-US: Softbiz CVE-2007-5998 (SQL injection vulnerability in ads.php in Softbiz Ad Management plus ...)