[Secure-testing-commits] r5494 - data/CVE
Kees Cook
keescook-guest at alioth.debian.org
Wed Feb 28 19:10:39 UTC 2007
Author: keescook-guest
Date: 2007-02-28 20:10:35 +0100 (Wed, 28 Feb 2007)
New Revision: 5494
Modified:
data/CVE/list
Log:
NFUs, iceweasel, tor, typo3, dcc, kernel issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-28 08:14:13 UTC (rev 5493)
+++ data/CVE/list 2007-02-28 19:10:35 UTC (rev 5494)
@@ -1,403 +1,403 @@
CVE-2007-1160 (webSPELL 4.0, and possibly later versions, allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: webSPELL
CVE-2007-1159 (Cross-site scripting (XSS) vulnerability in modules/out.php in ...)
- TODO: check
+ NOT-FOR-US: Pyrophobia
CVE-2007-1158 (Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 ...)
- TODO: check
+ NOT-FOR-US: Pagesetter
CVE-2007-1157 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: JBoss
CVE-2007-1156 (JBrowser allows remote attackers to bypass authentication and access ...)
- TODO: check
+ NOT-FOR-US: JBrowser
CVE-2007-1155 (Unrestricted file upload vulnerability in webSPELL allows remote ...)
- TODO: check
+ NOT-FOR-US: webSPELL
CVE-2007-1154 (SQL injection vulnerability in webSPELL allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: webSPELL
CVE-2007-1153 (Multiple PHP remote file inclusion vulnerabilities in CutePHP CuteNews ...)
- TODO: check
+ NOT-FOR-US: CuteNews
CVE-2007-1152 (Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 ...)
- TODO: check
+ NOT-FOR-US: Pyrophobia
CVE-2007-1151 (Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: LoveCMS
CVE-2007-1150 (Unrestricted file upload vulnerability in LoveCMS 1.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: LoveCMS
CVE-2007-1149 (Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow ...)
- TODO: check
+ NOT-FOR-US: LoveCMS
CVE-2007-1148 (PHP remote file inclusion vulnerability in install/index.php in ...)
- TODO: check
+ NOT-FOR-US: LoveCMS
CVE-2007-1147 (PHP remote file inclusion vulnerability in view.php in hbm allows ...)
- TODO: check
+ NOT-FOR-US: hbm
CVE-2007-1146 (PHP remote file inclusion vulnerability in function.php in arabhost ...)
- TODO: check
+ NOT-FOR-US: arabhost
CVE-2007-1145 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako ...)
- TODO: check
+ NOT-FOR-US: Kayako SupportSuite
CVE-2007-1144 (Directory traversal vulnerability in jwpn-photos.php in J-Web Pics ...)
- TODO: check
+ NOT-FOR-US: J-Web Pics Navigator
CVE-2007-1143 (Directory traversal vulnerability in pn-menu.php in J-Web Pics ...)
- TODO: check
+ NOT-FOR-US: J-Web Pics Navigator
CVE-2007-1142 (Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 ...)
- TODO: check
+ NOT-FOR-US: Magic News Plus
CVE-2007-1141 (PHP remote file inclusion vulnerability in preview.php in Magic News ...)
- TODO: check
+ NOT-FOR-US: Magic News Plus
CVE-2007-1140 (Directory traversal vulnerability in edit.php in pheap allows remote ...)
- TODO: check
+ NOT-FOR-US: pheap
CVE-2007-1139 (Unrestricted file upload vulnerability in Cromosoft Simple Plantilla ...)
- TODO: check
+ NOT-FOR-US: Simple Plantilla PHP
CVE-2007-1138 (Absolute path traversal vulnerability in list_main_pages.php in ...)
- TODO: check
+ NOT-FOR-US: Simple Plantilla PHP
CVE-2007-1137 (putmail.py in Putmail before 1.4 does not detect when a user attempts ...)
- TODO: check
+ NOT-FOR-US: Putmail
CVE-2007-1136 (index.php in WebMplayer before 0.6.1-Alpha allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: WebMplayer
CVE-2007-1135 (Multiple SQL injection vulnerabilities in WebMplayer before ...)
