[Secure-testing-commits] r5956 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Fri Jun 1 09:14:08 UTC 2007
Author: joeyh
Date: 2007-06-01 09:14:07 +0000 (Fri, 01 Jun 2007)
New Revision: 5956
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-06-01 09:00:11 UTC (rev 5955)
+++ data/CVE/list 2007-06-01 09:14:07 UTC (rev 5956)
@@ -1,3 +1,351 @@
+CVE-2007-2967 (Multiple F-Secure anti-virus products for Microsoft Windows and Linux ...)
+ TODO: check
+CVE-2007-2966 (Buffer overflow in the LHA decompresion component in F-Secure ...)
+ TODO: check
+CVE-2007-2965 (Unspecified vulnerability in the Real-time Scanning component in ...)
+ TODO: check
+CVE-2007-2964 (The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and ...)
+ TODO: check
+CVE-2007-2963 (Multiple cross-site scripting (XSS) vulnerabilities in Invision Power ...)
+ TODO: check
+CVE-2007-2962 (Cross-site scripting (XSS) vulnerability in search.php in Particle ...)
+ TODO: check
+CVE-2007-2961 (Unrestricted file upload vulnerability in FileCloset before 1.1.5 ...)
+ TODO: check
+CVE-2007-2960 (Multiple directory traversal vulnerabilities in Scallywag 2005-04-25 ...)
+ TODO: check
+CVE-2007-2959 (SQL injection vulnerability in manufacturer.php in cpCommerce before ...)
+ TODO: check
+CVE-2007-2958
+ RESERVED
+CVE-2007-2957
+ RESERVED
+CVE-2007-2956
+ RESERVED
+CVE-2007-2955
+ RESERVED
+CVE-2007-2954
+ RESERVED
+CVE-2007-2953
+ RESERVED
+CVE-2007-2952
+ RESERVED
+CVE-2007-2951
+ RESERVED
+CVE-2007-2950
+ RESERVED
+CVE-2007-2949
+ RESERVED
+CVE-2007-2948
+ RESERVED
+CVE-2007-2947 (Multiple PHP remote file inclusion vulnerabilities in OpenBASE Alpha ...)
+ TODO: check
+CVE-2007-2946 (Buffer overflow in a certain ActiveX control in LeadTools Raster ...)
+ TODO: check
+CVE-2007-2945 (RMForum stores sensitive information under the web root with ...)
+ TODO: check
+CVE-2007-2944 (WabCMS 1.0 stores sensitive information under the web root with ...)
+ TODO: check
+CVE-2007-2943 (PHP remote file inclusion vulnerability in class/class.php in Webavis ...)
+ TODO: check
+CVE-2007-2942 (SQL injection vulnerability in user.php in My Little Forum 1.7 and ...)
+ TODO: check
+CVE-2007-2941 (Multiple PHP remote file inclusion vulnerabilities in the creator in ...)
+ TODO: check
+CVE-2007-2940 (Multiple PHP remote file inclusion vulnerabilities in FlaP 1.0b (1.0 ...)
+ TODO: check
+CVE-2007-2939 (Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat ...)
+ TODO: check
+CVE-2007-2938 (Buffer overflow in the BaseRunner ActiveX control in the Ademco ...)
+ TODO: check
+CVE-2007-2937 (PHP remote file inclusion vulnerability in admin/admin.php in TROforum ...)
+ TODO: check
+CVE-2007-2936 (Multiple PHP remote file inclusion vulnerabilities in Frequency Clock ...)
+ TODO: check
+CVE-2007-2935 (core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows ...)
+ TODO: check
+CVE-2007-2934 (Directory traversal vulnerability in skins/common.css.php in Vistered ...)
+ TODO: check
+CVE-2007-2933 (SQL injection vulnerability in index.php in the Phil-a-Form ...)
+ TODO: check
+CVE-2007-2932 (Cross-site scripting (XSS) vulnerability in index.php in BoastMachine ...)
