Author: nion Date: 2008-03-14 13:01:06 +0000 (Fri, 14 Mar 2008) New Revision: 8329 Modified: data/CVE/list Log: NFUs vdccm was removed new imagemagick/graphicsmagick issues (CVE-2008-1096) Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-03-14 12:21:55 UTC (rev 8328) +++ data/CVE/list 2008-03-14 13:01:06 UTC (rev 8329) @@ -309,39 +309,39 @@ CVE-2008-1138 (DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users ...) NOT-FOR-US: DESlock+ CVE-2008-1137 (SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) ...) - TODO: check + NOT-FOR-US: com_garyscookbook component for Mambo and Joomla! CVE-2008-1136 (The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through ...) - TODO: check + - vdccm <removed> CVE-2008-1135 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates ...) NOT-FOR-US: OMEGA CVE-2008-1134 (OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports ...) NOT-FOR-US: OMEGA CVE-2008-1133 (The Drupal.checkPlain function in Drupal 6.0 only escapes the first ...) - TODO: check + - drupal5 <not-affected> (Vulnerable code introduced in 6.x) CVE-2007-6706 (Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus ...) NOT-FOR-US: IBM Lotus Notes CVE-2007-6705 (The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client ...) NOT-FOR-US: WebSphere CVE-2007-6704 (Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass ...) - TODO: check + NOT-FOR-US: F5 FirePass CVE-2007-6703 (Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) ...) - TODO: check + - vdccm <removed> CVE-2007-6702 (goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka ...) - TODO: check + NOT-FOR-US: FS4104-AW firmware CVE-2003-1552 (Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 ...) - TODO: check + NOT-FOR-US: Uploader CVE-2003-1551 (Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before ...) - TODO: check + NOT-FOR-US: Novell GroupWise CVE-2003-1550 (XOOPS 2.0, and possibly earlier versions, allows remote attackers to ...) - TODO: check + NOT-FOR-US: XOOPS CVE-2003-1549 (Cross-site scripting (XSS) vulnerability in header.php in ...) - TODO: check + NOT-FOR-US: MyABraCaDaWeb CVE-2003-1548 (MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: MyABraCaDaWeb CVE-2003-1547 (Cross-site scripting (XSS) vulnerability in block-Forums.php in the ...) - TODO: check + NOT-FOR-US: Splatt Forum module for PHP-Nuke CVE-2003-1546 (Cross-site scripting (XSS) vulnerability in gbook.php in Filebased ...) - TODO: check + NOT-FOR-US: Filebased guestbook CVE-2008-1218 (Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and ...) - dovecot 1:1.0.13-1 [etch] - dovecot <not-affected> (Vulnerable code not present) @@ -437,7 +437,8 @@ - graphicsmagick 1.1.7-13 - imagemagick 7:6.2.4.5.dfsg1-1 CVE-2008-1096 (The load_tile function in the XCF coder in coders/xcf.c in (1) ...) - TODO: check + - imagemagick <unfixed> (medium; bug #414370) + - grapicsmagick <unfixed> (medium; bug #414370) CVE-2008-1095 (Unspecified vulnerability in the Internet Protocol (IP) implementation ...) NOT-FOR-US: Sun Solaris CVE-2008-1094