- TODO: check
+ NOT-FOR-US: WebMplayer
CVE-2007-1134 (Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown ...)
- TODO: check
+ NOT-FOR-US: Watchtower
CVE-2007-1133 (PHP remote file inclusion vulnerability in fcring.php in FCRing 1.3 ...)
- TODO: check
+ NOT-FOR-US: FCRing
CVE-2007-1132 (Multiple cross-site scripting (XSS) vulnerabilities in MTCMS 2.2 allow ...)
- TODO: check
+ NOT-FOR-US: MTCMS
CVE-2007-1131 (PHP remote file inclusion vulnerability in sinapis.php in Sinapis ...)
- TODO: check
+ NOT-FOR-US: Sinapis Forum
CVE-2007-1130 (PHP remote file inclusion vulnerability in sinagb.php in Sinapis ...)
- TODO: check
+ NOT-FOR-US: Sinapis Gastebuch
CVE-2007-1129 (Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow ...)
- TODO: check
+ NOT-FOR-US: MTCMS
CVE-2007-1128 (shopkitplus allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: shopkitplus
CVE-2007-1127 (Directory traversal vulnerability in enc/stylecss.php in shopkitplus ...)
- TODO: check
+ NOT-FOR-US: shopkitplus
CVE-2007-1126 (Directory traversal vulnerability in index.php in xtcommerce allows ...)
- TODO: check
+ NOT-FOR-US: xtcommerce
CVE-2007-1125 (Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer ...)
- TODO: check
+ NOT-FOR-US: XeroXer Simple
CVE-2007-1124 (Directory traversal vulnerability in gallery.php in XeroXer Simple ...)
- TODO: check
+ NOT-FOR-US: XeroXer Simple
CVE-2007-1123 (Multiple PHP remote file inclusion vulnerabilities in ZPanel 2.0 allow ...)
- TODO: check
+ NOT-FOR-US: ZPanel
CVE-2007-1122 (Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ...)
- TODO: check
+ NOT-FOR-US: ZephyrSoft Toolbox Address Book Continued
CVE-2007-1121 (Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ...)
- TODO: check
+ NOT-FOR-US: ZephyrSoft Toolbox Address Book Continued
CVE-2007-1120 (The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile functions ...)
- TODO: check
+ NOT-FOR-US: TeeChart Pro ActiveX control
CVE-2007-1119 (Unspecified vulnerability in Novell ZENworks 7 Desktop Management ...)
- TODO: check
+ NOT-FOR-US: Novell ZENworks
CVE-2007-1118 (Multiple PHP remote file inclusion vulnerabilities in eFiction 3.1.1 ...)
- TODO: check
+ NOT-FOR-US: eFiction
CVE-2007-1117 (Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2007-1116 (The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI ...)
- TODO: check
+ - iceweasel <unfixed> (medium)
CVE-2007-1115 (The child frames in Opera 9 inherit the default charset from the ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2007-1114 (The child frames in Microsoft Internet Explorer 7 inherit the default ...)
- TODO: check
+ NOT-FOR-US: Microsoft IE
CVE-2007-1113
RESERVED
CVE-2007-1112
RESERVED
CVE-2007-1111 (Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar ...)
- TODO: check
+ NOT-FOR-US: ActiveCalendar
CVE-2007-1110 (Directory traversal vulnerability in data/showcode.php in ...)
- TODO: check
+ NOT-FOR-US: ActiveCalendar
CVE-2007-1109 (Multiple cross-site scripting (XSS) vulnerabilities in Phpwebgallery ...)
- TODO: check
+ NOT-FOR-US: Phpwebgallery
CVE-2007-1108 (PHP remote file inclusion vulnerability in index.php in Christian ...)
- TODO: check
+ NOT-FOR-US: CS-Gallery
CVE-2007-1107 (SQL injection vulnerability in thumbnails.php in Coppermine Photo ...)
- TODO: check
+ NOT-FOR-US: Coppermine Photo Gallery
CVE-2007-1106 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: NoMoKeTos Rules
CVE-2007-1105 (PHP remote file inclusion vulnerability in functions.php in Extreme ...)
