[Secure-testing-commits] r6179 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Thu Jul 26 21:14:08 UTC 2007
Author: joeyh
Date: 2007-07-26 21:14:07 +0000 (Thu, 26 Jul 2007)
New Revision: 6179
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-26 21:02:44 UTC (rev 6178)
+++ data/CVE/list 2007-07-26 21:14:07 UTC (rev 6179)
@@ -1,3 +1,304 @@
+CVE-2007-5645
+ REJECTED
+ TODO: check
+CVE-2007-4018 (Citrix Access Gateway Advanced Edition before firmware 4.5.5 allows ...)
+ TODO: check
+CVE-2007-4017 (Cross-site request forgery (CSRF) vulnerability in the web-based ...)
+ TODO: check
+CVE-2007-4016 (Unspecified vulnerability in the client components in Citrix Access ...)
+ TODO: check
+CVE-2007-4015 (Citrix Access Gateway Advanced Edition before 4.5 HF1 allows attackers ...)
+ TODO: check
+CVE-2007-4014 (Cross-site scripting (XSS) vulnerability in a certain index.php ...)
+ TODO: check
+CVE-2007-4013 (Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka ...)
+ TODO: check
+CVE-2007-4012 (Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 ...)
+ TODO: check
+CVE-2007-4011 (Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 ...)
+ TODO: check
+CVE-2007-4010 (The win32std extension in PHP 5.2.3 does not follow safe_mode and ...)
+ TODO: check
+CVE-2007-4009 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2007-4008 (Directory traversal vulnerability in custom.php in Entertainment CMS ...)
+ TODO: check
+CVE-2007-4007 (PHP remote file inclusion vulnerability in index.php in Article ...)
+ TODO: check
+CVE-2007-4006 (Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has ...)
+ TODO: check
+CVE-2007-4005 (Stack-based buffer overflow in Mike Dubman Windows RSH daemon (rshd) ...)
+ TODO: check
+CVE-2007-4004
+ RESERVED
+CVE-2007-4003
+ RESERVED
+CVE-2007-4002
+ RESERVED
+CVE-2007-4001
+ RESERVED
+CVE-2007-4000
+ RESERVED
+CVE-2007-3999
+ RESERVED
+CVE-2007-3998
+ RESERVED
+CVE-2007-3997
+ RESERVED
+CVE-2007-3996
+ RESERVED
+CVE-2007-3995
+ RESERVED
+CVE-2007-3994
+ RESERVED
+CVE-2007-3993 (Unspecified vulnerability in the attachment filter in Kerio MailServer ...)
+ TODO: check
+CVE-2007-3992 (SQL injection vulnerability in vir_login.asp in iExpress Property Pro ...)
+ TODO: check
+CVE-2007-3991 (Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp ...)
+ TODO: check
+CVE-2007-3990 (SQL injection vulnerability in default.asp in Dora Emlak 1.0, when the ...)
+ TODO: check
+CVE-2007-3989 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in ...)
+ TODO: check
+CVE-2007-3988 (Session fixation vulnerability in Virtual Hosting Control System ...)
+ TODO: check
+CVE-2007-3987 (SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, ...)
+ TODO: check
+CVE-2007-3986 (file.cgi in Secure Computing SecurityReporter (aka Network Security ...)
+ TODO: check
+CVE-2007-3985 (Directory traversal vulnerability in file.cgi in Secure Computing ...)
+ TODO: check
+CVE-2007-3984 (Buffer overflow in a certain ActiveX control in the NixonMyPrograms ...)
+ TODO: check
+CVE-2007-3983 (Absolute path traversal vulnerability in the Data Dynamics ...)
+ TODO: check
+CVE-2007-3982 (Absolute path traversal vulnerability in the Data Dynamics ...)
+ TODO: check
+CVE-2007-3981 (SQL injection vulnerability in index.php in WSN Links Basic Edition ...)
+ TODO: check
+CVE-2007-3980 (PHP remote file inclusion vulnerability in page.php in RCMS Pro ...)
+ TODO: check
+CVE-2007-3979 (SQL injection vulnerability in index.php in BlogSite Professional (aka ...)
+ TODO: check
+CVE-2007-3978 (Session fixation vulnerability in bwired allows remote attackers to ...)
+ TODO: check
+CVE-2007-3977 (Cross-site scripting (XSS) vulnerability in bwired allows remote ...)
+ TODO: check
+CVE-2007-3976 (SQL injection vulnerability in index.php in bwired allows remote ...)
+ TODO: check
+CVE-2007-3975 (Cross-site scripting (XSS) vulnerability in index.php in Elite Forum ...)
