[Secure-testing-commits] r7522 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Wed Dec 5 21:14:13 UTC 2007
Author: joeyh
Date: 2007-12-05 21:14:11 +0000 (Wed, 05 Dec 2007)
New Revision: 7522
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-12-05 21:10:54 UTC (rev 7521)
+++ data/CVE/list 2007-12-05 21:14:11 UTC (rev 7522)
@@ -1,3 +1,99 @@
+CVE-2007-6259
+ RESERVED
+CVE-2007-6258
+ RESERVED
+CVE-2007-6257
+ RESERVED
+CVE-2007-6256
+ RESERVED
+CVE-2007-6255
+ RESERVED
+CVE-2007-6254
+ RESERVED
+CVE-2007-6253
+ RESERVED
+CVE-2007-6252
+ RESERVED
+CVE-2007-6251
+ RESERVED
+CVE-2007-6250
+ RESERVED
+CVE-2007-6249
+ RESERVED
+CVE-2007-6248
+ RESERVED
+CVE-2007-6247
+ RESERVED
+CVE-2007-6246
+ RESERVED
+CVE-2007-6245
+ RESERVED
+CVE-2007-6244
+ RESERVED
+CVE-2007-6243
+ RESERVED
+CVE-2007-6242
+ RESERVED
+CVE-2007-6241 (Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have ...)
+ TODO: check
+CVE-2007-6240 (SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 ...)
+ TODO: check
+CVE-2007-6239 (The "cache update reply processing" functionality in Squid 2.x before ...)
+ TODO: check
+CVE-2007-6238 (Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows ...)
+ TODO: check
+CVE-2007-6237 (cp.php in DeluxeBB 1.09 does not verify that the membercookie ...)
+ TODO: check
+CVE-2007-6236 (Microsoft Windows Media Player (WMP) allows remote attackers to cause ...)
+ TODO: check
+CVE-2007-6235 (A certain ActiveX control in RealNetworks RealPlayer 11 allows remote ...)
+ TODO: check
+CVE-2007-6234 (index.php in FTP Admin 0.1.0 allows remote attackers to bypass ...)
+ TODO: check
+CVE-2007-6233 (Directory traversal vulnerability in index.php in FTP Admin 0.1.0 ...)
+ TODO: check
+CVE-2007-6232 (Cross-site scripting (XSS) vulnerability in index.php in FTP Admin ...)
+ TODO: check
+CVE-2007-6231 (Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 ...)
+ TODO: check
+CVE-2007-6230 (Directory traversal vulnerability in ...)
+ TODO: check
+CVE-2007-6229 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2007-6228 (Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ...)
+ TODO: check
+CVE-2007-6227 (QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating ...)
+ TODO: check
+CVE-2007-6226 (The American Power Conversion (APC) AP7932 0u 30amp Switched Rack ...)
+ TODO: check
+CVE-2007-6225 (Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used ...)
+ TODO: check
+CVE-2007-6224 (The RealNetworks RealAudioObjects.RealAudio ActiveX control in ...)
+ TODO: check
+CVE-2007-6223 (SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 ...)
+ TODO: check
+CVE-2007-6222 (The CheckCustomerAccess function in functions.php in CRM-CTT ...)
+ TODO: check
+CVE-2007-6221 (TuMusika Evolution 1.7R5 allows remote attackers to obtain ...)
+ TODO: check
+CVE-2007-6220 (typespeed before 0.6.4 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2007-6219 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool ...)
+ TODO: check
+CVE-2007-6218 (Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 ...)
+ TODO: check
+CVE-2007-6217 (Multiple SQL injection vulnerabilities in login.asp in Irola My-Time ...)
+ TODO: check
+CVE-2007-6216 (Race condition in the Fibre Channel protocol (fcp) driver and Devices ...)
+ TODO: check
+CVE-2007-6215 (Multiple directory traversal vulnerabilities in play.php in Web-MeetMe ...)
+ TODO: check
+CVE-2007-6214 (Directory traversal vulnerability in include/file_download.php in ...)
+ TODO: check
+CVE-2007-6213 (Multiple directory traversal vulnerabilities in mod/chat/index.php in ...)
