[Secure-testing-commits] r5241 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Jan 11 21:14:25 CET 2007
Author: joeyh
Date: 2007-01-11 21:14:22 +0100 (Thu, 11 Jan 2007)
New Revision: 5241
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-11 19:12:49 UTC (rev 5240)
+++ data/CVE/list 2007-01-11 20:14:22 UTC (rev 5241)
@@ -1,78 +1,78 @@
-CVE-2007-0204 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- - phpmyadmin <unfixed> (bug #406486; high)
-CVE-2007-0203 (Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 ...)
- - phpmyadmin <unfixed> (bug #406332; high)
-CVE-2007-0202 (SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 ...)
- NOT-FOR-US: @lex
-CVE-2007-0201 (Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet ...)
- NOT-FOR-US: TIS
-CVE-2007-0200 (PHP remote file inclusion vulnerability in template.php in Geoffrey ...)
- NOT-FOR-US: Geoffrey Golliher Axiom Photo/News Gallery
-CVE-2007-0199 (The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 ...)
- NOT-FOR-US: Cisco
-CVE-2007-0198 (The JTapi Gateway process in Cisco Unified Contact Center Enterprise ...)
- NOT-FOR-US: Cisco
-CVE-2007-0197 (Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted ...)
- NOT-FOR-US: Apple Mac OS
-CVE-2007-0196 (SQL injection vulnerability in admin_check_user.asp in Motionborg Web ...)
- NOT-FOR-US: Motionborg Web Real Estate
+CVE-2007-0204
+ - phpmyadmin <unfixed> (bug #406486; high)
+CVE-2007-0203
+ - phpmyadmin <unfixed> (bug #406332; high)
+CVE-2007-0202
+ NOT-FOR-US: @lex
+CVE-2007-0201
+ NOT-FOR-US: TIS
+CVE-2007-0200
+ NOT-FOR-US: Geoffrey Golliher Axiom Photo/News Gallery
+CVE-2007-0199
+ NOT-FOR-US: Cisco
+CVE-2007-0198
+ NOT-FOR-US: Cisco
+CVE-2007-0197
+ NOT-FOR-US: Apple Mac OS
+CVE-2007-0196
+ NOT-FOR-US: Motionborg Web Real Estate
CVE-2007-0195
- RESERVED
+ TODO: check
CVE-2007-0194
- RESERVED
+ TODO: check
CVE-2007-0193
- RESERVED
+ TODO: check
CVE-2007-0192
- RESERVED
+ TODO: check
CVE-2007-0191
- RESERVED
+ TODO: check
CVE-2007-0190
- RESERVED
+ TODO: check
CVE-2007-0189
- RESERVED
+ TODO: check
CVE-2007-0188
- RESERVED
+ TODO: check
CVE-2007-0187
- RESERVED
+ TODO: check
CVE-2007-0186
- RESERVED
+ TODO: check
CVE-2007-0185
- RESERVED
+ TODO: check
CVE-2007-0184
- RESERVED
+ TODO: check
CVE-2007-0183
- RESERVED
+ TODO: check
CVE-2007-0182
- RESERVED
-CVE-2007-0181 (PHP remote vulnerability in include/common_function.php in magic photo ...)
- NOT-FOR-US: Magic Photo Storage website
-CVE-2007-0180 (Stack-based buffer overflow in EF Commander 5.75 allows user-assisted ...)
- NOT-FOR-US: EF Commander
-CVE-2007-0179 (SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows ...)
- NOT-FOR-US: PHPKIT
-CVE-2007-0178 (PHP remote file inclusion vulnerability in info.php in Easy Banner Pro ...)
- NOT-FOR-US: Easy Banner Pro
-CVE-2007-0177 (Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWiki ...)
- - mediawiki <unfixed> (bug #406238; medium)
- NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721
-CVE-2007-0176 (Cross-site scripting (XSS) vulnerability in search/advanced_search.php in Gforge ...)
- TODO: check
-CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution ...)
- - b2evolution <not-affected>
-CVE-2007-0174 (Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ...)
- NOT-FOR-US: Sina UC2006
-CVE-2007-0173 (Directory traversal vulnerability in index.php in L2J Statistik Script ...)
- NOT-FOR-US: L2J Statistik Script
-CVE-2007-0172 (Multiple PHP remote file inclusion vulnerabilities in AllMyGuests ...)
- NOT-FOR-US: AllMyGuest
-CVE-2007-0171 (PHP remote file inclusion vulnerability in index.php in AllMyLinks ...)
- NOT-FOR-US: AllMyLinks
-CVE-2007-0170 (PHP remote file inclusion vulnerability in index.php in AllMyVisitors ...)
- NOT-FOR-US: AllmyVisitors
+ TODO: check
+CVE-2007-0181
+ NOT-FOR-US: Magic Photo Storage website
+CVE-2007-0180
+ NOT-FOR-US: EF Commander
+CVE-2007-0179
+ NOT-FOR-US: PHPKIT
+CVE-2007-0178
+ NOT-FOR-US: Easy Banner Pro
+CVE-2007-0177
+ - mediawiki <unfixed> (bug #406238; medium)
+ NOTE: vendor advisory: http://sourceforge.net/forum/forum.php?forum_id=652721
+CVE-2007-0176
+ TODO: check
+CVE-2007-0175
+ - b2evolution <not-affected>
+CVE-2007-0174
+ NOT-FOR-US: Sina UC2006
+CVE-2007-0173
+ NOT-FOR-US: L2J Statistik Script
+CVE-2007-0172
+ NOT-FOR-US: AllMyGuest
+CVE-2007-0171
+ NOT-FOR-US: AllMyLinks
+CVE-2007-0170
+ NOT-FOR-US: AllmyVisitors
CVE-2007-0169
- RESERVED
+ TODO: check
CVE-2007-0168
- RESERVED
+ TODO: check
CVE-2007-0167 (Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search ...)
TODO: check
CVE-2007-0166
@@ -445,10 +445,10 @@
CVE-2007-XXXX [drupal DoS]
- drupal 4.7.5-1 (low)
NOTE: DRUPAL-SA-2007-002
-CVE-2007-0106 WordPress Trackback Charset Decoding SQL Injection Vulnerability
+CVE-2007-0106 (Cross-site scripting (XSS) vulnerability in the CSRF protection scheme ...)
- wordpress 2.0.6-1 (bug #405691; medium)
NOTE: http://www.hardened-php.net/advisory_022007.141.html
-CVE-2007-0107 WordPress CSRF Protection XSS Vulnerability
+CVE-2007-0107 (WordPress before 2.0.6, when mbstring is enabled for PHP, decodes ...)
- wordpress 2.0.6-1 (bug #405691; medium)
NOTE: http://www.hardened-php.net/advisory_012007.140.html
CVE-2007-0050 (** DISPUTED ** ...)
More information about the Secure-testing-commits
mailing list