- TODO: check
+ NOT-FOR-US: phpBB Extreme
CVE-2007-1104 (PHP remote file inclusion vulnerability in top.php in PHP Module ...)
- TODO: check
+ NOT-FOR-US: PHP Module Implementation
CVE-2007-1103 (Tor does not verify a node's uptime and bandwidth advertisements, ...)
- TODO: check
+ - tor <unfixed> (medium)
CVE-2007-1102 (Photostand 1.2.0 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Photostand
CVE-2007-1101 (Multiple cross-site scripting (XSS) vulnerabilities in Photostand ...)
- TODO: check
+ NOT-FOR-US: Photostand
CVE-2007-1100 (Directory traversal vulnerability in download.php in Pickle allows ...)
- TODO: check
+ NOT-FOR-US: Pickle
CVE-2007-1099 (dbclient in Dropbear SSH client before 0.49 does not sufficiently warn ...)
- TODO: check
+ NOT-FOR-US: Dropbear SSH
CVE-2007-1098 (Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have ...)
- TODO: check
+ NOT-FOR-US: ScryMUD
CVE-2007-1097 (Unspecified vulnerability in the upload tool in Wiclear before 0.11.1 ...)
- TODO: check
+ NOT-FOR-US: Wiclear
CVE-2007-1096 (Cross-site scripting (XSS) vulnerability in ps_cart.php in VirtueMart ...)
- TODO: check
+ NOT-FOR-US: VirtueMart
CVE-2007-1095 (Mozilla Firefox does not properly implement JavaScript onUnload ...)
- TODO: check
+ - iceweasel <unfixed> (medium)
CVE-2007-1094 (Microsoft Internet Explorer 7 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Microsoft IE
CVE-2007-1093 (Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager ...)
- TODO: check
+ NOT-FOR-US: Network Node Manager
CVE-2007-1092 (Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow ...)
- TODO: check
+ - iceweasel 2.0.0.2+dfsg-1 (low)
CVE-2007-1091 (Microsoft Internet Explorer 7 allows remote attackers to prevent users ...)
- TODO: check
+ NOT-FOR-US: Microsoft IE
CVE-2007-1090 (Microsoft Windows Explorer on Windows XP and 2003 allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2007-1089 (IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2007-1088 (Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2007-1087 (IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2007-1086 (Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2007-1085 (Cross-site scripting (XSS) vulnerability in Google Desktop allows ...)
- TODO: check
+ NOT-FOR-US: Google Desktop
CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before ...)
- TODO: check
+ - iceweasel <unfixed> (medium)
CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk) ActiveX ...)
- TODO: check
+ NOT-FOR-US: ConfigChk ActiveX control
CVE-2007-1082 (FTP Explorer 1.0.1 Build 047 allows remote servers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: FTP Explorer
CVE-2007-1081 (The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, ...)
- TODO: check
+ - typo3 <unfixed> (low)
CVE-2007-1080 (Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow ...)
- TODO: check
+ NOT-FOR-US: TurboFTP
CVE-2007-1079 (Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager ...)
- TODO: check
+ NOT-FOR-US: FTP Voyager
CVE-2007-1078 (PHP remote file inclusion vulnerability in index.php in ...)
- TODO: check
+ NOT-FOR-US: FlashGameScript
CVE-2007-1077 (SQL injection vulnerability in page.asp in Design4Online UserPages2 ...)
- TODO: check
+ NOT-FOR-US: UserPages2
CVE-2007-1076 (Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and ...)
- TODO: check
+ NOT-FOR-US: phpTrafficA
CVE-2007-1075 (TurboFTP 5.30 Build 572 allows remote servers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: TurboFTP
CVE-2007-1074 (Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x ...)
- TODO: check
+ NOT-FOR-US: NewsBin Pro
CVE-2007-1073 (Static code injection vulnerability in install.php in mcRefer allows ...)