+ TODO: check
+CVE-2007-6212 (Directory traversal vulnerability in region.php in KML share 1.1 ...)
+ TODO: check
CVE-2008-0010
RESERVED
CVE-2008-0009
@@ -35,13 +131,14 @@
NOTE: apache 1.3 is not vulnerable
CVE-2007-6208 (sylprint.pl in claws mail tools (claws-mail-tools) allows local users ...)
- claws-mail 3.1.0-2 (low; bug #454089)
-CVE-2007-6210 (zabbix_agentd 1.1.4 in ZABBIX runs "UserParameter" scripts with gid 0, ...)
+CVE-2007-6210 (zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" ...)
+ {DSA-1420-1}
- zabbix <unfixed> (bug #452682)
CVE-2007-6202 (SQL injection vulnerability in plugins/search/search.php in Neocrome ...)
NOT-FOR-US: Neocrome Seditio CMS
-CVE-2007-6211 (Send Nasty ICMP Garbage (sing) on Debian GNU/Linux allows local users ...)
+CVE-2007-6211 (Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users ...)
- sing 1.1-16 (low; bug #454167)
-CVE-2007-6209 (difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ...)
+CVE-2007-6209 (Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ...)
- zsh 4.3.4-dev-3-2 (low; bug #454073)
[etch] - zsh <no-dsa> (Minor issue)
[sarge] - zsh <no-dsa> (Minor issue)
@@ -461,8 +558,8 @@
RESERVED
CVE-2007-6015
RESERVED
-CVE-2007-6014
- RESERVED
+CVE-2007-6014 (SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and ...)
+ TODO: check
CVE-2007-6013 (Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash ...)
- wordpress <unfixed> (low; bug #452251)
NOTE: if untrusted people are allowed to read the database they could still
@@ -1844,12 +1941,12 @@
NOT-FOR-US: VMware Player
CVE-2007-5616
RESERVED
-CVE-2007-5615
- RESERVED
-CVE-2007-5614
- RESERVED
-CVE-2007-5613
- RESERVED
+CVE-2007-5615 (CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows ...)
+ TODO: check
+CVE-2007-5614 (Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote ...)
+ TODO: check
+CVE-2007-5613 (Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay ...)
+ TODO: check
CVE-2007-5612 (CIM Server in IBM Director 5.20.1 and earlier allows remote attackers ...)
NOT-FOR-US: IBM Director
CVE-2007-5611
@@ -2785,8 +2882,8 @@
RESERVED
CVE-2007-5356
RESERVED
-CVE-2007-5355
- RESERVED
+CVE-2007-5355 (The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet ...)
+ TODO: check
CVE-2007-5354
RESERVED
CVE-2007-5353
@@ -4472,7 +4569,7 @@
NOT-FOR-US: Apple Mac OS X
CVE-2007-4687 (The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 ...)
NOT-FOR-US: Apple Mac OS X
-CVE-2007-4686 (The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users ...)
+CVE-2007-4686 (Integer signedness error in the ttioctl function in bsd/kern/tty.c in ...)
NOT-FOR-US: Apple Mac OS X
CVE-2007-4685 (The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users ...)
NOT-FOR-US: Apple Mac OS X
@@ -4745,6 +4842,7 @@
RESERVED
CVE-2007-4575
RESERVED
+ {DSA-1419-1}
- openoffice.org 2.3.1~rc1-1 (medium; bug #454463)
- hsqldb 1.8.0.9-1
CVE-2007-4574 (Unspecified vulnerability in the "stack unwinder fixes" in kernel in ...)
@@ -8275,7 +8373,7 @@
CVE-2007-3105 (Stack-based buffer overflow in the random number generator (RNG) ...)
{DSA-1363-1}
- linux-2.6 2.6.22-4
-CVE-2007-3104 (The sysfs_readdir function in the Linux kernel in Red Hat Enterprise ...)
+CVE-2007-3104 (The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat ...)
- linux-2.6 2.6.22-4 (low)
CVE-2007-3103 (The init.d script for the X.Org X11 xfs font server on various Linux ...)
{DSA-1342-1}
More information about the Secure-testing-commits
mailing list