[Secure-testing-commits] r7458 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Sat Dec 1 14:59:23 UTC 2007


Author: nion
Date: 2007-12-01 14:59:22 +0000 (Sat, 01 Dec 2007)
New Revision: 7458

Modified:
   data/CVE/list
Log:
NFUs
new issue: acidbase (CVE-2007-6156)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-01 14:22:40 UTC (rev 7457)
+++ data/CVE/list	2007-12-01 14:59:22 UTC (rev 7458)
@@ -37,11 +37,11 @@
 CVE-2007-6181 (Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier ...)
 	NOT-FOR-US: Cygwin
 CVE-2007-6180 (Race condition in the Remote Procedure Call kernel module (rpcmod) in ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2007-6179 (Multiple PHP remote file inclusion vulnerabilities in Charray's CMS ...)
 	NOT-FOR-US: Charray's CMS
 CVE-2007-6178 (Multiple PHP remote file inclusion vulnerabilities in Easy Hosting ...)
-	TODO: check
+	NOT-FOR-US: Easy Hosting Control Panel for Ubuntu
 CVE-2007-6177 (PHP remote file inclusion vulnerability in Exchange/include.php in ...)
 	NOT-FOR-US: PHP-CON
 CVE-2007-6176 (kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote ...)
@@ -57,31 +57,31 @@
 CVE-2007-6169 (SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty ...)
 	NOT-FOR-US: GOUAE DWD Realty
 CVE-2007-6168 (SQL injection vulnerability in default.asp in VU Case Manager allows ...)
-	TODO: check
+	NOT-FOR-US: VU Case Manager
 CVE-2007-6167 (yast2-core includes the current working directory in its search path, ...)
-	TODO: check
+	NOT-FOR-US: Yast2
 CVE-2007-6166 (Stack-based buffer overflow in Apple QuickTime 7.2 and 7.3 allows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2007-6165 (Mail in Apple Mac OS X Leopard allows user-assisted remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2007-6164 (Multiple SQL injection vulnerabilities in Eurologon CMS allow remote ...)
-	TODO: check
+	NOT-FOR-US: Eurologon CMS
 CVE-2007-6163 (SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty ...)
-	TODO: check
+	NOT-FOR-US: GOUAE DWD Realty
 CVE-2007-6162 (Cross-site scripting (XSS) vulnerability in index.php in FMDeluxe ...)
-	TODO: check
+	NOT-FOR-US: FMDeluxe
 CVE-2007-6161 (index.php in Tilde CMS 4.x and earlier allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Tilde CMS
 CVE-2007-6160 (Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x ...)
-	TODO: check
+	NOT-FOR-US: Tilde CMS
 CVE-2007-6159 (SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier ...)
-	TODO: check
+	NOT-FOR-US: Tilde CMS
 CVE-2007-6158 (Multiple SQL injection vulnerabilities in caladmin.inc.php in Proverbs ...)
-	TODO: check
+	NOT-FOR-US: Proverbs Web Calendar
 CVE-2007-6157 (Cross-site scripting (XSS) vulnerability in index.php in SimpleGallery ...)
-	TODO: check
+	NOT-FOR-US: SimpleGallery
 CVE-2007-6156 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	- acidbase <unfixed> (low; bug #453838)
 CVE-2007-6155
 	RESERVED
 CVE-2007-6154
@@ -97,33 +97,33 @@
 CVE-2007-6148
 	RESERVED
 CVE-2007-6147 (Multiple PHP remote file inclusion vulnerabilities in IAPR COMMENCE ...)
-	TODO: check
+	NOT-FOR-US: IAPR COMMENCE
 CVE-2007-6146 (Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-02 on ...)
-	TODO: check
+	NOT-FOR-US: JP1/File Transmission Server/FTP on windows
 CVE-2007-6145 (Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP ...)
-	TODO: check
+	NOT-FOR-US: Hitachi JP1/File Transmission Server/FTP
 CVE-2007-6144 (Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control ...)
-	TODO: check
+	NOT-FOR-US: Xunlei Thunder
 CVE-2007-6143 (SQL injection vulnerability in default.asp (aka the Login Page) in VU ...)
-	TODO: check
+	NOT-FOR-US: VU Case Manager
 CVE-2007-6142 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...)
-	TODO: check
+	NOT-FOR-US: JAF CMS
 CVE-2007-6141 (Cross-site scripting (XSS) vulnerability in vBTube.php in vBTube 1.1 ...)
-	TODO: check
+	NOT-FOR-US: vBTube
 CVE-2007-6140 (Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote ...)
-	TODO: check
+	NOT-FOR-US: Dora Emlak
 CVE-2007-6139 (PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox ...)
-	TODO: check
+	NOT-FOR-US: Mp3 ToolBox
 CVE-2007-6138 (SQL injection vulnerability in redir.asp in VU Mass Mailer allows ...)
-	TODO: check
+	NOT-FOR-US: VU Mass Mailer
 CVE-2007-6137 (SQL injection vulnerability in news.php in Content Injector 1.52 ...)
-	TODO: check
+	NOT-FOR-US: Content Injector
 CVE-2007-6136 (Multiplce cross-site scripting (XSS) vulnerabilities in index.php in ...)
-	TODO: check
+	NOT-FOR-US: M2Scripts MySpace Scripts
 CVE-2007-6135 (Cross-site scripting (XSS) vulnerability in phpslideshow.php in ...)
-	TODO: check
+	NOT-FOR-US: PHPSlideShow
 CVE-2007-6134 (SQL injection vulnerability in pkinc/public/article.php in PHPKIT ...)
-	TODO: check
+	NOT-FOR-US: PHPKIT
 CVE-2007-6133 (PHP remote file inclusion vulnerability in admin/kfm/initialise.php in ...)
 	TODO: check
 CVE-2007-XXXX [zabbix-agent runs as gid 0]




More information about the Secure-testing-commits mailing list