[Secure-testing-commits] r6008 - data/CVE

fw at alioth.debian.org fw at alioth.debian.org
Sat Jun 16 10:39:09 UTC 2007 

Author: fw
Date: 2007-06-16 10:39:08 +0000 (Sat, 16 Jun 2007)
New Revision: 6008

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-06-16 10:38:52 UTC (rev 6007)
+++ data/CVE/list	2007-06-16 10:39:08 UTC (rev 6008)
@@ -178,17 +178,17 @@
 	- karrigell <unfixed> (bug #429207)
 	- jspwiki <unfixed> (bug #429206)
 CVE-2007-3162 (Buffer overflow in the NotSafe function in the idaiehlp ActiveX ...)
-	TODO: check
+	NOT-FOR-US: Internet Download Accelerator
 CVE-2007-3161 (Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote ...)
-	TODO: check
+	NOT-FOR-US: Ace-FTP Client
 CVE-2007-3160 (PHP remote file inclusion vulnerability in admin/header.php in PHP ...)
-	TODO: check
+	NOT-FOR-US: PHP Real Estate Classifieds Premium Plus
 CVE-2007-3159 (http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: MiniWeb
 CVE-2007-3158 (download_script.asp in ASP Folder Gallery allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: ASP Folder Gallery
 CVE-2007-3157 (IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build ...)
-	TODO: check
+	NOT-FOR-US: SafeNET
 CVE-2007-3156 (Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi ...)
 	- webmin <removed>
 CVE-2007-3155 (Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown ...)
@@ -199,21 +199,21 @@
 	- egroupware-core <unfixed> (bug #429215)
 	- gallery <unfixed> (bug #429213)
 CVE-2007-3153 (The ares_init:randomize_key function in c-ares, on platforms other ...)
-	TODO: check
+	NOT-FOR-US: c-ares
 CVE-2007-3152 (c-ares before 1.4.0 uses a predictable seed for the random number ...)
-	TODO: check
+	NOT-FOR-US: c-ares
 CVE-2007-3151 (rpttop.htm in the web management interface in Packeteer PacketShaper ...)
-	TODO: check
+	NOT-FOR-US: Packeteer PacketShaper
 CVE-2007-3150 (Google Desktop allows user-assisted remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Google Desktop
 CVE-2007-3149 (sudo, when linked with MIT Kerberos 5 (krb5), does not properly check ...)
 	TODO: check
 CVE-2007-3148 (Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ...)
-	TODO: check
+	NOT-FOR-US: Yahoo! Webcam Viewer
 CVE-2007-3147 (Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ...)
-	TODO: check
+	NOT-FOR-US: Yahoo! Webcam Upload
 CVE-2007-3146 (Zen Help Desk 2.1 stores sensitive information under the web root with ...)
-	TODO: check
+	NOT-FOR-US: Zen Help Desk
 CVE-2007-3145 (Visual truncation vulnerability in Galeon 2.0.1 allows remote ...)
 	- galeon <unfixed> (low; bug #429216)
 CVE-2007-3144 (Visual truncation vulnerability in Mozilla 1.7.12 allows remote ...)
@@ -225,31 +225,31 @@
 CVE-2007-3143 (Visual truncation vulnerability in Konqueror 3.5.5 allows remote ...)
 	- kdebase <unfixed> (low)
 CVE-2007-3142 (Visual truncation vulnerability in Opera 9.21 allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2007-3141 (PHP remote file inclusion vulnerability in core/editor.php in ...)
-	TODO: check
+	NOT-FOR-US: phpWebThings
 CVE-2007-3140 (SQL injection vulnerability in xmlrpc.php in WordPress 2.2 allows ...)
 	- wordpress <unfixed> (bug #428073)
 CVE-2007-3139 (config/general.php in Quick.Cart 2.2 and earlier uses a default ...)
-	TODO: check
+	NOT-FOR-US: Quick.Cart
 CVE-2007-3138 (Directory traversal vulnerability in index.php in Open Solution ...)
-	TODO: check
+	NOT-FOR-US: Quick.Cart
 CVE-2007-3137 (Multiple cross-site scripting (XSS) vulnerabilities in 4print.asp in ...)
-	TODO: check
+	NOT-FOR-US: WmsCMS
 CVE-2007-3136 (PHP remote file inclusion vulnerability in inc/nuke_include.php in ...)
-	TODO: check
+	NOT-FOR-US: newsSync
 CVE-2007-3135 (Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom ...)
-	TODO: check
+	NOT-FOR-US: Atom Photoblog
 CVE-2007-3134 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: Atom PhotoBlog
 CVE-2007-3133 (SQL injection vulnerability in urunbak.asp in W1L3D4 WEBmarket 0.1 ...)
-	TODO: check
+	NOT-FOR-US: W1L3D4
 CVE-2007-3132 (Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and ...)
-	TODO: check
+	NOT-FOR-US: Symantec Ghost
 CVE-2007-3131 (Cross-site scripting (XSS) vulnerability in add_comment.php in Light ...)
-	TODO: check
+	NOT-FOR-US: Light Blog
 CVE-2007-3130 (Multiple PHP remote file inclusion vulnerabilities in the OpenWiki ...)
-	TODO: check
+	NOT-FOR-US: OpenWiki
 CVE-2005-4845 (The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and ...)
 	TODO: check
 CVE-2005-4844 (The CLSID_ApprenticeICW control allows remote attackers to cause a ...)
@@ -273,7 +273,7 @@
 CVE-2007-3125 (Format string vulnerability in the inputAnswer function in file.c in ...)
 	- w3m <unfixed> (medium)
 CVE-2007-3124 (Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in ...)
-	TODO: check
+	NOT-FOR-US: FreeVMS
 CVE-2007-3123 (unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)
 	TODO: check
 CVE-2007-3122 (The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 ...)

More information about the Secure-testing-commits mailing list