[Secure-testing-commits] r5387 - data/CVE
Alex de Oliveira Silva
enerv-guest at alioth.debian.org
Tue Jan 30 14:15:19 CET 2007
Author: enerv-guest
Date: 2007-01-30 14:15:15 +0100 (Tue, 30 Jan 2007)
New Revision: 5387
Modified:
data/CVE/list
Log:
some NFUs and issues.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-30 11:33:39 UTC (rev 5386)
+++ data/CVE/list 2007-01-30 13:15:15 UTC (rev 5387)
@@ -31,11 +31,11 @@
CVE-2007-0542 (Cross-site scripting (XSS) vulnerability in show.php in 212cafe ...)
TODO: check
CVE-2007-0541 (WordPress allows remote attackers to determine the existence of ...)
- TODO: check
+ - wordpress 2.1.0-1 (low)
CVE-2007-0540 (WordPress allows remote attackers to cause a denial of service ...)
- TODO: check
+ - wordpress 2.1.0-1 (low)
CVE-2007-0539 (WordPress before 2.1 allows remote attackers to cause a denial of ...)
- TODO: check
+ - wordpress 2.1.0-1 (low)
CVE-2007-0538 (Telligent Community Server 2.1 and earlier allows remote attackers to ...)
TODO: check
CVE-2007-0537 (Konqueror 3.5.5 does not properly parse HTML comments, which allows ...)
@@ -65,13 +65,13 @@
CVE-2007-0525 (Multiple buffer overflows in Nickolas Grigoriadis Mini Web server ...)
TODO: check
CVE-2007-0524 (The LG Chocolate KG800 phone allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2007-0523 (The Nokia N70 phone allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Nokia
CVE-2007-0522 (The Motorola MOTORAZR V3 phone allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2007-0521 (The Sony Ericsson K700i and W810i phones allow remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Sony Ericsson
CVE-2007-0520 (SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x ...)
TODO: check
CVE-2007-0519 (Cross-site scripting (XSS) vulnerability in memcp.php in XMB U2U ...)
@@ -125,35 +125,35 @@
CVE-2007-0492 (Multiple SQL injection vulnerabilities in gallery.php in webSPELL ...)
TODO: check
CVE-2007-0491 (PHP remote file inclusion vulnerability in up.php in Sky GUNNING ...)
- TODO: check
+ NOT-FOR-US: MySpeach
CVE-2007-0490 (index.php in Open-Realty 2.3.4 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Open-Realty
CVE-2007-0489 (PHP remote file inclusion vulnerability in ...)
TODO: check
CVE-2007-0488 (The Huawei Versatile Routing Platform 1.43 2500E-003 firmware on the ...)
TODO: check
CVE-2007-0487 (PHP remote file inclusion vulnerability in index.php in FreeForum ...)
- TODO: check
+ NOT-FOR-US: FreeForum
CVE-2007-0486 (Multiple PHP remote file inclusion vulnerabilities in Openads (aka ...)
- TODO: check
+ NOT-FOR-US: Openads
CVE-2007-0485 (PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 ...)
TODO: check
CVE-2007-0484 (Multiple SQL injection vulnerabilities in Enthusiast 3.1 allow remote ...)
- TODO: check
+ NOT-FOR-US: ReviewPost
CVE-2007-0483 (Multiple cross-site scripting (XSS) vulnerabilities in Enthusiast 3.1 ...)
- TODO: check
+ NOT-FOR-US: ReviewPost
CVE-2007-0482 (cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 ...)
- TODO: check
+ NOT-FOR-US: Sun
CVE-2007-0481 (Cisco IOS allows remote attackers to cause a denial of service (crash) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-0480 (Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-0479 (Memory leak in the TCP listener in Cisco IOS 9.x, 10.x, 11.x, and 12.x ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-0478 (Apple Safari does not properly parse HTML comments, which allows ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2007-0477 (Cross-site scripting (XSS) vulnerability in Openads before 2.3.31 (aka ...)
- TODO: check
+ NOT-FOR-US: Openads
CVE-2007-0476 (The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, ...)
TODO: check
CVE-2007-0475
@@ -165,37 +165,38 @@
CVE-2007-0472
RESERVED
CVE-2006-6965 (CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki ...)
- TODO: check
+ - dokuwiki 0.0.20061106-1 (low)
CVE-2006-6964 (MailEnable Professional before 1.78 provides a cleartext user password ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2006-6963 (Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 3.0.3 ...)
- TODO: check
+ NOT-FOR-US: Docebo
CVE-2006-6962 (PHP remote file inclusion vulnerability in rsgallery2.html.php in the ...)
- TODO: check
+ NOT-FOR-US: RS Gallery2
CVE-2006-6961 (WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on ...)
- TODO: check
+ NOT-FOR-US: WebRoot Spy Sweeper
CVE-2006-6960 (The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier ...)
- TODO: check
+ NOT-FOR-US: WebRoot Spy Sweeper
CVE-2006-6959 (WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the ...)
- TODO: check
+ NOT-FOR-US: WebRoot Spy Sweeper
CVE-2006-6958 (Multiple PHP remote file inclusion vulnerabilities in phpBlueDragon ...)
- TODO: check
+ NOT-FOR-US: phpBlueDragon CMS
CVE-2006-6957 (PHP remote file inclusion vulnerability in addons/mod_media/body.php ...)
- TODO: check
+ NOT-FOR-US: Docebo
CVE-2006-6956 (Microsoft Internet Explorer allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-6955 (Opera allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2006-6954 (Flock beta 1 0.7 allows remote attackers to cause a denial of service ...)
- TODO: check
+ TODO: check iceweasel
+ NOTE: Tested the proof of concept in iceweasel 2.0.0.1 and it crash.
CVE-2006-6953 (The virtual keyboard implementation in GlobeTrotter Mobility Manager ...)
- TODO: check
+ NOT-FOR-US: GlobeTrotter Mobility Manager
CVE-2006-6952 (Computer Associates Host Intrusion Prevention System (HIPS) drivers ...)
- TODO: check
+ NOT-FOR-US: Computer Associates (CA)
CVE-2005-4825 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2004-2676 (The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy ...)
- TODO: check
+ NOT-FOR-US: WebRoot Spy Sweeper
CVE-2007-0508 (PHP remote file inclusion vulnerability in lib/selectlang.php in ...)
- bbclone <unfixed> (bug #408839; medium)
CVE-2007-XXXX [hinfo code injection]
More information about the Secure-testing-commits
mailing list