[Secure-testing-commits] r6140 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Fri Jul 13 09:14:08 UTC 2007
Author: joeyh
Date: 2007-07-13 09:14:07 +0000 (Fri, 13 Jul 2007)
New Revision: 6140
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-13 05:55:06 UTC (rev 6139)
+++ data/CVE/list 2007-07-13 09:14:07 UTC (rev 6140)
@@ -1,3 +1,175 @@
+CVE-2007-3761
+ RESERVED
+CVE-2007-3760
+ RESERVED
+CVE-2007-3759
+ RESERVED
+CVE-2007-3758
+ RESERVED
+CVE-2007-3757
+ RESERVED
+CVE-2007-3756
+ RESERVED
+CVE-2007-3755
+ RESERVED
+CVE-2007-3754
+ RESERVED
+CVE-2007-3753
+ RESERVED
+CVE-2007-3752
+ RESERVED
+CVE-2007-3751
+ RESERVED
+CVE-2007-3750
+ RESERVED
+CVE-2007-3749
+ RESERVED
+CVE-2007-3748
+ RESERVED
+CVE-2007-3747
+ RESERVED
+CVE-2007-3746
+ RESERVED
+CVE-2007-3745
+ RESERVED
+CVE-2007-3744
+ RESERVED
+CVE-2007-3743
+ RESERVED
+CVE-2007-3742
+ RESERVED
+CVE-2007-3741
+ RESERVED
+CVE-2007-3740
+ RESERVED
+CVE-2007-3739
+ RESERVED
+CVE-2007-3738
+ RESERVED
+CVE-2007-3737
+ RESERVED
+CVE-2007-3736
+ RESERVED
+CVE-2007-3735
+ RESERVED
+CVE-2007-3734
+ RESERVED
+CVE-2007-3733
+ RESERVED
+CVE-2007-3732
+ RESERVED
+CVE-2007-3731
+ RESERVED
+CVE-2007-3730 (The default configuration of the POP server in TCP/IP Services 5.6 for ...)
+ TODO: check
+CVE-2007-3729 (The default configuration of the POP server in TCP/IP Services 5.6 for ...)
+ TODO: check
+CVE-2007-3728 (Buffer overflow in lib/silcclient/client_notify.c of SILC Client and ...)
+ TODO: check
+CVE-2007-3727 (Multiple unspecified vulnerabilities in Webmatic before 2.7 have ...)
+ TODO: check
+CVE-2007-3726 (Integer signedness error in the SET_VALUE function in rarvm.cpp in ...)
+ TODO: check
+CVE-2007-3725 (The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows ...)
+ TODO: check
+CVE-2007-3724 (The process scheduler in the Microsoft Windows XP kernel does not make ...)
+ TODO: check
+CVE-2007-3723 (The process scheduler in the Sun Solaris kernel does not make use of ...)
+ TODO: check
+CVE-2007-3722 (The 4BSD process scheduler in the FreeBSD kernel performs scheduling ...)
+ TODO: check
+CVE-2007-3721 (The ULE process scheduler in the FreeBSD kernel gives preference to ...)
+ TODO: check
+CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs scheduling ...)
+ TODO: check
+CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to ...)
+ TODO: check
+CVE-2007-3718 (Multiple unspecified vulnerabilities in the SVG parsing engine in ...)
+ TODO: check
+CVE-2007-3717 (rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call ...)
+ TODO: check
+CVE-2007-3716 (The Java XML Digital Signature implementation in Sun JDK and JRE 6 ...)
+ TODO: check
+CVE-2007-3715 (Sun Java System Application Server and Web Server 7.0 through 9.0 ...)
+ TODO: check
+CVE-2007-3714 (Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 ...)
+ TODO: check
+CVE-2007-3713 (Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow ...)
+ TODO: check
+CVE-2007-3712 (Multiple cross-site scripting (XSS) vulnerabilities in HiddenChest "is ...)
+ TODO: check
+CVE-2007-3711 (Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x ...)
+ TODO: check
+CVE-2007-3710 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2007-3709 (CRLF injection vulnerability in the redirect function in ...)
+ TODO: check
+CVE-2007-3708 (Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before ...)
+ TODO: check
+CVE-2007-3707 (Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 ...)
+ TODO: check
+CVE-2007-3706 (The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 ...)
+ TODO: check
+CVE-2007-3705 (SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to ...)
+ TODO: check
+CVE-2007-3704 (Entertainment CMS allows remote attackers to bypass authentication and ...)
+ TODO: check
+CVE-2007-3703 (Stack-based buffer overflow in a certain ActiveX control in sasatl.dll ...)
+ TODO: check
+CVE-2007-3702 (Directory traversal vulnerability in the load function in ...)
+ TODO: check
+CVE-2007-3701 (TippingPoint IPS before 20070710 does not properly handle a ...)
+ TODO: check
+CVE-2007-3700 (Sun Java System Access Manager (formerly Java System Identity Server) ...)
+ TODO: check
+CVE-2007-3699
+ RESERVED
+CVE-2007-3698 (The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 ...)
+ TODO: check
+CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in ...)
+ TODO: check
+CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model ...)
