[Secure-testing-commits] r5448 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Feb 13 08:14:16 UTC 2007
Author: joeyh
Date: 2007-02-13 09:14:13 +0100 (Tue, 13 Feb 2007)
New Revision: 5448
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-12 22:02:10 UTC (rev 5447)
+++ data/CVE/list 2007-02-13 08:14:13 UTC (rev 5448)
@@ -1,3 +1,91 @@
+CVE-2007-0895 (Race condition in recursive directory deletion with the (1) -r or (2) ...)
+ TODO: check
+CVE-2007-0894 (MediaWiki before 1.9.2 allows remote attackers to obtain sensitive ...)
+ TODO: check
+CVE-2007-0893 (Directory traversal vulnerability in phpMyVisites before 2.2 allows ...)
+ TODO: check
+CVE-2007-0892 (CRLF injection vulnerability in phpMyVisites before 2.2 allows remote ...)
+ TODO: check
+CVE-2007-0891 (Cross-site scripting (XSS) vulnerability in the GetCurrentCompletePath ...)
+ TODO: check
+CVE-2007-0890 (Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in ...)
+ TODO: check
+CVE-2007-0889 (Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible ...)
+ TODO: check
+CVE-2007-0888 (Directory traversal vulnerability in the TFTP server in Kiwi CatTools ...)
+ TODO: check
+CVE-2007-0887 (axigen 1.2.6 through 2.0.0b1 does not properly parse login ...)
+ TODO: check
+CVE-2007-0886 (Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows ...)
+ TODO: check
+CVE-2007-0885 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2007-0884 (Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows ...)
+ TODO: check
+CVE-2007-0883 (Directory traversal vulnerability in ...)
+ TODO: check
+CVE-2007-0882 (The telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and ...)
+ TODO: check
+CVE-2007-0881 (PHP remote file inclusion vulnerability in the Seitenschutz plugin for ...)
+ TODO: check
+CVE-2007-0880 (Capital Request Forms stores sensitive information under the web root ...)
+ TODO: check
+CVE-2007-0879 (Buffer overflow in SmidgeonSoft PEBrowse Professional 8.2.1.0 allows ...)
+ TODO: check
+CVE-2007-0878 (Unspecified vulnerability in Microsoft Internet Explorer on Windows ...)
+ TODO: check
+CVE-2007-0877 (Unspecified vulnerability in March Networks DVR 3000 and 4000 Digital ...)
+ TODO: check
+CVE-2007-0876 (Cross-site scripting (XSS) vulnerability in Quick Digital Image ...)
+ TODO: check
+CVE-2007-0875 (SQL injection vulnerability in install.php in mcRefer allows remote ...)
+ TODO: check
+CVE-2007-0874 (Allons_voter 1.0 allows remote attackers to bypass authentication and ...)
+ TODO: check
+CVE-2007-0873 (nabopoll 1.1.2 allows remote attackers to bypass authentication and ...)
+ TODO: check
+CVE-2007-0872 (Directory traversal vulnerability in the Plain Old Webserver (POW) ...)
+ TODO: check
+CVE-2007-0871 (Unrestricted file upload vulnerability in eXtremePow eXtreme File ...)
+ TODO: check
+CVE-2006-7010 (The mosgetparam implementation in Joomla! before 1.0.10, does not set ...)
+ TODO: check
+CVE-2006-7009 (Joomla! before 1.0.10 allows remote attackers to spoof the frontend ...)
+ TODO: check
+CVE-2006-7008 (Unspecified vulnerability in Joomla! before 1.0.10 has unknown impact ...)
+ TODO: check
+CVE-2006-7007 (Buffer overflow in Tiny FTPd 1.4 and earlier allows remote attackers ...)
+ TODO: check
+CVE-2006-7006 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-7005 (SQL injection vulnerability in item.php in PSY Auction allows remote ...)
+ TODO: check
+CVE-2006-7004 (Cross-site scripting (XSS) vulnerability in email_request.php in PSY ...)
+ TODO: check
+CVE-2006-7003 (PHP remote file inclusion vulnerability in admin/index.php in Fusion ...)
+ TODO: check
+CVE-2006-7002 (Cross-site scripting (XSS) vulnerability in add_comment.php in ...)
+ TODO: check
+CVE-2006-7001 (Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9 ...)
+ TODO: check
+CVE-2006-7000 (Headstart Solutions DeskPRO allows remote attackers to obtain the full ...)