+ TODO: check
+CVE-2007-2931
+ RESERVED
+CVE-2007-2930
+ RESERVED
+CVE-2007-2929
+ RESERVED
+CVE-2007-2928
+ RESERVED
+CVE-2007-2927
+ RESERVED
+CVE-2007-2926
+ RESERVED
+CVE-2007-2925
+ RESERVED
+CVE-2007-2924
+ RESERVED
+CVE-2007-2923
+ RESERVED
+CVE-2007-2922
+ RESERVED
+CVE-2007-2921
+ RESERVED
+CVE-2007-2920
+ RESERVED
+CVE-2007-2919
+ RESERVED
+CVE-2007-2918
+ RESERVED
+CVE-2007-2917
+ RESERVED
+CVE-2007-2916 (Cross-site scripting (XSS) vulnerability in showown.php in GMTT Music ...)
+ TODO: check
+CVE-2007-2915 (Cross-site scripting (XSS) vulnerability in RM EasyMail Plus allows ...)
+ TODO: check
+CVE-2007-2914 (Multiple cross-site scripting (XSS) vulnerabilities in PsychoStats ...)
+ TODO: check
+CVE-2007-2913 (Cross-site scripting (XSS) vulnerability in index.php in ClonusWiki .5 ...)
+ TODO: check
+CVE-2007-2912 (Unspecified vulnerability in Jelsoft vBulletin before 3.6.6, when ...)
+ TODO: check
+CVE-2007-2911 (SQL injection vulnerability in admincp/attachment.php in Jelsoft ...)
+ TODO: check
+CVE-2007-2910 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before ...)
+ TODO: check
+CVE-2007-2909 (Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft ...)
+ TODO: check
+CVE-2007-2908 (Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft ...)
+ TODO: check
+CVE-2007-2907 (Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote ...)
+ TODO: check
+CVE-2007-2906 (Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a ...)
+ TODO: check
+CVE-2007-2905 (SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 ...)
+ TODO: check
+CVE-2007-2904 (Cross-site scripting (XSS) vulnerability in Sun Java System Messaging ...)
+ TODO: check
+CVE-2007-2903 (Buffer overflow in the HelpPopup method in the Microsoft Office 2000 ...)
+ TODO: check
+CVE-2007-2902 (SQL injection vulnerability in main/auth/my_progress.php in Dokeos ...)
+ TODO: check
+CVE-2007-2901 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 ...)
+ TODO: check
+CVE-2007-2900 (Multiple PHP remote file inclusion vulnerabilities in Scallywag ...)
+ TODO: check
+CVE-2007-2899 (Direct static code injection vulnerability in admin_config.php in ...)
+ TODO: check
+CVE-2007-2898 (SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 ...)
+ TODO: check
+CVE-2007-2897 (Microsoft Internet Information Services (IIS) 6.0 allows remote ...)
+ TODO: check
+CVE-2007-2896 (Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 ...)
+ TODO: check
+CVE-2007-2895 (Buffer overflow in a certain ActiveX control in LTRDF14e.DLL 14.5.0.44 ...)
+ TODO: check
+CVE-2007-2894 (The emulated floppy disk controller in Bochs 2.3 allows local users of ...)
+ TODO: check
+CVE-2007-2893 (Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in ...)
+ TODO: check
+CVE-2007-2892 (Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 ...)
+ TODO: check
+CVE-2007-2891 (Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 ...)
+ TODO: check
+CVE-2007-2890 (SQL injection vulnerability in category.php in cpCommerce 1.1.0 and ...)
+ TODO: check
+CVE-2007-2889 (SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 ...)
+ TODO: check
+CVE-2007-2888 (Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows ...)
+ TODO: check
+CVE-2007-2887 (Cross-site scripting (XSS) vulnerability in index.php in Web Icerik ...)
+ TODO: check
+CVE-2007-2886 (Unspecified vulnerability in the Nortel CS 1000 M media card in ...)
+ TODO: check
+CVE-2007-2885 (The NotSafe function in the MSVDTDatabaseDesigner7 ActiveX control in ...)
+ TODO: check
+CVE-2007-2884 (Multiple stack-based buffer overflows in Microsoft Visual Basic 6 ...)
