[Secure-testing-commits] r6230 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Sat Aug 4 11:21:10 UTC 2007
Author: fw
Date: 2007-08-04 11:21:09 +0000 (Sat, 04 Aug 2007)
New Revision: 6230
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-04 11:20:05 UTC (rev 6229)
+++ data/CVE/list 2007-08-04 11:21:09 UTC (rev 6230)
@@ -163,7 +163,7 @@
CVE-2007-4041 (Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 ...)
TODO: check
CVE-2007-4040 (Argument injection vulnerability involving Microsoft Outlook and ...)
- TODO: check
+ NOT-FOR-US: Micrsoft Outlook
CVE-2007-4039 (Argument injection vulnerability involving Mozilla, when certain URIs ...)
TODO: check
CVE-2007-4038 (Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, ...)
@@ -852,7 +852,7 @@
- clamav 0.91-1
[sarge] - clamav <not-affected> (Vulnerable code was introduced in 0.9x)
CVE-2007-3724 (The process scheduler in the Microsoft Windows XP kernel does not make ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows XP
CVE-2007-3723 (The process scheduler in the Sun Solaris kernel does not make use of ...)
TODO: check
CVE-2007-3722 (The 4BSD process scheduler in the FreeBSD kernel performs scheduling ...)
@@ -880,15 +880,15 @@
CVE-2007-3711 (Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x ...)
NOT-FOR-US: TippingPoint IPS
CVE-2007-3710 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: PHP Comet-Server
CVE-2007-3709 (CRLF injection vulnerability in the redirect function in ...)
- TODO: check
+ NOT-FOR-US: CodeIgniter
CVE-2007-3708 (Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before ...)
- TODO: check
+ NOT-FOR-US: CodeIgniter
CVE-2007-3707 (Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 ...)
- TODO: check
+ NOT-FOR-US: CodeIgniter
CVE-2007-3706 (The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 ...)
- TODO: check
+ NOT-FOR-US: CodeIgniter
CVE-2007-3705 (SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to ...)
NOT-FOR-US: FuseTalk
CVE-2007-3704 (Entertainment CMS allows remote attackers to bypass authentication and ...)
@@ -896,7 +896,7 @@
CVE-2007-3703 (Stack-based buffer overflow in a certain ActiveX control in sasatl.dll ...)
NOT-FOR-US: Zenturi ProgramChecker
CVE-2007-3702 (Directory traversal vulnerability in the load function in ...)
- TODO: check
+ NOT-FOR-US: Mail Machine
CVE-2007-3701 (TippingPoint IPS before 20070710 does not properly handle a ...)
NOT-FOR-US: TippingPoint IPS
CVE-2007-3700 (Sun Java System Access Manager (formerly Java System Identity Server) ...)
@@ -928,27 +928,27 @@
CVE-2007-3688 (Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear ...)
NOT-FOR-US: DotClear
CVE-2007-3687 (SQL injection vulnerability in inferno.php in the Inferno Technologies ...)
- TODO: check
+ NOT-FOR-US: Inferno Technologies
CVE-2007-3686 (CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating ...)
- TODO: check
+ NOT-FOR-US: Unobtrusive Ajax Star Rating Bar
CVE-2007-3685 (Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive ...)
- TODO: check
+ NOT-FOR-US: Unobtrusive Ajax Star Rating Bar
CVE-2007-3684 (Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating ...)
- TODO: check
+ NOT-FOR-US: Unobtrusive Ajax Star Rating Bar
CVE-2007-3683 (SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and ...)
- TODO: check
+ NOT-FOR-US: Aigaion
CVE-2007-3682 (SQL injection vulnerability in index.php in OpenLD 1.2.2 and earlier ...)
- TODO: check
+ NOT-FOR-US: OpenLD
CVE-2007-3681 (The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in ...)
- TODO: check
+ NOT-FOR-US: WinPcap
CVE-2007-3680 (Stack-based buffer overflow in the odm_searchpath function in libodm ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2007-3679 (The Citrix EPA ActiveX control (aka the "endpoint checking control" or ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2007-3678 (Stack-based buffer overflow in the MSWord text-import extension (Word ...)
- TODO: check
+ NOT-FOR-US: QuarkXPress
CVE-2007-3677 (Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow ...)
- TODO: check
+ NOT-FOR-US: Maxsi eVisit Analyst
CVE-1999-1592 (Multiple unspecified vulnerabilities in sendmail 5, as installed on ...)
TODO: check
CVE-2007-3676
@@ -958,38 +958,38 @@
CVE-2007-3674
RESERVED
CVE-2007-3673 (Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus ...)
- TODO: check
+ NOT-FOR-US: Symantec AntiVirus
CVE-2007-3672 (Cross-site scripting (XSS) vulnerability in ecrire/tools.php in ...)
