[Secure-testing-commits] r5208 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Jan 4 21:14:24 CET 2007 

Author: joeyh
Date: 2007-01-04 21:14:20 +0100 (Thu, 04 Jan 2007)
New Revision: 5208

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-01-03 17:40:30 UTC (rev 5207)
+++ data/CVE/list	2007-01-04 20:14:20 UTC (rev 5208)
@@ -1,3 +1,117 @@
+CVE-2007-0050 (** DISPUTED ** ...)
+	TODO: check
+CVE-2007-0049 (Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to ...)
+	TODO: check
+CVE-2007-0048 (Adobe Acrobat Reader Plugin before 8.0.0, when used with Internet ...)
+	TODO: check
+CVE-2007-0047 (CRLF injection vulnerability in Adobe Acrobat Reader Plugin before ...)
+	TODO: check
+CVE-2007-0046 (Double free vulnerability in the Adobe Acrobat Reader Plugin before ...)
+	TODO: check
+CVE-2007-0045 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat ...)
+	TODO: check
+CVE-2007-0044 (Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet ...)
+	TODO: check
+CVE-2007-0043
+	RESERVED
+CVE-2007-0042
+	RESERVED
+CVE-2007-0041
+	RESERVED
+CVE-2007-0040
+	RESERVED
+CVE-2007-0039
+	RESERVED
+CVE-2007-0038
+	RESERVED
+CVE-2007-0037
+	RESERVED
+CVE-2007-0036
+	RESERVED
+CVE-2007-0035
+	RESERVED
+CVE-2007-0034
+	RESERVED
+CVE-2007-0033
+	RESERVED
+CVE-2007-0032
+	RESERVED
+CVE-2007-0031
+	RESERVED
+CVE-2007-0030
+	RESERVED
+CVE-2007-0029
+	RESERVED
+CVE-2007-0028
+	RESERVED
+CVE-2007-0027
+	RESERVED
+CVE-2007-0026
+	RESERVED
+CVE-2007-0025
+	RESERVED
+CVE-2007-0024
+	RESERVED
+CVE-2007-0023
+	RESERVED
+CVE-2007-0022
+	RESERVED
+CVE-2007-0021
+	RESERVED
+CVE-2007-0020
+	RESERVED
+CVE-2007-0019
+	RESERVED
+CVE-2007-0018
+	RESERVED
+CVE-2007-0017 (Format string vulnerability in VideoLAN VLC 0.8.6 allows user-assisted ...)
+	TODO: check
+CVE-2007-0016 (Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers ...)
+	TODO: check
+CVE-2006-6858 (Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo ...)
+	TODO: check
+CVE-2006-6857 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2006-6856 (Direct static code injection vulnerability in WebText CMS 0.4.5.2 and ...)
+	TODO: check
+CVE-2006-6855 (AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to ...)
+	TODO: check
+CVE-2006-6854 (The qcamvc_video_init function in qcamvc.c in De Marchi Daniele ...)
+	TODO: check
+CVE-2006-6853 (Buffer overflow in Durian Web Application Server 3.02 freeware on ...)
+	TODO: check
+CVE-2006-6852 (Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 ...)
+	TODO: check
+CVE-2006-6851 (Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php ...)
+	TODO: check
+CVE-2006-6850 (PHP remote file inclusion vulnerability in include.php in the Roster ...)
+	TODO: check
+CVE-2006-6849 (administration/index.php in Cahier de texte (CDT) 2.2 does not ...)
+	TODO: check
+CVE-2006-6848 (SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows ...)
+	TODO: check
+CVE-2006-6847 (An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 ...)
+	TODO: check
+CVE-2006-6846 (Multiple SQL injection vulnerabilities in WYWO - InOut Board 1.0 allow ...)
+	TODO: check
+CVE-2006-6845 (Cross-site scripting (XSS) vulnerability in index.php in CMS Made ...)
+	TODO: check
+CVE-2006-6844 (Cross-site scripting (XSS) vulnerability in the optional user comment ...)
+	TODO: check
+CVE-2006-6843 (PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 ...)
+	TODO: check
+CVE-2006-6842 (SQL injection vulnerability in admin/admin_acronyms.php in the Acronym ...)
+	TODO: check
+CVE-2006-6841 (Certain forms in phpBB before 2.0.22 lack session checks, which has ...)
+	TODO: check