+ TODO: check
+CVE-2007-2883 (Credant Mobile Guardian Shield for Windows 5.2.1.105 and earlier ...)
+ TODO: check
+CVE-2007-2882 (Unspecified vulnerability in the NFS client module in Sun Solaris 8 ...)
+ TODO: check
+CVE-2007-2881 (Multiple stack-based buffer overflows in the SOCKS proxy support ...)
+ TODO: check
+CVE-2007-2880 (Multiple cross-site scripting (XSS) vulnerabilities in Digirez 3.4 ...)
+ TODO: check
+CVE-2007-2879 (Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk ...)
+ TODO: check
+CVE-2007-2878 (The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run ...)
+ TODO: check
+CVE-2007-2877 (Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 ...)
+ TODO: check
+CVE-2007-2876
+ RESERVED
+CVE-2007-2875
+ RESERVED
+CVE-2007-2874
+ RESERVED
+CVE-2007-2873
+ RESERVED
+CVE-2007-2872
+ RESERVED
+CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...)
+ TODO: check
+CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...)
+ TODO: check
+CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before ...)
+ TODO: check
+CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox ...)
+ TODO: check
+CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla Firefox ...)
+ TODO: check
+CVE-2007-2866 (Multiple SQL injection vulnerabilities in ...)
+ TODO: check
+CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin ...)
+ TODO: check
+CVE-2007-2864
+ RESERVED
+CVE-2007-2863
+ RESERVED
+CVE-2007-2862 (Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow ...)
+ TODO: check
+CVE-2007-2861 (Multiple PHP remote file inclusion vulnerabilities in Simple ...)
+ TODO: check
+CVE-2007-2860 (user.php in BoastMachine 3.0 platinum allows remote authenticated ...)
+ TODO: check
+CVE-2007-2859 (Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 ...)
+ TODO: check
+CVE-2007-2858 (SQL injection vulnerability in the IP-Search functionality in the ...)
+ TODO: check
+CVE-2007-2857 (PHP remote file inclusion vulnerability in sample/xls2mysql in ABC ...)
+ TODO: check
+CVE-2007-2856 (Buffer overflow in the Dart Communications PowerTCP ZIP Compression ...)
+ TODO: check
+CVE-2007-2855 (Buffer overflow in a certain ActiveX control in DartZipLite.dll ...)
+ TODO: check
+CVE-2007-2854 (Multiple SQL injection vulnerabilities in account_change.php in ...)
+ TODO: check
+CVE-2007-2853 (The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in Virtual CD ...)
+ TODO: check
+CVE-2007-2852 (Multiple stack-based buffer overflows in ESET NOD32 Antivirus before ...)
+ TODO: check
+CVE-2007-2851 (A certain ActiveX control in LeadTools Raster Variant Object Library ...)
+ TODO: check
+CVE-2007-2850 (The Session Reliability Service (XTE) in Citrix MetaFrame Presentation ...)
+ TODO: check
+CVE-2007-2849 (KnowledgeTree Document Management (aka KnowledgeTree Open Source) ...)
+ TODO: check
+CVE-2007-2848 (Stack-based buffer overflow in the SetPath function in the shComboBox ...)
+ TODO: check
+CVE-2007-2847 (Multiple cross-site scripting (XSS) vulnerabilities in hlstats.php in ...)
+ TODO: check
+CVE-2007-2846 (Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus ...)
+ TODO: check
+CVE-2007-2845 (Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus ...)
+ TODO: check
+CVE-2007-2844 (PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, ...)
+ TODO: check
+CVE-2007-2843 (Cross-domain vulnerability in Apple Safari 2.0.4 allows remote ...)
+ TODO: check
+CVE-2007-2842
+ RESERVED
+CVE-2007-2841
+ RESERVED
+CVE-2007-2840
+ RESERVED
+CVE-2007-2839
+ RESERVED
+CVE-2007-2838
+ RESERVED
+CVE-2007-2837
+ RESERVED
+CVE-2007-2836
+ RESERVED
+CVE-2007-2835
+ RESERVED
+CVE-2007-2834
+ RESERVED
+CVE-2007-2833
+ RESERVED
+CVE-2007-2832 (Cross-site scripting (XSS) vulnerability in the web application ...)