+ TODO: check
+CVE-2007-3974 (admin/ajoutaut.php in JBlog 1.0 does not require authentication, which ...)
+ TODO: check
+CVE-2007-3973 (Multiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0 allow ...)
+ TODO: check
+CVE-2007-3972 (ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a ...)
+ TODO: check
+CVE-2007-3971 (Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote ...)
+ TODO: check
+CVE-2007-3970 (Race condition in ESET NOD32 Antivirus before 2.2289 allows remote ...)
+ TODO: check
+CVE-2007-3969 (Buffer overflow in Panda Antivirus before 20070720 allows remote ...)
+ TODO: check
+CVE-2007-3968 (index.php in dirLIST before 0.1.1 allows remote attackers to list the ...)
+ TODO: check
+CVE-2007-3967 (Directory traversal vulnerability in index.php in PHP Directory Lister ...)
+ TODO: check
+CVE-2007-3966 (SQL injection vulnerability in Munch Pro allows remote attackers to ...)
+ TODO: check
+CVE-2007-3965 (Unspecified vulnerability in uFMOD before 1.2.5 has unknown impact and ...)
+ TODO: check
+CVE-2007-3964 (Itaka before 0.2.1, when using Authentication mode, allows remote ...)
+ TODO: check
+CVE-2007-3963 (Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, ...)
+ TODO: check
+CVE-2007-3962 (Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 ...)
+ TODO: check
+CVE-2007-3961 (Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib ...)
+ TODO: check
+CVE-2007-3960 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...)
+ TODO: check
+CVE-2007-3959 (The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier ...)
+ TODO: check
+CVE-2007-3958 (Microsoft Windows Explorer (explorer.exe) allows user-assisted remote ...)
+ TODO: check
+CVE-2007-3957 (Buffer overflow in Nipun Jain xserver 0.1 alpha allows remote ...)
+ TODO: check
+CVE-2007-3956 (TeamSpeak WebServer 2.0 for Windows does not validate parameter value ...)
+ TODO: check
+CVE-2007-3955 (Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in ...)
+ TODO: check
+CVE-2007-3954 (Argument injection vulnerability in Microsoft Internet Explorer, when ...)
+ TODO: check
+CVE-2007-3953 (The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote ...)
+ TODO: check
+CVE-2007-3952 (The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote ...)
+ TODO: check
+CVE-2007-3951 (Multiple buffer overflows in Norman Antivirus 5.90 allow remote ...)
+ TODO: check
+CVE-2007-3950 (lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers ...)
+ TODO: check
+CVE-2007-3949 (mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters ...)
+ TODO: check
+CVE-2007-3948 (connections.c in lighttpd before 1.4.16 might accept more connections ...)
+ TODO: check
+CVE-2007-3947 (request.c in lighttpd 1.4.15 allows remote attackers to cause a denial ...)
+ TODO: check
+CVE-2007-3946 (mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote ...)
+ TODO: check
+CVE-2007-3945 (Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly ...)
+ TODO: check
+CVE-2007-3944 (Unspecified vulnerability in Safari (MobileSafari) on the Apple iPhone ...)
+ TODO: check
+CVE-2007-3943 (SQL injection vulnerability in Infinite Responder before 1.48 allows ...)
+ TODO: check
+CVE-2007-3942 (** DISPUTED ** ...)
+ TODO: check
+CVE-2007-3941 (Cross-site scripting (XSS) vulnerability in profile.php in Jasmine CMS ...)
+ TODO: check
+CVE-2007-3940 (Cross-site scripting (XSS) vulnerability in default.asp in QuickerSite ...)
+ TODO: check
+CVE-2007-3939 (SQL injection vulnerability in index.php in SpoonLabs Vivvo Article ...)
+ TODO: check
+CVE-2007-3938 (SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) ...)
+ TODO: check
+CVE-2007-3937 (Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier ...)
+ TODO: check
+CVE-2007-3936 (Directory traversal vulnerability in admin/filebrowser.asp in A-shop ...)
+ TODO: check
+CVE-2007-3935 (PHP remote file inclusion vulnerability in link_main.php in the ...)
+ TODO: check
+CVE-2007-3934 (PHP remote file inclusion vulnerability in postscript/postscript.php ...)
+ TODO: check
+CVE-2007-3933 (SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and ...)
+ TODO: check
+CVE-2007-3932 (uploadimg.php in the Expose RC35 and earlier (com_expose) component ...)
+ TODO: check
+CVE-2007-3931 (The wrap_setuid_third_party_application function in the installation ...)