+CVE-2006-6840 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact ...)
+	TODO: check
+CVE-2006-6839 (Unspecified vulnerability in phpBB before 2.0.22 has unknown impact ...)
+	TODO: check
+CVE-2006-6838 (Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to ...)
+	TODO: check
+CVE-2006-6837 (Multiple stack-based buffer overflows in the (1) LoadTree, (2) ...)
+	TODO: check
 CVE-2007-XXXX [webcam-server unspecified vulnerability]
 	- webcam-server 0.50-2
 CVE-2007-XXXX [libsoup parse_headers_DoS]
@@ -118,7 +232,7 @@
 	TODO: check
 CVE-2006-6784 (SQL injection vulnerability in Netbula Anyboard allows remote ...)
 	TODO: check
-CVE-2006-6783 (Unrestricted file upload vulnerability in logahead UNU 1.0 allows ...)
+CVE-2006-6783 (logahead UNU 1.0 before 20061226 allows remote attackers to upload ...)
 	TODO: check
 CVE-2006-6782 (Cross-site scripting (XSS) vulnerability in pnamazu 2006.02.28 and ...)
 	TODO: check
@@ -887,8 +1001,8 @@
 	RESERVED
 CVE-2006-6489
 	RESERVED
-CVE-2006-6488
-	RESERVED
+CVE-2006-6488 (Stack-based buffer overflow in the DoModal function in the Dialog Wrapper ...)
+	TODO: check
 CVE-2006-6487
 	RESERVED
 CVE-2006-6486 (SQL injection vulnerability in EasyPage allows remote attackers to ...)
@@ -2202,8 +2316,8 @@
 CVE-2006-5871 (smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before ...)
 	{DSA-1237 DSA-1233}
 	- linux-2.6 <not-affected> (Current Linux versions already implement intended behaviour)
-CVE-2006-5870
-	RESERVED
+CVE-2006-5870 (Multiple integer overflows in OpenOffice.org 2.0.4 and earlier, and ...)
+	TODO: check
 CVE-2006-5869 (pstotext before 1.9 allows user-assisted attackers to execute ...)
 	{DSA-1220}
 	- pstotext 1.9-4 (bug #356988; medium)
@@ -2459,8 +2573,8 @@
 	- linux-2.6 2.6.18-8 (medium)
 CVE-2006-5750 (Directory traversal vulnerability in the DeploymentFileRepository ...)
 	NOT-FOR-US: JBoss
-CVE-2006-5749
-	RESERVED
+CVE-2006-5749 (The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c ...)
+	TODO: check
 CVE-2006-5748 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
 	{DSA-1227-1 DSA-1225-1 DSA-1224-1}
 	NOTE: MFSA-2006-65
@@ -5016,22 +5130,22 @@
 	NOT-FOR-US: Tr Forum
 CVE-2006-4583 (Multiple PHP remote file inclusion vulnerabilities in FlashChat before ...)
 	NOT-FOR-US: FlashChat
-CVE-2006-4582
-	RESERVED
-CVE-2006-4581
-	RESERVED
-CVE-2006-4580
-	RESERVED
-CVE-2006-4579
-	RESERVED
-CVE-2006-4578
-	RESERVED
-CVE-2006-4577
-	RESERVED
-CVE-2006-4576
-	RESERVED
-CVE-2006-4575
-	RESERVED
+CVE-2006-4582 (Cross-site request forgery (CSRF) vulnerability in The Address Book 1.04e ...)
+	TODO: check
+CVE-2006-4581 (Unrestricted file upload vulnerability in The Address Book 1.04e validates ...)
+	TODO: check
+CVE-2006-4580 (register.php in The Address Book 1.04e allows remote attackers to ...)
+	TODO: check
+CVE-2006-4579 (Directory traversal vulnerability in users.php in The Address Book ...)
+	TODO: check
+CVE-2006-4578 (export.php in The Address Book 1.04e writes username and password hash ...)
+	TODO: check
+CVE-2006-4577 (Multiple cross-site scripting (XSS) vulnerabilities in The Address Book 1.04e ...)
+	TODO: check
+CVE-2006-4576 (Cross-site scripting (XSS) vulnerability in The Address Book 1.04e allows ...)
+	TODO: check
+CVE-2006-4575 (Multiple SQL injection vulnerabilities in The Address Book 1.04e allow remote ...)
+	TODO: check
 CVE-2006-4574 (Off-by-one error in the MIME Multipart dissector in Wireshark ...)
 	- wireshark 0.99.4-1 (bug #396258; medium)
 CVE-2006-4573 (Multiple unspecified vulnerabilities in the &quot;utf8 combining characters ...)

More information about the Secure-testing-commits mailing list