- TODO: check
+ NOT-FOR-US: DotClear
CVE-2007-3671 (Unspecified vulnerability in the kernel in Microsoft Windows Vista has ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2007-3670 (Argument injection vulnerability in Microsoft Internet Explorer, when ...)
- iceweasel <not-affected> (Only affects Firefox/Thunderbird on Windows)
- icedove <not-affected> (Only affects Firefox/Thunderbird on Windows)
CVE-2007-3669 (Multiple unspecified vulnerabilities in the Innovasys DockStudioXP ...)
- TODO: check
+ NOT-FOR-US: InnovaDSXP2.OCX ActiveX Control
CVE-2007-3668 (Multiple unspecified vulnerabilities in NMSDVDXU.DLL in NuMedia ...)
- TODO: check
+ NOT-FOR-US: NMSDVDXLib
CVE-2007-3667 (Unspecified vulnerability in EXCLEXPT.DLL in ActiveReportsExcelReport ...)
- TODO: check
+ NOT-FOR-US: ActiveReportsExcelReport
CVE-2007-3666 (Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 ...)
- TODO: check
+ NOT-FOR-US: Symantec Ghost
CVE-2007-3665 (Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec ...)
- TODO: check
+ NOT-FOR-US: Symantec Ghost
CVE-2007-3664 (Multiple unspecified vulnerabilities in Eltima Software RunService ...)
- TODO: check
+ NOT-FOR-US: Eltima Software
CVE-2007-3663 (Divide-by-zero error in Media Player Classic (MPC) 6.4.9.0 allows ...)
- TODO: check
+ NOT-FOR-US: guliverkli Media Player Classic
CVE-2007-3662 (Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote ...)
- TODO: check
+ NOT-FOR-US: guliverkli Media Player Classic
CVE-2007-3661 (Eltima Software Virtual Serial Port (VSPAX) ActiveX control ...)
- TODO: check
+ NOT-FOR-US: Eltima Software
CVE-2007-3660 (The Nonnoi ASP/Barcode ActiveX control (nonnoi_ASPBarcode.dll) allows ...)
- TODO: check
+ NOT-FOR-US: Nonnoi
CVE-2007-3659 (Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 ...)
- TODO: check
+ NOT-FOR-US: FreeWRL
CVE-2007-3658 (Unspecified vulnerability in Microsoft Register Server (REGSVR) allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2007-3657 (** DISPUTED ** ...)
TODO: check
CVE-2007-3656 (Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not ...)
@@ -1010,31 +1010,31 @@
CVE-2007-3650
RESERVED
CVE-2007-3649 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: Hewlett-Packard (HP) Photo Digital Imaging ActiveX control
CVE-2007-3648 (SQL injection vulnerability in Webmatic before 2.6.2, and possibly ...)
NOT-FOR-US: WebMatic
CVE-2007-3647 (The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and ...)
- TODO: check
+ NOT-FOR-US: phpTrafficA
CVE-2007-3646 (SQL injection vulnerability in index.php in FlashGameScript 1.7 and ...)
- TODO: check
+ NOT-FOR-US: FlashGameScript
CVE-2007-3645 (archive_read_support_format_tar.c in libarchive before 2.2.4 allows ...)
- libarchive 2.2.4-1 (bug #432924; low)
CVE-2007-3644 (archive_read_support_format_tar.c in libarchive before 2.2.4 allows ...)
- libarchive 2.2.4-1 (bug #432924; low)
CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative privileges ...)
- TODO: check
+ NOT-FOR-US: AV Arcade
CVE-2007-3642 (The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c ...)
- linux-2.6 2.6.22-2
CVE-2007-3641 (archive_read_support_format_tar.c in libarchive before 2.2.4 does not ...)
- libarchive 2.2.4-1 (bug #432924; low)
CVE-2007-3640 (Adobe Integrated Runtime (AIR, aka Apollo) allows context-dependent ...)
- TODO: check
+ NOT-FOR-US: Adobe Apollo
CVE-2007-3639 (WordPress before 2.2.2 allows remote attackers to redirect visitors to ...)
TODO: check
CVE-2007-3638 (Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote ...)
- TODO: check
+ NOT-FOR-US: Yahoo! Messenger
CVE-2007-3637 (SQL injection vulnerability in MKPortal 1.1.1 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: MKPortal
CVE-2007-3636 (Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for ...)
TODO: check
CVE-2007-3635 (Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before ...)
@@ -1042,7 +1042,7 @@
CVE-2007-3634 (Unspecified vulnerability in the G/PGP (GPG) Plugin 2.0 for ...)
TODO: check
CVE-2007-3633 (Absolute path traversal vulnerability in the Chilkat Software Chilkat ...)
- TODO: check
+ NOT-FOR-US: Chilkat Software
CVE-2007-3632 (Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka ...)
TODO: check
CVE-2007-3631 (SQL injection vulnerability in index.php in GameSiteScript (gss) 3.1 ...)
More information about the Secure-testing-commits
mailing list