joeyh at alioth.debian.org
2008-Apr-09 21:14 UTC
[Secure-testing-commits] r8503 - data/CVE
Author: joeyh
Date: 2008-04-09 21:14:14 +0000 (Wed, 09 Apr 2008)
New Revision: 8503
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-04-09 19:44:46 UTC (rev 8502)
+++ data/CVE/list 2008-04-09 21:14:14 UTC (rev 8503)
@@ -47,7 +47,7 @@
CVE-2008-1684 (inetd on Sun Solaris 10, when debug logging is enabled, allows
local ...)
NOT-FOR-US: Sun Solaris
CVE-2008-1683 (xscreensaver on Fedora 8, when an NIS authentication server is
...)
- - gnome-screensaver <unfixed> (low; bug #475154)
+ - gnome-screensaver <unfixed> (low; bug #475154)
NOTE: the description seems wrong, this does not affect xscreensaver
NOTE: contacted mitre to update description
CVE-2008-1682 (PHP remote file inclusion vulnerability in ...)
@@ -352,6 +352,7 @@
CVE-2008-1532 (Perlbal before 1.70, when buffered upload is enabled, allows
remote ...)
TODO: check
CVE-2008-1531 (lighttpd 1.4.19 and earlier allows remote attackers to cause a
denial ...)
+ {DSA-1540-1}
TODO: check
CVE-2005-4874 (The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP
TRACE ...)
TODO: check
@@ -770,7 +771,6 @@
CVE-2008-1352 (Directory traversal vulnerability in search.php in EdiorCMS
(ecms) 3.0 ...)
NOT-FOR-US: EdiorCMS
CVE-2008-1351 (SQL injection vulnerability in the Tutorials 2.1b module for
XOOPS ...)
- {DSA-1540-1}
NOT-FOR-US: Tutorials module for XOOPS
CVE-2008-1350 (SQL injection vulnerability in kb.php in Fully Modded phpBB
(phpbbfm) ...)
NOT-FOR-US: Fully Modded phpBB
@@ -3787,7 +3787,7 @@
CVE-2008-0074 (Unspecified vulnerability in Microsoft Internet Information
Services ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2008-0073 (Array index error in the sdpplin_parse function in ...)
- {DSA-1536-1 DTSA-119-1}
+ {DSA-1536-1 DTSA-119-1 DTSA-121-1}
- xine-lib 1.1.11-1 (medium)
- vlc 0.8.6.e-2 (medium; bug #473057)
NOTE: http://bugs.xine-project.org/show_bug.cgi?id=58