+ TODO: check
+CVE-2007-3930 (Interpretation conflict between Microsoft Internet Explorer and ...)
+ TODO: check
+CVE-2007-3929 (Use-after-free vulnerability in the BitTorrent support in Opera before ...)
+ TODO: check
+CVE-2007-3928 (Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote ...)
+ TODO: check
+CVE-2007-3927 (Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 ...)
+ TODO: check
+CVE-2007-3926 (Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to ...)
+ TODO: check
+CVE-2007-3925 (Multiple buffer overflows in the IMAP service (imapd32.exe) in ...)
+ TODO: check
+CVE-2007-3924 (Argument injection vulnerability in Microsoft Internet Explorer, when ...)
+ TODO: check
+CVE-2007-3923 (The Common Internet File System (CIFS) optimization in Cisco Wide Area ...)
+ TODO: check
+CVE-2007-3922 (Unspecified vulnerability in the Java Runtime Environment (JRE) Applet ...)
+ TODO: check
+CVE-2007-3921
+ RESERVED
+CVE-2007-3920
+ RESERVED
+CVE-2007-3919
+ RESERVED
+CVE-2007-3918
+ RESERVED
+CVE-2007-3917
+ RESERVED
+CVE-2007-3916
+ RESERVED
+CVE-2007-3915
+ RESERVED
+CVE-2007-3914
+ RESERVED
+CVE-2007-3913
+ RESERVED
+CVE-2007-3912
+ RESERVED
+CVE-2007-3911
+ RESERVED
+CVE-2007-3910 (Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows ...)
+ TODO: check
+CVE-2007-3909 (Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow ...)
+ TODO: check
+CVE-2007-3908 (Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat ...)
+ TODO: check
+CVE-2007-3907 (Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 ...)
+ TODO: check
+CVE-2007-3906 (Unspecified vulnerability in Kaspersky Anti-Virus for Check Point ...)
+ TODO: check
+CVE-2007-3905 (SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote ...)
+ TODO: check
+CVE-2007-3904
+ RESERVED
+CVE-2007-3903
+ RESERVED
+CVE-2007-3902
+ RESERVED
+CVE-2007-3901
+ RESERVED
+CVE-2007-3900
+ RESERVED
+CVE-2007-3899
+ RESERVED
+CVE-2007-3898
+ RESERVED
+CVE-2007-3897
+ RESERVED
+CVE-2007-3896
+ RESERVED
+CVE-2007-3895
+ RESERVED
+CVE-2007-3894
+ RESERVED
+CVE-2007-3893
+ RESERVED
+CVE-2007-3892
+ RESERVED
+CVE-2007-3891
+ RESERVED
+CVE-2007-3890
+ RESERVED
+CVE-2007-3889 (Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and ...)
+ TODO: check
+CVE-2007-3888 (Multiple cross-site scripting (XSS) vulnerabilities in Insanely Simple ...)
+ TODO: check
+CVE-2007-3887 (Multiple cross-site scripting (XSS) vulnerabilities in mesaj_formu.asp ...)
+ TODO: check
+CVE-2007-3886 (Cross-site scripting (XSS) vulnerability in default.asp in Element CMS ...)
+ TODO: check
+CVE-2007-3885 (Cross-site scripting (XSS) vulnerability in philboard_search.asp in ...)
+ TODO: check
+CVE-2007-3884 (SQL injection vulnerability in philboard_forum.asp in husrevforum ...)
+ TODO: check
+CVE-2007-3883 (The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.1 and ...)
+ TODO: check
+CVE-2007-3882 (SQL injection vulnerability in index.php in Expert Advisor allows ...)
+ TODO: check
+CVE-2007-3881 (SQL injection vulnerability in index.php in Pictures Rating (Picture ...)
+ TODO: check
+CVE-2007-3880
+ RESERVED
+CVE-2007-3879
+ RESERVED
+CVE-2007-3878
+ RESERVED
+CVE-2007-3877
+ RESERVED
+CVE-2007-3876
+ RESERVED
+CVE-2007-3875 (arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) ...)
+ TODO: check
+CVE-2007-3874
+ RESERVED
+CVE-2007-3873
+ RESERVED
+CVE-2007-3872
+ RESERVED
+CVE-2007-3871
+ RESERVED
+CVE-2006-7221 (Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow ...)
+ TODO: check
CVE-2007-XXXX [asterisk DoS in IAX2 channel driver]
- asterisk 1:1.4.9~dfsg-1
NOTE: ASA-2007-018
@@ -27,7 +328,7 @@
TODO: check
CVE-2007-3859 (Unspecified vulnerability in the Oracle Internet Directory component ...)
