joeyh at alioth.debian.org
2008-Jul-04 09:14 UTC
[Secure-testing-commits] r9227 - data/CVE
Author: joeyh
Date: 2008-07-04 09:14:17 +0000 (Fri, 04 Jul 2008)
New Revision: 9227
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-07-04 07:26:47 UTC (rev 9226)
+++ data/CVE/list 2008-07-04 09:14:17 UTC (rev 9227)
@@ -5368,6 +5368,7 @@
CVE-2007-6695 (Cross-site scripting (XSS) vulnerability in index.php in Drake
CMS ...)
NOT-FOR-US: Drake CMS
CVE-2008-0664 (The XML-RPC implementation (xmlrpc.php) in WordPress before
2.3.3, ...)
+ {DSA-1601-1}
- wordpress 2.3.3-1 (medium; bug #464170)
NOTE: The blog has to provide user accounts
NOTE: A crafted XML-RPC request referring to a valid user can exploit this
@@ -19779,6 +19780,7 @@
CVE-2007-1600 (PHP remote file inclusion vulnerability in module.php in Digital
Eye ...)
NOT-FOR-US: Digital Eye Gallery
CVE-2007-1599 (wp-login.php in WordPress allows remote attackers to redirect
...)
+ {DSA-1601-1}
- wordpress 2.2.2-1 (bug #437085; low)
NOTE: see issue 5023 in the wordpress trac
TODO: issue 5023 seems not related and 2.2.2 changelog does not mention such a
thing.