- TODO: check
+ NOT-FOR-US: mcRefer
CVE-2007-1072 (The command line interface (CLI) in Cisco Unified IP Phone 7906G, ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified IP Phone
CVE-2007-1071 (Integer overflow in the gifGetBandProc function in ImageIO in Apple ...)
- TODO: check
+ NOT-FOR-US: Apple ImageIO
CVE-2007-1069
RESERVED
CVE-2007-1068 (The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, ...)
- TODO: check
+ NOT-FOR-US: Cisco Secure Services Client
CVE-2007-1067 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
- TODO: check
+ NOT-FOR-US: Cisco Secure Services Client
CVE-2007-1066 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
- TODO: check
+ NOT-FOR-US: Cisco Secure Services Client
CVE-2007-1065 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
- TODO: check
+ NOT-FOR-US: Cisco Secure Services Client
CVE-2007-1064 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, ...)
- TODO: check
+ NOT-FOR-US: Cisco Secure Services Client
CVE-2007-1063 (The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified IP Phone
CVE-2007-1062 (The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified IP Conference Station
CVE-2007-1061 (SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke ...)
- TODO: check
+ NOT-FOR-US: PHP-Nuke
CVE-2007-1060 (Multiple PHP remote file inclusion vulnerabilities in Interspire ...)
- TODO: check
+ NOT-FOR-US: SendStudio
CVE-2007-1059 (PHP remote file inclusion vulnerability in function.php in Ultimate ...)
- TODO: check
+ NOT-FOR-US: Ultimate Fun Book
CVE-2007-1058 (SQL injection vulnerability in user_pages/page.asp in Online Web ...)
- TODO: check
+ NOT-FOR-US: Online Web Building
CVE-2007-1057 (The Net Direct client for Linux before 6.0.5 in Nortel Application ...)
- TODO: check
+ NOT-FOR-US: Nortel Application Switch
CVE-2007-1056 (VMware Workstation 5.5.3 build 34685 does not provide per-user ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2007-1055 (Cross-site scripting (XSS) vulnerability in the AJAX features in ...)
TODO: check
CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features in ...)
TODO: check
CVE-2007-1053 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: phpXmms
CVE-2007-1052 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: PBLang
CVE-2007-1051 (Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and ...)
- TODO: check
+ NOT-FOR-US: Comodo Firewall Pro
CVE-2007-1050 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: MyCalendar
CVE-2007-1048 (PHP remote file inclusion vulnerability in admin_rebuild_search.php in ...)
- TODO: check
+ NOT-FOR-US: phpbb_wordsearch
CVE-2007-1047 (Unspecified vulnerability in Distributed Checksum Clearinghouse (DCC) ...)
- TODO: check
+ - dcc <unfixed> (medium)
CVE-2007-1046 (Dem_trac allows remote attackers to read log file contents via a ...)
- TODO: check
+ NOT-FOR-US: Dem_trac
CVE-2007-1045 (mAlbum 0.3 has default accunts (1) "login"/"pass" for its ...)
- TODO: check
+ NOT-FOR-US: mAlbum
CVE-2007-1044 (Pearson Education PowerSchool 4.3.6 allows remote attackers to list ...)
- TODO: check
+ NOT-FOR-US: PowerSchool
CVE-2007-1043 (Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: Ezboo
CVE-2007-1042 (Directory traversal vulnerability in news.php in Xpression News ...)
- TODO: check
+ NOT-FOR-US: Xpression News
CVE-2007-1041 (Multiple stack-based buffer overflows in S&H Computer Systems News ...)
- TODO: check
+ NOT-FOR-US: News Rover
CVE-2007-1040 (Directory traversal vulnerability in archives.php in Xpression News ...)
- TODO: check
+ NOT-FOR-US: Xpression News
CVE-2007-1039 (Unspecified vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 ...)
- TODO: check
+ NOT-FOR-US: Peanut Knowledge Base
CVE-2007-1038 (Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Grabit
CVE-2007-1037 (Stack-based buffer overflow in News File Grabber 4.1.0.1 and earlier ...)
- TODO: check
+ NOT-FOR-US: News File Grabber
CVE-2006-7093 (Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4 ...)