+ TODO: check
+CVE-2007-3695 (Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly ...)
+ TODO: check
+CVE-2007-3694
+ RESERVED
+CVE-2007-3693 (Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built ...)
+ TODO: check
+CVE-2007-3692 (Directory traversal vulnerability in download.cgi in EZFactory KDDI ...)
+ TODO: check
+CVE-2007-3691 (Multiple SQL injection vulnerabilities in changePW.php in AV Tutorial ...)
+ TODO: check
+CVE-2007-3690 (The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal ...)
+ TODO: check
+CVE-2007-3689 (The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal ...)
+ TODO: check
+CVE-2007-3688 (Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear ...)
+ TODO: check
+CVE-2007-3687 (SQL injection vulnerability in inferno.php in the Inferno Technologies ...)
+ TODO: check
+CVE-2007-3686 (CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating ...)
+ TODO: check
+CVE-2007-3685 (Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive ...)
+ TODO: check
+CVE-2007-3684 (Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating ...)
+ TODO: check
+CVE-2007-3683 (SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and ...)
+ TODO: check
+CVE-2007-3682 (SQL injection vulnerability in index.php in OpenLD 1.2.2 and earlier ...)
+ TODO: check
+CVE-2007-3681 (The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in ...)
+ TODO: check
+CVE-2007-3680 (Stack-based buffer overflow in the odm_searchpath function in libodm ...)
+ TODO: check
+CVE-2007-3679
+ RESERVED
+CVE-2007-3678 (Stack-based buffer overflow in the MSWord text-import extension (Word ...)
+ TODO: check
+CVE-2007-3677 (Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow ...)
+ TODO: check
+CVE-1999-1592 (Multiple unspecified vulnerabilities in sendmail 5, as installed on ...)
+ TODO: check
CVE-2007-3676
RESERVED
CVE-2007-3675
@@ -68,7 +240,7 @@
- libarchive <unfixed> (bug #432924; low)
CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative privileges ...)
TODO: check
-CVE-2007-3642 (The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c ...)
+CVE-2007-3642 (The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c ...)
TODO: check
CVE-2007-3641
RESERVED
@@ -382,8 +554,8 @@
TODO: check
CVE-2007-3510
RESERVED
-CVE-2007-3509
- RESERVED
+CVE-2007-3509 (Heap-based buffer overflow in the RPC subsystem in Symantec Backup ...)
+ TODO: check
CVE-2007-3508 (** DISPUTED ** ...)
- glibc 2.6-2 (unimportant; bug #431858)
NOTE: Not security-relevant
@@ -395,7 +567,7 @@
[etch] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
CVE-2007-3505 (Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 ...)
NOT-FOR-US: QuickTalk forum
-CVE-2007-3504 (Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java ...)
+CVE-2007-3504 (Directory traversal vulnerability in the PersistenceService in Sun ...)
- sun-java5 <not-affected>
NOTE: Sun Alert ID 102957 says issue is Windows only
CVE-2007-3503 (The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML ...)
@@ -502,10 +674,10 @@
NOT-FOR-US: Civitech Avax Vector
CVE-2007-3458 (The libsldap library in Sun Solaris 8, 9, and 10 allows local users to ...)
NOT-FOR-US: Sun Solaris libsldap
-CVE-2007-3457
- RESERVED
-CVE-2007-3456
- RESERVED
+CVE-2007-3457 (Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP ...)
+ TODO: check
+CVE-2007-3456 (Unspecified vulnerability in Adobe Flash Player 9.0.45.0 and earlier ...)
+ TODO: check
CVE-2006-7214 (Multiple unspecified vulnerabilities in Firebird 1.5 allow remote ...)
- firebird1.5 <unfixed> (bug filed)
- firebird2 <removed>
@@ -4412,7 +4584,7 @@
TODO: check
CVE-2007-1755
RESERVED
-CVE-2007-1754 (Microsoft Office Publisher 2007 does not properly clear memory when ...)
+CVE-2007-1754 (PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear ...)
TODO: check
CVE-2007-1753
RESERVED
@@ -12760,14 +12932,14 @@
- snort <not-affected> (snort versions 2.3.x do not contain the DCE RPC preprocessor)
CVE-2006-5275
RESERVED
-CVE-2006-5274
- RESERVED
-CVE-2006-5273
- RESERVED
-CVE-2006-5272
- RESERVED
-CVE-2006-5271
- RESERVED
+CVE-2006-5274 (Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...)
+ TODO: check
+CVE-2006-5273 (Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...)
+ TODO: check
+CVE-2006-5272 (Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...)
+ TODO: check
+CVE-2006-5271 (Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...)
+ TODO: check
CVE-2006-5270 (Integer overflow in the Microsoft Malware Protection Engine ...)
NOT-FOR-US: Microsoft
CVE-2006-5269
@@ -27940,7 +28112,8 @@
REJECTED
CVE-2005-3562
REJECTED
-CVE-2005-3561 ( ...)
+CVE-2005-3561
+ REJECTED
NOT-FOR-US: ATutor
CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite ...)
NOT-FOR-US: Zone Labs
More information about the Secure-testing-commits
mailing list