+ TODO: check
+CVE-2007-2831 (Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ...)
+ TODO: check
+CVE-2007-2830 (The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 ...)
+ TODO: check
+CVE-2007-2829 (The 802.11 network stack in net80211/ieee80211_input.c in MadWifi ...)
+ TODO: check
+CVE-2007-2828 (Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php ...)
+ TODO: check
+CVE-2007-2827 (Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX ...)
+ TODO: check
+CVE-2007-2826 (PHP remote file inclusion vulnerability in lib/addressbook.php in ...)
+ TODO: check
+CVE-2007-2825 (Multiple cross-site scripting (XSS) vulnerabilities in ReadMsg.php in ...)
+ TODO: check
+CVE-2007-2824 (SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 ...)
+ TODO: check
+CVE-2007-2823 (Multiple buffer overflows in HT Editor before 2.0.6 might allow remote ...)
+ TODO: check
+CVE-2007-2822 (TutorialCMS 1.01 and earlier, when register_globals is enabled, allows ...)
+ TODO: check
+CVE-2007-2821 (SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress ...)
+ TODO: check
+CVE-2007-2820 (Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX ...)
+ TODO: check
+CVE-2007-2819 (Cross-site scripting (XSS) vulnerability in reportItem.do in Track+ ...)
+ TODO: check
+CVE-2007-2818 (Cross-site scripting (XSS) vulnerability in cand_login.asp in ...)
+ TODO: check
+CVE-2007-2817 (SQL injection vulnerability in read/index.php in ol'bookmarks 0.7.4 ...)
+ TODO: check
+CVE-2007-2816 (Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks ...)
+ TODO: check
+CVE-2007-2815 (The "hit-highlighting" functionality in webhits.dll in Microsoft ...)
+ TODO: check
+CVE-2007-2814 (Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX ...)
+ TODO: check
+CVE-2007-2813 (Cisco IOS 12.4 and earlier, when using the crypto packages and SSL ...)
+ TODO: check
+CVE-2007-2812 (Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats ...)
+ TODO: check
+CVE-2007-2811 (Cross-site scripting (XSS) vulnerability in OSK Advance-Flow 4.41 and ...)
+ TODO: check
+CVE-2007-2810 (SQL injection vulnerability in down_indir.asp in Gazi Download Portal ...)
+ TODO: check
+CVE-2007-2809 (Buffer overflow in the transfer manager in Opera before 9.21 for ...)
+ TODO: check
+CVE-2007-2808 (Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb ...)
+ TODO: check
+CVE-2007-2807 (Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop ...)
+ TODO: check
+CVE-2007-2806 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2007-2805 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2007-2804 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2007-2803 (SQL injection vulnerability in default.asp in Vizayn Urun Tanitim ...)
+ TODO: check
+CVE-2007-2802 (Cross-site scripting (XSS) vulnerability in cp/ps/Main/login/Login in ...)
+ TODO: check
+CVE-2007-2801
+ RESERVED
+CVE-2007-2800
+ RESERVED
+CVE-2007-2799 (Integer overflow in the "file" program 4.20, when running on 32-bit ...)
+ TODO: check
+CVE-2007-2798
+ RESERVED
+CVE-2006-7205 (The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 ...)
+ TODO: check
+CVE-2006-7204 (The imap_body function in PHP before 4.4.4 does not implement safemode ...)
+ TODO: check
+CVE-2003-1330 (Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on ...)
+ TODO: check
+CVE-2001-1581 (The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows ...)
+ TODO: check
CVE-2007-XXXX [MadWifi several DoS, one of them remote]
- madwifi 1:0.9.3-2
[etch] - madwifi <no-dsa> (Non-free not supported)
@@ -252,10 +600,10 @@
NOT-FOR-US: Check Point
CVE-2007-2688 (The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS ...)