TODO: check
-CVE-2007-3858 (Multiple unspecified vulnerabilities in in Oracle Database 10.2.0.3 ...)
+CVE-2007-3858 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow ...)
TODO: check
CVE-2007-3857 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow ...)
TODO: check
@@ -93,8 +394,8 @@
TODO: check
CVE-2007-3826 (Microsoft Internet Explorer 7 on Windows XP SP2 allows remote ...)
TODO: check
-CVE-2007-3825
- RESERVED
+CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation in ...)
+ TODO: check
CVE-2007-3824 (SQL injection vulnerability in katgoster.asp in MzK Blog (tr) allows ...)
TODO: check
CVE-2007-3823 (The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows ...)
@@ -413,8 +714,8 @@
TODO: check
CVE-2007-3680 (Stack-based buffer overflow in the odm_searchpath function in libodm ...)
TODO: check
-CVE-2007-3679
- RESERVED
+CVE-2007-3679 (The Citrix EPA ActiveX control (aka the "endpoint checking control" or ...)
+ TODO: check
CVE-2007-3678 (Stack-based buffer overflow in the MSWord text-import extension (Word ...)
TODO: check
CVE-2007-3677 (Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow ...)
@@ -716,8 +1017,8 @@
TODO: check
CVE-2007-3532
RESERVED
-CVE-2007-3531
- RESERVED
+CVE-2007-3531 (The set_default_speeds function in backend/backend.c in NVidia NVClock ...)
+ TODO: check
CVE-2007-3530 (PHPDirector 0.21 and earlier stores the admin account name and ...)
TODO: check
CVE-2007-3529 (videos.php in PHPDirector 0.21 and earlier allows remote attackers to ...)
@@ -1091,8 +1392,7 @@
RESERVED
CVE-2007-3384
RESERVED
-CVE-2007-3383 [XSS in Tomcat send mail example]
- RESERVED
+CVE-2007-3383 (Cross-site scripting (XSS) vulnerability in SendMailServlet in the ...)
- tomcat4 <removed> (low)
[sarge] - tomcat4 <no-dsa> (minor issue)
NOTE: affects example app in tomcat4-webapps
@@ -1100,8 +1400,8 @@
RESERVED
CVE-2007-3381
RESERVED
-CVE-2007-3380
- RESERVED
+CVE-2007-3380 (The Distributed Lock Manager (DLM) in the cluster manager for Linux ...)
+ TODO: check
CVE-2007-3379
RESERVED
CVE-2007-3378 (The (1) session_save_path and (2) ini_set functions in PHP 4.4.7 and ...)
@@ -1293,7 +1593,7 @@
NOT-FOR-US: MiniBill
CVE-2007-3305 (Heap-based buffer overflow in Cerulean Studios Trillian 3.x before ...)
NOT-FOR-US: Cerulean Studios Trillian
-CVE-2007-3304 (Apache httpd 1.3.37, and 2.2.4 with the Prefork MPM module, allows ...)
+CVE-2007-3304 (Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, ...)
- apache <removed> (low)
[etch] - apache <unfixed> (low)
[sarge] - apache <unfixed> (low)
@@ -1303,8 +1603,8 @@
CVE-2007-3303 (Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows ...)
- apache2 <unfixed> (unimportant)
NOTE: If you can execute arbitrary code, a DoS is not a problem.
-CVE-2007-3302
- RESERVED
+CVE-2007-3302 (The CallCode ActiveX control in caller.dll 3.0 before 20070713, and ...)
+ TODO: check
CVE-2007-3301 (SQL injection vulnerability in forum/include/error/autherror.cfm in ...)
NOT-FOR-US: FuseTalk
CVE-2007-3300 (Multiple F-Secure anti-virus products for Microsoft Windows and Linux ...)
@@ -1375,8 +1675,8 @@
NOT-FOR-US: phpMyInventory
CVE-2007-3269 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo Light 3.6 ...)
NOT-FOR-US: Papoo Light
-CVE-2007-3268
- RESERVED
+CVE-2007-3268 (The TFTP implementation in IBM Tivoli Provisioning Manager for OS ...)
+ TODO: check
CVE-2007-3267 (Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum ...)
NOT-FOR-US: Fuzzylime Forum
CVE-2007-3266 (Directory traversal vulnerability in webif.cgi in ifnet WEBIF allows ...)
@@ -1941,8 +2241,8 @@
NOT-FOR-US: Microsoft
CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows ...)
NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3026
- RESERVED
+CVE-2007-3026 (Integer overflow in Panda Software AdminSecure allows remote attackers ...)