+ TODO: check
+CVE-2006-6999 (attachment.php in Headstart Solutions DeskPRO allows remote attackers ...)
+ TODO: check
+CVE-2006-6998 (install/loader_help.php in Headstart Solutions DeskPRO allows remote ...)
+ TODO: check
+CVE-2006-6997 (Unspecified vulnerability in a cryptographic feature in MailEnable ...)
+ TODO: check
+CVE-2006-6996 (Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS ...)
+ TODO: check
+CVE-2006-6995 (mycontacts.php in V3 Chat allows remote authenticated users to gain ...)
+ TODO: check
+CVE-2006-6994 (Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, ...)
+ TODO: check
+CVE-2006-6993 (Multiple SQL injection vulnerabilities in pages/addcomment2.php in ...)
+ TODO: check
+CVE-2005-4828 (Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large ...)
+ TODO: check
CVE-2007-XXXX [dokuwiki conf directory accessible by web users]
- dokuwiki 0.0.20061106-3 (bug #410557)
CVE-2007-0870 (Unspecified vulnerability in Microsoft Word 2000 allows remote ...)
@@ -238,8 +326,7 @@
RESERVED
CVE-2007-0771
RESERVED
-CVE-2007-0770 [graphicsmagick bogus second read in macro call]
- RESERVED
+CVE-2007-0770 (Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted ...)
- graphicsmagick 1.1.7-12
- imagemagick 7:6.2.4.5.dfsg1-0.14 (bug #410435)
CVE-2006-6982 (3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic ...)
@@ -763,10 +850,12 @@
CVE-2007-0542 (Cross-site scripting (XSS) vulnerability in show.php in 212cafe ...)
NOT-FOR-US: 212cafe Guestbook
CVE-2007-0541 (WordPress allows remote attackers to determine the existence of ...)
+ {DTSA-33-1}
- wordpress 2.1.0-1 (low)
CVE-2007-0540 (WordPress allows remote attackers to cause a denial of service ...)
- wordpress 2.1.0-1 (low)
CVE-2007-0539 (WordPress before 2.1 allows remote attackers to cause a denial of ...)
+ {DTSA-33-1}
- wordpress 2.1.0-1 (low)
CVE-2007-0538 (Telligent Community Server 2.1 and earlier allows remote attackers to ...)
NOT-FOR-US: Telligent
@@ -1428,6 +1517,7 @@
CVE-2007-0263 (Unspecified vulnerability in Total Commander before 6.5.6 allows ...)
NOT-FOR-US: Total Commander
CVE-2007-0262 (WordPress 2.0.6, and 2.1Alpha 3 (SVN:4662), does not properly verify ...)
+ {DTSA-33-1}
- wordpress <unfixed> (unimportant; bug #407289)
CVE-2007-0261 (snews.php in sNews 1.5.30 and earlier does not properly exit when ...)
NOT-FOR-US: sNews
@@ -4628,7 +4718,7 @@
NOT-FOR-US: e107
CVE-2006-5785 (Unspecified vulnerability in SAP Web Application Server 6.40 before ...)
NOT-FOR-US: SAP Web Application Server
-CVE-2006-5784 (Unspecified vulnerability in SAP Web Application Server 6.40 before ...)
+CVE-2006-5784 (Unspecified vulnerability in enserver.exe in SAP Web Application ...)
NOT-FOR-US: SAP Web Application Server
CVE-2006-5783 (** DISPUTED ** ...)
NOTE: irreproducible firefox issue
@@ -12355,7 +12445,7 @@
NOT-FOR-US: Microsoft
CVE-2006-2377
RESERVED
-CVE-2006-2376 (Heap-based buffer overflow in the PolyPolygon function in Graphics ...)
+CVE-2006-2376 (Integer overflow in the PolyPolygon function in Graphics Rendering ...)
NOT-FOR-US: Microsoft
CVE-2006-2375
RESERVED
@@ -39043,7 +39133,7 @@
NOT-FOR-US: microsoft
CVE-2003-0231 (Microsoft SQL Server 7, 2000, and MSDE allows local or remote ...)
NOT-FOR-US: microsoft
-CVE-2003-0230 (Microsoft SQL Server 7, 2000, and MSDE allows local users go gain ...)
+CVE-2003-0230 (Microsoft SQL Server 7, 2000, and MSDE allows local users to gain ...)
NOT-FOR-US: microsoft
CVE-2003-0229
RESERVED
More information about the Secure-testing-commits
mailing list