NOT-FOR-US: Cisco
-CVE-2007-2687
- RESERVED
-CVE-2007-2686
- RESERVED
+CVE-2007-2687 (Stack-based buffer overflow in the MicroWorld Agent service ...)
+ TODO: check
+CVE-2007-2686 (Cross-site scripting (XSS) vulnerability in index.php in Jetbox CMS ...)
+ TODO: check
CVE-2007-2685 (Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 ...)
NOT-FOR-US: Jetbox CMS
CVE-2007-2684 (Jetbox CMS 2.1 allows remote attackers to obtain sensitive information ...)
@@ -319,7 +667,7 @@
NOT-FOR-US: HP
CVE-2007-2655 (Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before ...)
NOT-FOR-US: NetWin
-CVE-2007-2654 (xfs_fsr in xfsdump creates a temporary directory with insecure ...)
+CVE-2007-2654 (xfs_fsr in xfsdump creates a .fsr temporary directory with insecure ...)
- xfsdump 2.2.45-1 (bug #417894; low)
CVE-2007-2653 (Unspecified vulnerability in Vim (Vi IMproved) before 7.1 has ...)
NOT-FOR-US: This is bogus, the annoucement refers to the recently discovered modelines issues
@@ -596,8 +944,8 @@
NOT-FOR-US: E-GADS!
CVE-2007-2520
RESERVED
-CVE-2007-2519
- RESERVED
+CVE-2007-2519 (Directory traversal vulnerability in the installer in PEAR 1.0 through ...)
+ TODO: check
CVE-2007-2518
REJECTED
CVE-2007-2517
@@ -746,8 +1094,7 @@
CVE-2007-2452
RESERVED
- findutils <unfixed> (low; bug #426862)
-CVE-2007-2451 [linux geode-aes security issue]
- RESERVED
+CVE-2007-2451 (Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES ...)
- linux-2.6 2.6.21-3
[etch] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.20)
CVE-2007-2450
@@ -890,16 +1237,16 @@
RESERVED
CVE-2007-2391
RESERVED
-CVE-2007-2390
- RESERVED
-CVE-2007-2389
- RESERVED
-CVE-2007-2388
- RESERVED
+CVE-2007-2390 (Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows ...)
+ TODO: check
+CVE-2007-2389 (Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear ...)
+ TODO: check
+CVE-2007-2388 (Unspecified vulnerability in Apple QuickTime for Java 7.1.6 on Mac OS ...)
+ TODO: check
CVE-2007-2387
RESERVED
-CVE-2007-2386
- RESERVED
+CVE-2007-2386 (Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 ...)
+ TODO: check
CVE-2007-2385 (The Yahoo! UI framework exchanges data using JavaScript Object ...)
TODO: check yui
NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
@@ -2077,8 +2424,7 @@
CVE-2007-1861 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel ...)
{DSA-1289-1}
- linux-2.6 2.6.21-1
-CVE-2007-1860 [Apache Tomcat JK Connector Information disclosure]
- RESERVED
+CVE-2007-1860 (mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 ...)
- libapache-mod-jk <unfixed> (bug #425836)
CVE-2007-1859 (XScreenSaver 4.10, when using a remote directory service for ...)
- xscreensaver <unfixed> (low)
@@ -3290,8 +3636,8 @@
NOT-FOR-US: DropAFew
CVE-2007-1363 (Multiple SQL injection vulnerabilities in DropAFew before 0.2.1 allow ...)
NOT-FOR-US: DropAFew
-CVE-2007-1362
- RESERVED
+CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...)
+ TODO: check
CVE-2007-1361 (Cross-site scripting (XSS) vulnerability in virtuemart_parser.php in ...)
NOT-FOR-US: VirtueMart
CVE-2007-1360 (Unspecified vulnerability in the Nodefamily module for Drupal 5.x ...)
@@ -5170,14 +5516,14 @@
RESERVED
CVE-2007-0754 (Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows ...)
NOT-FOR-US: Apple QuickTime
-CVE-2007-0753
- RESERVED
-CVE-2007-0752
- RESERVED
-CVE-2007-0751
- RESERVED
-CVE-2007-0750
- RESERVED
+CVE-2007-0753 (Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X ...)
