Author: gilbert-guest Date: 2009-06-17 22:53:04 +0000 (Wed, 17 Jun 2009) New Revision: 12145 Modified: data/CVE/list Log: lenny''s webkit is vulnerable to CVE-2008-4723 Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-06-17 22:10:43 UTC (rev 12144) +++ data/CVE/list 2009-06-17 22:53:04 UTC (rev 12145) @@ -9932,7 +9932,9 @@ NOTE: webkit properly handles this issue with respect to extensions such as jpg and txt, but not in general; for example, the attack works for odp, xls, etc extensions (only tested with midori 0.1.4) NOTE: not reproducible using iceweasel 3.0.1 CVE-2008-4723 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...) - NOTE: Bogus ID, see https://bugzilla.redhat.com/show_bug?id=468397 + - webkit 1.1.7-1 (low; bug #520052) + NOTE: webkit in lenny is vulnerable to the proof of concept exploit + NOTE: firefox not affected, see https://bugzilla.redhat.com/468397 CVE-2008-4722 (Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) ...) NOT-FOR-US: Sun ILOM CVE-2008-4721 (PHP Jabbers Post Comment 3.0 allows remote attackers to bypass ...)