[Secure-testing-commits] r5341 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Jan 24 09:14:15 CET 2007 

Author: joeyh
Date: 2007-01-24 09:14:12 +0100 (Wed, 24 Jan 2007)
New Revision: 5341

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-01-23 22:44:01 UTC (rev 5340)
+++ data/CVE/list	2007-01-24 08:14:12 UTC (rev 5341)
@@ -1,3 +1,77 @@
+CVE-2007-0471 (sre/params.php in Check Point Connectra NGX R62 and earlier allows ...)
+	TODO: check
+CVE-2007-0470 (Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and ...)
+	TODO: check
+CVE-2007-0469 (The extract_files function in installer.rb in RubyGems before 0.9.1 ...)
+	TODO: check
+CVE-2007-0468 (Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ ...)
+	TODO: check
+CVE-2007-0467
+	RESERVED
+CVE-2007-0466
+	RESERVED
+CVE-2007-0465
+	RESERVED
+CVE-2007-0464
+	RESERVED
+CVE-2007-0463
+	RESERVED
+CVE-2007-0462
+	RESERVED
+CVE-2007-0461 (Multiple memory leaks in the Dazuko anti-virus helper module before ...)
+	TODO: check
+CVE-2007-0460 (Buffer overflow in ulogd for SUSE Linux 9.3 up to 10.1, and possibly ...)
+	TODO: check
+CVE-2007-0459
+	RESERVED
+CVE-2007-0458
+	RESERVED
+CVE-2007-0457
+	RESERVED
+CVE-2007-0456
+	RESERVED
+CVE-2007-0455
+	RESERVED
+CVE-2007-0454
+	RESERVED
+CVE-2007-0453
+	RESERVED
+CVE-2007-0452
+	RESERVED
+CVE-2007-0451
+	RESERVED
+CVE-2007-0450
+	RESERVED
+CVE-2007-0449 (Multiple buffer overflows in CA BrightStor ARCserve Backup for Laptops ...)
+	TODO: check
+CVE-2007-0448
+	RESERVED
+CVE-2007-0447
+	RESERVED
+CVE-2007-0446
+	RESERVED
+CVE-2007-0445
+	RESERVED
+CVE-2007-0444
+	RESERVED
+CVE-2007-0443
+	RESERVED
+CVE-2007-0442 (Unspecified vulnerability in IBM OS/400 R530 and R535 has unknown ...)
+	TODO: check
+CVE-2007-0441 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
+	TODO: check
+CVE-2007-0440
+	RESERVED
+CVE-2007-0439
+	RESERVED
+CVE-2007-0438
+	RESERVED
+CVE-2007-0437
+	RESERVED
+CVE-2007-0436
+	RESERVED
+CVE-2005-4824 (PHP remote file inclusion vulnerability in web/classes.php in ...)
+	TODO: check
 CVE-2007-0435 (T-Com Speedport 500V routers with firmware 1.31 allow remote attackers ...)
 	NOT-FOR-US: T-Com Speedport
 CVE-2007-0434 (BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 ...)
@@ -367,7 +441,7 @@
 	NOT-FOR-US: Oracle
 CVE-2007-0276 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0275 (Unspecified vulnerability in Oracle Workflow Cartridge, as used in ...)
+CVE-2007-0275 (Cross-site scripting (XSS) vulnerability in Oracle Reports Web ...)
 	NOT-FOR-US: Oracle
 CVE-2007-0274 (Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and ...)
 	NOT-FOR-US: Oracle
@@ -1107,14 +1181,14 @@
 	RESERVED
 CVE-2007-0024 (Integer overflow in the Vector Markup Language (VML) implementation ...)
 	NOT-FOR-US: Microsoft IE
-CVE-2007-0023
-	RESERVED
+CVE-2007-0023 (The CFUserNotificationSendRequest function in ...)
+	TODO: check
 CVE-2007-0022 (Untrusted search path vulnerability in writeconfig in Apple Mac OS X ...)
 	TODO: check
 CVE-2007-0021 (Format string vulnerability in Apple iChat 3.1.6 allows remote ...)
 	TODO: check
-CVE-2007-0020
-	RESERVED
+CVE-2007-0020 (Heap-based buffer overflow in the SFTP protocol handler for Panic ...)
+	TODO: check
 CVE-2007-0019 (Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and ...)
 	NOT-FOR-US: Maxum Rumpus
 CVE-2007-0018
@@ -1593,8 +1667,7 @@
 	RESERVED
 CVE-2007-0004
 	RESERVED
-CVE-2007-0003 [pam missing len check]
-	RESERVED
+CVE-2007-0003 (pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers ...)
 	- pam <not-affected> (Only pam 0.99.7 affected)
 CVE-2007-0002
 	RESERVED
@@ -7275,7 +7348,7 @@
 	NOT-FOR-US: Calendarix
 CVE-2006-4134 (Unspecified vulnerability related to a &quot;design flaw&quot; in SAP Internet ...)
 	NOT-FOR-US: SAP
-CVE-2006-4133 (Buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and ...)
+CVE-2006-4133 (Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 ...)
 	NOT-FOR-US: SAP
 CVE-2006-4132 (ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and ...)
 	NOT-FOR-US: ArcSoft MMS Composer
@@ -35644,7 +35717,7 @@
 	NOT-FOR-US: Xlight FTP server 1.52; 
 CVE-2004-0286 (Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote ...)
 	NOT-FOR-US: RobotFTP; 
-CVE-2004-0285 (PHP remote file inclusion vulnerabilities in (1) AllMyVisitors, (2) ...)
+CVE-2004-0285 (PHP remote file inclusion vulnerabilities in include/footer.inc.php in ...)
 	NOT-FOR-US: PHP scripts 
 CVE-2004-0284 (Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow ...)
 	NOT-FOR-US: MSIE bugs

More information about the Secure-testing-commits mailing list