thr3ads.net - Secure testing commits - [Secure-testing-commits] r7598

If this information is useful, please help other people find it:
Share via:

joeyh at alioth.debian.org

2007-Dec-12 09:14 UTC

[Secure-testing-commits] r7598 - data/CVE

Author: joeyh
Date: 2007-12-12 09:14:10 +0000 (Wed, 12 Dec 2007)
New Revision: 7598

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-12-12 03:28:02 UTC (rev 7597)
+++ data/CVE/list	2007-12-12 09:14:10 UTC (rev 7598)
@@ -1,3 +1,19 @@
+CVE-2007-6313
+	RESERVED
+CVE-2007-6312 (Cross-site scripting (XSS) vulnerability in the logon page in
Web ...)
+	TODO: check
+CVE-2007-6311 (SQL injection vulnerability in (1) index.php, and possibly (2)
...)
+	TODO: check
+CVE-2007-6310 (Multiple cross-site scripting (XSS) vulnerabilities in
Falt4Extreme ...)
+	TODO: check
+CVE-2007-6309 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+	TODO: check
+CVE-2007-6308 (Cross-site scripting (XSS) vulnerability in HttpLogger 0.8.1
allows ...)
+	TODO: check
+CVE-2007-6307 (Multiple cross-site scripting (XSS) vulnerabilities in
clickstats.php ...)
+	TODO: check
+CVE-2007-6306 (Multiple cross-site scripting (XSS) vulnerabilities in the image
map ...)
+	TODO: check
 CVE-2007-6305 (Multiple unspecified vulnerabilities in IBM Hardware Management
...)
 	NOT-FOR-US: IBM Hardware Management Console
 CVE-2007-6302 (Unspecified vulnerability in Novell NetMail 3.5.2 before
Messaging ...)
@@ -221,8 +237,7 @@
 CVE-2007-6206 (The do_coredump function in fs/exec.c in Linux kernel 2.4.x and
2.6.x ...)
 	- linux-2.6 <unfixed>
 	NOTE: kernel-sec already tracks this
-CVE-2007-6205
-	RESERVED
+CVE-2007-6205 (Cross-site scripting (XSS) vulnerability in the remote RSS
sidebar ...)
 	- serendipity 1.2.1-1 (low)
 CVE-2007-6204
 	RESERVED
@@ -419,7 +434,7 @@
 CVE-2007-6110 (Cross-site scripting (XSS) vulnerability in htsearch in htdig
3.2.0b6 ...)
 	- htdig 1:3.2.0b6-4 (low; bug #453278)
 	[sarge] - htdig <not-affected> (Vulnerable code not present)
-CVE-2007-6109 (Buffer overflow in emacs allows attackers to have an unknown
impact, ...)
+CVE-2007-6109 (Stack-based buffer overflow in emacs allows user-assisted
attackers to ...)
 	{DTSA-98-1 DTSA-99-1}
 	- emacs22 22.1+1-2.2 (bug #455432)
 	- emacs21 21.4a+1-5.2 (bug #455433)
@@ -792,7 +807,8 @@
 CVE-2007-5969 (MySQL Community Server before 5.0.51, when a table relies on
symlinks ...)
 	- mysql-dfsg-5.0 5.0.45-4 (low; bug #455010)
 	TODO: check mysql 4
-CVE-2007-5968 (MySQL 5.1.x before 5.1.23 might allow attackers to gain
privileges via ...)
+CVE-2007-5968
+	REJECTED
 	- mysql-dfsg-5.0 <unfixed> (bug #455737)
 CVE-2007-5967
 	RESERVED
@@ -2535,7 +2551,7 @@
 	REJECTED
 CVE-2007-5498
 	RESERVED
-CVE-2007-5497 (Multiple integer overflows in libext2fs in e2fsprogs allow ...)
+CVE-2007-5497 (Multiple integer overflows in libext2fs in e2fsprogs before
1.40.3 ...)
 	{DSA-1422-1 DTSA-95-1}
 	- e2fsprogs <unfixed> (bug #454760)
 CVE-2007-5496

Secure testing commits - Dec 2007 - r7598 - data/CVE

[Secure-testing-commits] r7598 - data/CVE