- TODO: check
+ NOT-FOR-US: Mambo LaiThai
CVE-2006-7092 (SQL injection vulnerability in includes/mambo.php in Mambo LaiThai ...)
- TODO: check
+ NOT-FOR-US: Mambo LaiThai
CVE-2006-7091 (PHP remote file inclusion vulnerability in config.php in phpht ...)
- TODO: check
+ NOT-FOR-US: Topsites FREE
CVE-2006-7090 (PHP remote file inclusion vulnerability in phpbb_security.php in phpBB ...)
- TODO: check
+ NOT-FOR-US: phpBB Security
CVE-2006-7089 (SQL injection vulnerability in connexion.php in Ban 0.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: Ban
CVE-2006-7088 (Multiple SQL injection vulnerabilities in Simple PHP Forum before 0.4 ...)
- TODO: check
+ NOT-FOR-US: Simple PHP Forum
CVE-2006-7087 (CRLF injection vulnerability in the mail function in Dotdeb PHP before ...)
- TODO: check
+ NOT-FOR-US: Dotdeb PHP
CVE-2006-7086 (The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow ...)
- TODO: check
+ NOT-FOR-US: Hot Links
CVE-2006-7085 (Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Rigter Portal System
CVE-2006-7084 (Directory traversal vulnerability in index.php in Rigter Portal System ...)
- TODO: check
+ NOT-FOR-US: Rigter Portal System
CVE-2006-7083 (Directory traversal vulnerability in index.php in Rigter Portal System ...)
- TODO: check
+ NOT-FOR-US: Rigter Portal System
CVE-2006-7082 (Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Rigter Portal System
CVE-2006-7081 (Multiple PHP remote file inclusion vulnerabilities in PhpNews 1.0 ...)
- TODO: check
+ NOT-FOR-US: PhpNews
CVE-2006-7080 (Directory traversal vulnerability in the avatar upload feature in exV2 ...)
- TODO: check
+ NOT-FOR-US: exV2
CVE-2006-7079 (Variable extraction vulnerability in include/common.php in exV2 ...)
- TODO: check
+ NOT-FOR-US: exV2
CVE-2006-7078 (Multiple cross-site scripting (XSS) vulnerabilities in Professional ...)
- TODO: check
+ NOT-FOR-US: Professional Home Page Tools Login Script
CVE-2006-7077 (SQL injection vulnerability in guestbook.php in Advanced Guestbook 2.4 ...)
- TODO: check
+ NOT-FOR-US: Advanced Guestbook
CVE-2006-7076 (Cross-site scripting (XSS) vulnerability in guestbook.php in Advanced ...)
- TODO: check
+ NOT-FOR-US: Advanced Guestbook
CVE-2006-7075 (Buffer overflow in the meta_read_flac function in meta_decoder.c for ...)
- TODO: check
+ - aqualung 0.9~beta6-1 (medium)
CVE-2006-7074 (admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: SmartSiteCMS
CVE-2006-7073 (Cross-site scripting (XSS) vulnerability in Opentools Attachment Mod ...)
TODO: check
CVE-2006-7072 (Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise ...)
- TODO: check
+ NOT-FOR-US: GeoClassifieds Enterprise
CVE-2006-7071 (SQL injection vulnerability in classes/class_session.php in Invision ...)
- TODO: check
+ NOT-FOR-US: Invision Power Board
CVE-2006-7070 (Unrestricted file upload vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Etomite CMS
CVE-2006-7069 (PHP remote file inclusion vulnerability in smarty_config.php in ...)
- TODO: check
+ NOT-FOR-US: Socketwiz Bookmarks
CVE-2006-7068 (PHP remote file inclusion vulnerability in CliServ Web Community 0.65 ...)
- TODO: check
+ NOT-FOR-US: CliServ Web Community
CVE-2006-7067 (Oracle 10g R2 and possibly other versions allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2006-7066 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft IE
CVE-2006-7065 (Microsoft Internet Explorer allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: Microsoft IE
CVE-2006-7064 (Cross-site scripting (XSS) vulnerability in forum/admin.php for ...)
