[Secure-testing-commits] r7619 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Fri Dec 14 21:14:11 UTC 2007 

Author: joeyh
Date: 2007-12-14 21:14:10 +0000 (Fri, 14 Dec 2007)
New Revision: 7619

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-14 20:50:12 UTC (rev 7618)
+++ data/CVE/list	2007-12-14 21:14:10 UTC (rev 7619)
@@ -1,3 +1,85 @@
+CVE-2008-0025
+	RESERVED
+CVE-2008-0024
+	RESERVED
+CVE-2008-0023
+	RESERVED
+CVE-2008-0022
+	RESERVED
+CVE-2008-0021
+	RESERVED
+CVE-2008-0020
+	RESERVED
+CVE-2008-0019
+	RESERVED
+CVE-2008-0018
+	RESERVED
+CVE-2008-0017
+	RESERVED
+CVE-2008-0016
+	RESERVED
+CVE-2008-0015
+	RESERVED
+CVE-2008-0014
+	RESERVED
+CVE-2008-0013
+	RESERVED
+CVE-2008-0012
+	RESERVED
+CVE-2008-0011
+	RESERVED
+CVE-2007-6347 (PHP remote file inclusion vulnerability in blocks/block_site_map.php ...)
+	TODO: check
+CVE-2007-6346 (Cross-site scripting (XSS) vulnerability in Rainboard before 2.10 ...)
+	TODO: check
+CVE-2007-6345 (SQL injection vulnerability in aurora framework before 20071208 allows ...)
+	TODO: check
+CVE-2007-6344 (Directory traversal vulnerability in modules/cms/index.php in Mcms ...)
+	TODO: check
+CVE-2007-6343 (Cross-site scripting (XSS) vulnerability in HP OpenView Network Node ...)
+	TODO: check
+CVE-2007-6342 (SQL injection vulnerability in the David Castro AuthCAS module ...)
+	TODO: check
+CVE-2007-6341
+	RESERVED
+CVE-2007-6340
+	RESERVED
+CVE-2007-6339
+	RESERVED
+CVE-2007-6338
+	RESERVED
+CVE-2007-6337
+	RESERVED
+CVE-2007-6336
+	RESERVED
+CVE-2007-6335
+	RESERVED
+CVE-2007-6334
+	RESERVED
+CVE-2007-6333 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as ...)
+	TODO: check
+CVE-2007-6332 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as ...)
+	TODO: check
+CVE-2007-6331 (Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ...)
+	TODO: check
+CVE-2007-6330 (Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames ...)
+	TODO: check
+CVE-2007-6329 (Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not ...)
+	TODO: check
+CVE-2007-6328 (** DISPUTED ** ...)
+	TODO: check
+CVE-2007-6327 (Buffer overflow in a certain ActiveX control in Online Media ...)
+	TODO: check
+CVE-2007-6326 (Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote ...)
+	TODO: check
+CVE-2007-6325 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2007-6324 (PHP remote file inclusion vulnerability in head.php in CityWriter ...)
+	TODO: check
+CVE-2007-6323 (Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 ...)
+	TODO: check
+CVE-2007-6322 (Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 ...)
+	TODO: check
 CVE-2007-6320 (Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does ...)
 	NOT-FOR-US: Feature (third party drupal module)
 CVE-2007-6319
@@ -254,8 +336,8 @@
 CVE-2007-6205 (Cross-site scripting (XSS) vulnerability in the remote RSS sidebar ...)
 	- serendipity 1.2.1-1 (low)
 	[etch] - serendipity <no-dsa> (Can only be exploited in rare conditions)
-CVE-2007-6204
-	RESERVED
+CVE-2007-6204 (Multiple stack-based buffer overflows in HP OpenView Network Node ...)
+	TODO: check
 CVE-2007-6203 (Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method ...)
 	- apache2 2.2.6-3 (low)
 	[sarge] - apache2 <no-dsa> (minor issue)
@@ -558,7 +640,7 @@
 	[etch] - audacity <no-dsa> (Minor issue)
 CVE-2007-6060 (AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a ...)
 	NOT-FOR-US: AhnLab Antivirus 3 Internet Security 2008 Platinum
-CVE-2007-6059 (Javamail does not properly handle a series of invalid login attempts ...)
+CVE-2007-6059 (** DISPUTED ** ...)
 	NOT-FOR-US: Javamail
 CVE-2007-6058 (Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 ...)
 	NOT-FOR-US: ProfileCMS
@@ -699,9 +781,9 @@
 	RESERVED
 CVE-2007-6016
 	RESERVED
-CVE-2007-6015
-	RESERVED
+CVE-2007-6015 (Stack-based buffer overflow in the send_mailslot function in nmbd in ...)
 	{DSA-1427-1}
+	TODO: check
 CVE-2007-6014 (SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and ...)
 	NOT-FOR-US: Beehive Forum
 CVE-2007-6013 (Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash ...)
@@ -778,8 +860,8 @@
 	NOT-FOR-US: Symantec Web Security
 CVE-2004-2754 (SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and ...)
 	NOT-FOR-US: YaBB
-CVE-2007-5989
-	RESERVED
+CVE-2007-5989 (Unspecified vulnerability in the skype4com URI handler in Skype before ...)
+	TODO: check
 CVE-2007-5988 (blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user ...)
 	NOT-FOR-US: BtiTracker
 CVE-2007-5987 (details.php in BtiTracker before 1.4.5, when torrent viewing is ...)
@@ -835,8 +917,8 @@
 	RESERVED
 CVE-2007-5965
 	RESERVED
-CVE-2007-5964
-	RESERVED
+CVE-2007-5964 (The default configuration of autofs 5 in Red Hat Enterprise Linux ...)
+	TODO: check
 CVE-2007-5963 [kdm local resouce consumption "DoS"]
 	RESERVED
 	- kdebase <unfixed> (unimportant)
@@ -4023,8 +4105,7 @@
 	RESERVED
 CVE-2007-5001
 	RESERVED
-CVE-2007-5000 [Apache mod_imap/mod_imagemap XSS]
-	RESERVED
+CVE-2007-5000 (Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in ...)
 	[sarge] - apache2 <no-dsa> (minor issue)
 	[sarge] - apache <no-dsa> (minor issue)
 	[etch] - apache2 <no-dsa> (minor issue)
@@ -26479,10 +26560,10 @@
 	REJECTED
 CVE-2005-1755 (PHP remote file inclusion vulnerability in poll_vote.php in PHP Poll ...)
 	NOT-FOR-US: PHP Poll Creator
-CVE-2005-1754 (JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, ...)
+CVE-2005-1754 (** DISPUTED ** ...)
 	NOT-FOR-US: JavaMail API
 	NOTE: vulnerable file not in Debian
-CVE-2005-1753 (ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache ...)
+CVE-2005-1753 (** DISPUTED ** ...)
 	NOT-FOR-US: JavaMail API
 	NOTE: vulnerable file not in Debian
 CVE-2005-1752 (viewFile.php in the scm component of Gforge before 4.0 allows remote ...)
@@ -42447,7 +42528,7 @@
 	NOT-FOR-US: episodex
 CVE-2005-1683 (Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft ...)
 	NOT-FOR-US: Microsoft
-CVE-2005-1682 (JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does ...)
+CVE-2005-1682 (** DISPUTED ** ...)
 	NOT-FOR-US: Solstice Internet Mail Server
 CVE-2005-1681 (PHP remote file inclusion vulnerability in common.php in phpATM 1.21, ...)
 	NOT-FOR-US: phpATM

More information about the Secure-testing-commits mailing list