[Secure-testing-commits] r6185 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Fri Jul 27 09:14:08 UTC 2007


Author: joeyh
Date: 2007-07-27 09:14:07 +0000 (Fri, 27 Jul 2007)
New Revision: 6185

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-07-26 22:50:31 UTC (rev 6184)
+++ data/CVE/list	2007-07-27 09:14:07 UTC (rev 6185)
@@ -1,3 +1,25 @@
+CVE-2007-4029 (libvorbis 1.1.2, and possibly other versions before 1.2.0, allows ...)
+	TODO: check
+CVE-2007-4028 (Absolute path traversal vulnerability in index.php in Webspell 4.01.02 ...)
+	TODO: check
+CVE-2007-4027 (Buffer overflow in cli32 in Areca CLI 1.72.250 and earlier might allow ...)
+	TODO: check
+CVE-2007-4026 (epesi framework before 0.8.6 does not properly verify file extensions, ...)
+	TODO: check
+CVE-2007-4025 (Unspecified vulnerability in Sun Java System (SJS) Application Server ...)
+	TODO: check
+CVE-2007-4024 (Cross-site scripting (XSS) vulnerability in W1L3D4_aramasonuc.asp in ...)
+	TODO: check
+CVE-2007-4023 (Cross-site scripting (XSS) vulnerability in the login CGI program in ...)
+	TODO: check
+CVE-2007-4022 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2007-4021 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+	TODO: check
+CVE-2007-4020 (Multiple cross-site scripting (XSS) vulnerabilities in login.php in ...)
+	TODO: check
+CVE-2007-4019
+	RESERVED
 CVE-2007-5645
 	REJECTED
 	TODO: check
@@ -29,10 +51,10 @@
 	TODO: check
 CVE-2007-4005 (Stack-based buffer overflow in Mike Dubman Windows RSH daemon (rshd) ...)
 	TODO: check
-CVE-2007-4004
-	RESERVED
-CVE-2007-4003
-	RESERVED
+CVE-2007-4004 (Buffer overflow in the ftp client in IBM AIX 5.3 SP6 allows local ...)
+	TODO: check
+CVE-2007-4003 (pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code ...)
+	TODO: check
 CVE-2007-4002
 	RESERVED
 CVE-2007-4001
@@ -412,7 +434,7 @@
 	TODO: check
 CVE-2007-3817 (Cross-site scripting (XSS) vulnerability in the LoginToboggan module ...)
 	TODO: check
-CVE-2007-3816 (JWIG might allow context-dependent attackers to cause a denial of ...)
+CVE-2007-3816 (** DISPUTED ** ...)
 	TODO: check
 CVE-2007-3815 (Buffer overflow in pirs32.exe in Poslovni informator Republike ...)
 	TODO: check
@@ -946,8 +968,8 @@
 	TODO: check
 CVE-2007-3567 (MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in ...)
 	TODO: check
-CVE-2007-3566
-	RESERVED
+CVE-2007-3566 (Stack-based buffer overflow in the database service (ibserver.exe) in ...)
+	TODO: check
 CVE-2007-3565
 	RESERVED
 CVE-2007-3564 (libcurl 7.14.0 through 7.16.3, when built with GnuTLS support, does ...)
@@ -1528,8 +1550,8 @@
 	NOT-FOR-US: PHPEcho CMS
 CVE-2007-3334 (Multiple heap-based buffer overflows in the (1) Communications Server ...)
 	NOT-FOR-US: Ingres
-CVE-2007-3333
-	RESERVED
+CVE-2007-3333 (Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 allows ...)
+	TODO: check
 CVE-2007-3332 (Directory traversal vulnerability in Satellite.php in Satel Lite for ...)
 	NOT-FOR-US: Satel Lite for PhpNuke
 CVE-2007-3331 (Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO ...)
@@ -2066,8 +2088,8 @@
 	RESERVED
 CVE-2007-3107 (The signal handling in the Linux kernel 2.6.2 and later, when run on ...)
 	- linux-2.6 <unfixed>
-CVE-2007-3106
-	RESERVED
+CVE-2007-3106 (libvorbis 1.1.2, and possibly other versions before 1.2.0, allows ...)
+	TODO: check
 CVE-2007-3105
 	RESERVED
 CVE-2007-3104 (The sysfs_readdir function in the Linux kernel in Red Hat Enterprise ...)
@@ -2465,6 +2487,7 @@
 CVE-2007-2927
 	RESERVED
 CVE-2007-2926 (ISC BIND 9 through 9.5.0a5 uses a weak random number generator during ...)
+	{DSA-1341-2}
 	- bind9 1:9.4.1-P1-1
 CVE-2007-2925 (The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and ...)
 	- bind9 1:9.4.1-P1-1 (medium)




More information about the Secure-testing-commits mailing list