Author: nion Date: 2007-12-07 13:05:10 +0000 (Fri, 07 Dec 2007) New Revision: 7538 Modified: data/CVE/list Log: new issue: linux-ftpd-ssl (CVE-2007-6263) NFUs CVE-2007-6262 does only affect vlc on windows CVE-2007-5972 unimportant Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-12-07 09:14:08 UTC (rev 7537) +++ data/CVE/list 2007-12-07 13:05:10 UTC (rev 7538) @@ -1,13 +1,13 @@ CVE-2007-6264 RESERVED CVE-2007-6263 (The dataconn function in ftpd.c in netkit ftpd (netkit-ftpd) 0.17, ...) - TODO: check + - linux-ftpd-ssl <unfixed> (low; bug #454733) CVE-2007-6262 (A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before ...) - TODO: check + - vlc <not-affected> (Windows only issue) CVE-2007-6261 (Integer overflow in the load_threadstack function in the Mach-O loader ...) - TODO: check + NOT-FOR-US: Apple Mac OS X CVE-2007-6260 (The installation process for Oracle 10g and llg uses accounts with ...) - TODO: check + NOT-FOR-US: Oracle CVE-2004-2758 (Multiple unspecified vulnerabilities in the H.323 protocol ...) TODO: check CVE-2007-6259 @@ -171,7 +171,7 @@ CVE-2007-6195 RESERVED CVE-2007-6194 (Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 ...) - TODO: check + NOT-FOR-US: HP Select Identity CVE-2007-6193 (The web management interface in Citrix NetScaler 8.0 build 47.8 stores ...) NOT-FOR-US: Citrix CVE-2007-6192 (The web management interface in Citrix NetScaler 8.0 build 47.8 uses ...) @@ -687,6 +687,8 @@ CVE-2007-5973 (SQL injection vulnerability in articles.php in JPortal 2.3.1 and ...) NOT-FOR-US: JPortal CVE-2007-5972 (Double-free vulnerability in the krb5_def_store_mkey function in ...) + - krb5 <unfixed> (unimportant) + NOTE: potential attackers must have privileges to store the krb5kdc master key TODO: check CVE-2007-5971 (Double-free vulnerability in the gss_krb5int_make_seal_token_v3 ...) TODO: check