+ TODO: check
+CVE-2007-0752 (The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the ...)
+ TODO: check
+CVE-2007-0751 (A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might ...)
+ TODO: check
+CVE-2007-0750 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 ...)
+ TODO: check
CVE-2007-0749 (Multiple stack-based buffer overflows in the is_command function in ...)
NOT-FOR-US: Apple Darwin Streaming Server
CVE-2007-0748 (Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using ...)
@@ -5196,8 +5542,8 @@
NOT-FOR-US: Apple Mac OS X
CVE-2007-0741 (Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 ...)
NOT-FOR-US: Apple Mac OS X
-CVE-2007-0740
- RESERVED
+CVE-2007-0740 (Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display ...)
+ TODO: check
CVE-2007-0739 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the ...)
NOT-FOR-US: Apple Mac OS X
CVE-2007-0738 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not ...)
@@ -5290,16 +5636,16 @@
NOT-FOR-US: Free LAN Intranet Portal
CVE-2007-0695 (Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net ...)
NOT-FOR-US: Free LAN Intranet Portal
-CVE-2007-0694
- RESERVED
-CVE-2007-0693
- RESERVED
-CVE-2007-0692
- RESERVED
+CVE-2007-0694 (Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 ...)
+ TODO: check
+CVE-2007-0693 (SQL injection vulnerability in news.php in DGNews 2.1 allows remote ...)
+ TODO: check
+CVE-2007-0692 (DGNews 2.1 allows remote attackers to obtain sensitive information via ...)
+ TODO: check
CVE-2007-0691
REJECTED
-CVE-2007-0690
- RESERVED
+CVE-2007-0690 (myEvent 1.6 allows remote attackers to obtain sensitive information ...)
+ TODO: check
CVE-2007-0689 (MyBB 1.2.4 allows remote attackers to obtain sensitive information via ...)
NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-6968 (Cross-site scripting (XSS) vulnerability in the group moderation ...)
@@ -5880,8 +6226,8 @@
- tomcat5.5 <unfixed> (medium)
CVE-2007-0449 (Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve ...)
NOT-FOR-US: CA BrightStor
-CVE-2007-0448
- RESERVED
+CVE-2007-0448 (The fopen function in PHP 5.2.0 does not properly handle invalid URI ...)
+ TODO: check
CVE-2007-0447
RESERVED
CVE-2007-0446 (Stack-based buffer overflow in magentproc.exe for Hewlett-Packard ...)
@@ -6157,8 +6503,8 @@
NOT-FOR-US: Ipswitch WS_FTP
CVE-2007-0329 (download.php in Joonas Viljanen JV2 Folder Gallery allows remote ...)
NOT-FOR-US: Joonas Viljanen JV2 Folder Gallery
-CVE-2007-0328
- RESERVED
+CVE-2007-0328 (The DWUpdateService ActiveX control in the agent (agent.exe) in ...)
+ TODO: check
CVE-2007-0327
RESERVED
CVE-2007-0326
@@ -6341,8 +6687,7 @@
CVE-2007-0247 (squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers ...)
- squid 2.6.5-4 (low)
[sarge] - squid <not-affected> (Vulnerable code not present)
-CVE-2007-0246 [gforge-plugin-scmcvs missing input sanitising ]
- RESERVED
+CVE-2007-0246 (plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 ...)
{DSA-1297-1}
- gforge-plugin-scmcvs 4.5.14-6
CVE-2007-0245
@@ -13764,8 +14109,7 @@
NOT-FOR-US: NeoScale Systems CryptoStor
CVE-2006-3895
RESERVED
-CVE-2006-3894
- RESERVED
+CVE-2006-3894 (The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used ...)
NOT-FOR-US: RSA BSAFE
CVE-2006-3893 (Multiple buffer overflows in the ActiveX controls in Newtone ImageKit ...)
NOT-FOR-US: Newtone ImageKit
More information about the Secure-testing-commits
mailing list