- TODO: check
+ NOT-FOR-US: Invision Power Board
CVE-2006-7063 (Directory traversal vulnerability in profile.php in TinyPHPforum 3.6 ...)
- TODO: check
+ NOT-FOR-US: TinyPHPforum
CVE-2006-7062 (calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: Kamgaing Email System
CVE-2006-7061 (Scriptsez.net E-Dating System stores data files with predictable names ...)
- TODO: check
+ NOT-FOR-US: E-Dating System
CVE-2006-7060 (cindex.php in Scriptsez.net E-Dating System allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: E-Dating System
CVE-2006-7059 (Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net ...)
- TODO: check
+ NOT-FOR-US: E-Dating System
CVE-2006-7058 (Multiple cross-site scripting (XSS) vulnerabilities in Sphider before ...)
- TODO: check
+ NOT-FOR-US: Sphider
CVE-2006-7057 (SQL injection vulnerability in search.php in Sphider before 1.3.1c ...)
- TODO: check
+ NOT-FOR-US: Sphider
CVE-2006-7056 (Multiple PHP remote file inclusion vulnerabilities in DreamCost ...)
- TODO: check
+ NOT-FOR-US: HostAdmin
CVE-2006-7055 (PHP remote file inclusion vulnerability in index.php in TotalCalendar ...)
- TODO: check
+ NOT-FOR-US: TotalCalendar
CVE-2006-7054 (The DNS module in Arkoon FAST360 UTM appliances 3.0 up to 3.0/29, 3.1 ...)
- TODO: check
+ NOT-FOR-US: FAST360 UTM
CVE-2006-7053 (Unspecified vulnerability in Arkoon FAST360 UTM appliances 3.0 through ...)
- TODO: check
+ NOT-FOR-US: FAST360 UTM
CVE-2006-7052 (Multiple PHP remote file inclusion vulnerabilities in DotWidget For ...)
- TODO: check
+ NOT-FOR-US: DotWidget
CVE-2006-7051 (The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x ...)
- TODO: check
+ - linux-2.6 <unfixed> (medium)
CVE-2006-7050 (Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) ...)
- TODO: check
+ NOT-FOR-US: WikkaWiki
CVE-2006-7049 (The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the ...)
- TODO: check
+ NOT-FOR-US: WikkaWiki
CVE-2006-7048 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 ...)
- TODO: check
+ NOT-FOR-US: Claroline
CVE-2006-7047 (include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ...)
- TODO: check
+ NOT-FOR-US: Shoutpro
CVE-2006-7046 (PHP remote file inclusion vulnerability in cmpro.intern/login.inc.php ...)
- TODO: check
+ NOT-FOR-US: Clan Manager Pro
CVE-2006-7045 (PHP remote file inclusion vulnerability in Clan Manager Pro (CMPRO) ...)
- TODO: check
+ NOT-FOR-US: Clan Manager Pro
CVE-2006-7044 (PHP remote file inclusion vulnerability in comment.core.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Clan Manager Pro
CVE-2006-7043 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk ...)
- TODO: check
+ NOT-FOR-US: Chipmunk
CVE-2006-7042 (Cross-site scripting (XSS) vulnerability in directory/index.php in ...)
- TODO: check
+ NOT-FOR-US: Chipmunk
CVE-2006-7041 (The SMTP service in MERCUR Messaging 2005 before Service Pack 4 allows ...)
- TODO: check
+ NOT-FOR-US: MERCUR Messaging
CVE-2006-7040 (Unspecified vulnerability in MERCUR Messaging 2005 before Service Pack ...)
- TODO: check
+ NOT-FOR-US: MERCUR Messaging
CVE-2006-7039 (The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 ...)
- TODO: check
+ NOT-FOR-US: MERCUR Messaging
CVE-2006-7038 (Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack ...)
- TODO: check
+ NOT-FOR-US: MERCUR Messaging
CVE-2006-7037 (Mathcad 12 through 13.1 allows local users to bypass the security ...)