+ TODO: check
CVE-2007-3025 (Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before ...)
- clamav <not-affected> (Solaris-specific bug)
CVE-2007-3024 (libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)
@@ -2112,8 +2412,8 @@
RESERVED
CVE-2007-2951 (The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc ...)
- kvirc <unfixed> (bug #434419; medium)
-CVE-2007-2950
- RESERVED
+CVE-2007-2950 (Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara ...)
+ TODO: check
CVE-2007-2949 (Integer overflow in the seek_to_and_unpack_pixeldata function in the ...)
{DSA-1335-1}
- gimp 2.2.16-1 (medium)
@@ -2164,10 +2464,10 @@
RESERVED
CVE-2007-2927
RESERVED
-CVE-2007-2926
- RESERVED
-CVE-2007-2925
- RESERVED
+CVE-2007-2926 (ISC BIND 9 through 9.5.0a5 uses a weak random number generator during ...)
+ TODO: check
+CVE-2007-2925 (The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and ...)
+ TODO: check
CVE-2007-2924 (Multiple buffer overflows in RealNetworks GameHouse dldisplay ActiveX ...)
NOT-FOR-US: RealNetworks GameHouse
CVE-2007-2923 (The launch method in the LocalExec ActiveX control (LocalExec.ocx) in ...)
@@ -5058,7 +5358,7 @@
NOT-FOR-US: IBM Lotus Domino
CVE-2007-1674 (Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in ...)
NOT-FOR-US: LANDesk Management Suite
-CVE-2007-1673 (unzoo.c allows remote attackers to cause a denial of service (infinite ...)
+CVE-2007-1673 (unzoo.c, as used in multiple products including AMaViS 2.4.1 and ...)
[sarge] - zoo <no-dsa> (Minor issue)
[etch] - zoo <no-dsa> (Minor issue)
- zoo 2.10-19 (bug #424686)
@@ -5071,7 +5371,7 @@
NOT-FOR-US: Avira
CVE-2007-1670 (Panda Software Antivirus before 20070402 allows remote attackers to ...)
NOT-FOR-US: Panda
-CVE-2007-1669 (Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, ...)
+CVE-2007-1669 (zoo decoder 2.10 (zoo-2.10), as used in multiple products including ...)
NOT-FOR-US: Barracuda
CVE-2007-1668
RESERVED
@@ -8846,11 +9146,11 @@
NOT-FOR-US: Oracle
CVE-2007-0273 (Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, ...)
NOT-FOR-US: Oracle
-CVE-2007-0272 (Unspecified vulnerability in Oracle Database 8.1.7.4, 9.0.1.5, ...)
+CVE-2007-0272 (Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, ...)
NOT-FOR-US: Oracle
CVE-2007-0271 (Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has ...)
NOT-FOR-US: Oracle
-CVE-2007-0270 (Unspecified vulnerability in Oracle Database 9.2.0.7 and 10.1.0.4 has ...)
+CVE-2007-0270 (Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and ...)
NOT-FOR-US: Oracle
CVE-2007-0269 (Unspecified vulnerability in Oracle Database 9.2.0.8, 10.1.0.5, and ...)
NOT-FOR-US: Oracle
@@ -9405,8 +9705,8 @@
RESERVED
CVE-2007-0061
RESERVED
-CVE-2007-0060
- RESERVED
+CVE-2007-0060 (Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in ...)
+ TODO: check
CVE-2007-0059 (Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 ...)
NOT-FOR-US: Apple Quicktime
CVE-2007-0058 (Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 ...)
@@ -15715,8 +16015,8 @@
NOT-FOR-US: Novell eDirectory
CVE-2006-4184 (SmartLine DeviceLock before 5.73 Build 305 does not properly enforce ...)
NOT-FOR-US: SmartLine DeviceLock
-CVE-2006-4183
- RESERVED
+CVE-2006-4183 (Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) ...)
+ TODO: check
CVE-2006-4182 (Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions ...)
{DSA-1196-1}
- clamav 0.88.5-1 (high; bug #393445)
@@ -28713,7 +29013,7 @@
NOTE: May have been fixed earlier, 2.99.51 was never uploaded to Debian.
CVE-2002-2197 (Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a ...)
NOT-FOR-US: Solaris
-CVE-2002-2196 (Samba 2.2.5 and earlier does not properly terminate the ...)
+CVE-2002-2196 (Samba before 2.2.5 does not properly terminate the ...)
- samba 2.2.5 (high)
CVE-2002-2195 (Buffer overflow in the version update check for Winamp 2.80 and ...)
NOT-FOR-US: Winamp
More information about the Secure-testing-commits
mailing list