Author: nion
Date: 2007-11-18 17:01:41 +0000 (Sun, 18 Nov 2007)
New Revision: 7351
Modified:
data/CVE/list
Log:
CVE-2007-6000 is unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-18 13:51:14 UTC (rev 7350)
+++ data/CVE/list 2007-11-18 17:01:41 UTC (rev 7351)
@@ -21,11 +21,12 @@
CVE-2007-6001 (Multiple cross-site scripting (XSS) vulnerabilities in
index.php in ...)
- bandersnatch <unfixed> (low; bug #435709)
CVE-2007-6000 (KDE Konqueror 3.5.6 and earlier allows remote attackers to
cause a ...)
- TODO: check
+ - kdebase <unfixed> (unimportant; bug #451794)
NOTE: not reproducible with 4:3.5.8.dfsg.1-1, poked maintainer
- NOTE: on etch it seems konqueror only treats the cookie value until
some special length
+ NOTE: it seems konqueror only treats the cookie value until some
special length
NOTE: as cookie, after this length it will open the rest as site
content. This eats alot
- NOTE: ram and cpu but depending on how much ram the system has,
konqueror does not crash.
+ NOTE: ram and cpu but depending on how much ram the system has,
konqueror will die after
+ NOTE: no memory is left, not treated as security problem.
CVE-2007-5999 (SQL injection vulnerability in product_desc.php in Softbiz
Auctions ...)
NOT-FOR-US: Softbiz
CVE-2007-5998 (SQL injection vulnerability in ads.php in Softbiz Ad Management
plus ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