- TODO: check
+ NOT-FOR-US: MathCAD
CVE-2006-7036 (PHP remote file inclusion vulnerability in register.php for Andys Chat ...)
- TODO: check
+ NOT-FOR-US: Andy's Chat
CVE-2006-7035 (Directory traversal vulnerability in make_thumbnail.php in Super Link ...)
- TODO: check
+ NOT-FOR-US: Super Link Exchange Script
CVE-2006-7034 (SQL injection vulnerability in directory.php in Super Link Exchange ...)
- TODO: check
+ NOT-FOR-US: Super Link Exchange Script
CVE-2006-7033 (Cross-site scripting (XSS) vulnerability in Super Link Exchange Script ...)
- TODO: check
+ NOT-FOR-US: Super Link Exchange Script
CVE-2006-7032 (PHP remote file inclusion vulnerability in phpbb/getmsg.php in FlashBB ...)
- TODO: check
+ NOT-FOR-US: FlashBB
CVE-2006-7031 (Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft IE
CVE-2006-7030 (Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Microsoft IE
CVE-2006-7029 (Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Microsoft IE
CVE-2006-7028 (Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2006-7027 (Microsoft Internet Security and Acceleration (ISA) Server 2004 logs ...)
- TODO: check
+ NOT-FOR-US: Microsoft ISA
CVE-2006-7026 (PHP remote file inclusion vulnerability in sources/join.php in ...)
- TODO: check
+ NOT-FOR-US: Topsites PHP
CVE-2006-7025 (SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and ...)
- TODO: check
+ NOT-FOR-US: Bookmark4U
CVE-2005-4829 (VirtueMart before 1.0.1 does not properly handle errors when a user is ...)
- TODO: check
+ NOT-FOR-US: VirtueMart
CVE-2004-2679 (Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: CheckPoint Firewall
CVE-2004-2678 (Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and ...)
- TODO: check
+ NOT-FOR-US: HP Tru64 UNIX
CVE-2004-2677 (Format string vulnerability in qwik-smtpd.c in QwikMail SMTP ...)
TODO: check
CVE-2003-1320 (SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: SonicWALL
CVE-2002-2225 (SafeNet VPN client allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: SafeNet VPN
CVE-2002-2224 (Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0 SP6 ...)
- TODO: check
+ NOT-FOR-US: PGPFreeware
CVE-2002-2223 (Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to ...)
TODO: check
CVE-2002-2222 (isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2007-XXXX [apache does not use setsid() to detach from controlling tty ]
- apache <unfixed> (bug #357561)
CVE-2007-XXXX [vserver patch allows renice of processes in different context]
@@ -970,7 +970,7 @@
CVE-2007-0845 (admin/index.php in Advanced Poll 2.0.0 through 2.0.5-dev allows remote ...)
NOT-FOR-US: Advanced Poll
CVE-2007-0843 (The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2007-0842 (The 64-bit versions of Microsoft Visual C++ 8.0 standard library ...)
NOT-FOR-US: Microsoft
CVE-2007-0841 (Multiple unspecified vulnerabilities in vbDrupal before 4.7.6.0 have ...)
@@ -2222,9 +2222,9 @@
CVE-2007-0322
RESERVED
CVE-2007-0321 (Buffer overflow in the Update Service Agent ActiveX Control in ...)
- TODO: check
+ NOT-FOR-US: FLEXnet Connect
CVE-2007-0320 (Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) ...)
- TODO: check
+ NOT-FOR-US: InstallFromTheWeb
CVE-2007-0319
RESERVED
CVE-2007-0318 (The do_hfs_truncate function in Mac OS X 10.4.8 allows ...)
@@ -3589,7 +3589,7 @@
CVE-2007-0002
RESERVED
CVE-2007-0001 (The file watch implementation in the audit subsystem (auditctl -w) in ...)
- TODO: check
+ - linux-2.6 <unfixed>
CVE-2006-6659 (The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in ...)
NOT-FOR-US: Microsoft
CVE-2006-6658 (Inktomi Search 4.1.4 allows remote attackers to obtain sensitive ...)
More information about the Secure-testing-commits
mailing list