[Secure-testing-commits] r6017 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Sat Jun 16 11:50:14 UTC 2007
Author: fw
Date: 2007-06-16 11:50:14 +0000 (Sat, 16 Jun 2007)
New Revision: 6017
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-06-16 11:49:39 UTC (rev 6016)
+++ data/CVE/list 2007-06-16 11:50:14 UTC (rev 6017)
@@ -345,33 +345,33 @@
CVE-2007-3089 (Mozilla Firefox does not prevent use of document.write to replace an ...)
TODO: check
CVE-2007-3088 (SQL injection vulnerability in index.php in Comicsense allows remote ...)
- TODO: check
+ NOT-FOR-US: Comicsense
CVE-2007-3087 (Peercast places a cleartext password in a query string, which might ...)
- TODO: check
+ NOT-FOR-US: PeerCast
CVE-2007-3086 (Unrestricted critical resource lock in Agnitum Outpost Firewall PRO ...)
- TODO: check
+ NOT-FOR-US: Outpost Firewall PRO
CVE-2007-3085 (Multiple PHP remote file inclusion vulnerabilities in PBSite allow ...)
- TODO: check
+ NOT-FOR-US: PBSite
CVE-2007-3084 (PHP remote file inclusion vulnerability in sampleblogger.php in Comdev ...)
- TODO: check
+ NOT-FOR-US: Comdev Web Blogger
CVE-2007-3083 (Z-Blog 1.7 stores sensitive information under the web root with ...)
- TODO: check
+ NOT-FOR-US: Z-Blog
CVE-2007-3082 (Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 ...)
- TODO: check
+ NOT-FOR-US: Sendcard
CVE-2007-3081 (PHP remote file inclusion vulnerability in sampleecommerce.php in ...)
- TODO: check
+ NOT-FOR-US: Comdev eCommerce
CVE-2007-3080 (SQL injection vulnerability in haberoku.asp in Hunkaray Okul Portaly ...)
- TODO: check
+ NOT-FOR-US: Hunkaray Okul Portaly
CVE-2007-3079 (listmembers.php in EQdkp 1.3.2c and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: EQdkp
CVE-2007-3078 (Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before ...)
- TODO: check
+ NOT-FOR-US: Aigaion
CVE-2007-3077 (SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and ...)
- TODO: check
+ NOT-FOR-US: EQdkp
CVE-2007-3076 (A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker ...)
- TODO: check
+ NOT-FOR-US: Zenturi ProgramChecker
CVE-2007-3075 (Directory traversal vulnerability in Microsoft Internet Explorer ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-3074 (Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read ...)
TODO: check
CVE-2007-3073 (Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and ...)
@@ -379,65 +379,65 @@
CVE-2007-3072 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on ...)
TODO: check
CVE-2007-3071 (Buffer overflow in the GetWebStoreURL function in a certain ActiveX ...)
- TODO: check
+ NOT-FOR-US: eSellerate
CVE-2007-3070 (Cross-site scripting (XSS) vulnerability in index.php in BDigital Web ...)
- TODO: check
+ NOT-FOR-US: BDigital Web Solutions WebStudio
CVE-2007-3069 (xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2007-3068 (Stack-based buffer overflow in DVD X Player 4.1 Professional allows ...)
- TODO: check
+ NOT-FOR-US: DVD X Player
CVE-2007-3067 (Cross-site scripting (XSS) vulnerability in the Attunement and Key ...)
- TODO: check
+ NOT-FOR-US: EQdkp
CVE-2007-3066 (Multiple PHP remote file inclusion vulnerabilities in php(Reactor) ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2007-3065 (SQL injection vulnerability in viewimage.php in Particle Soft Particle ...)
- TODO: check
+ NOT-FOR-US: Particle Gallery
CVE-2007-3064 (Cross-site scripting (XSS) vulnerability in diary.php in My Databook ...)
- TODO: check
+ NOT-FOR-US: My Datebook
CVE-2007-3063 (SQL injection vulnerability in diary.php in My Databook allows remote ...)
- TODO: check
+ NOT-FOR-US: My Datebook
CVE-2007-3062 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
- TODO: check
+ NOT-FOR-US: HP System Management Homepage
CVE-2007-3061 (Cactushop 6 and earlier stores sensitive information under the web ...)
- TODO: check
+ NOT-FOR-US: Cactushop
CVE-2007-3060 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 ...)
TODO: check
CVE-2007-3059 (SendCard 3.3.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: SendCard
CVE-2007-3058 (Multiple PHP remote file inclusion vulnerabilities in Madirish Webmail ...)
- TODO: check
+ NOT-FOR-US: Madirish Webmail
CVE-2007-3057 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: XOOPS
CVE-2007-3056 (Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN ...)
TODO: check
CVE-2007-3055 (Cross-site scripting (XSS) vulnerability in index.php in Codelib ...)
- TODO: check
+ NOT-FOR-US: Codelib Linker
CVE-2007-3054 (Cross-site scripting (XSS) vulnerability in search.php in Codelib ...)
- TODO: check
+ NOT-FOR-US: Codelib Linker
CVE-2007-3053 (Session fixation vulnerability in Calimero.CMS 3.3.1232 and earlier ...)
- TODO: check
+ NOT-FOR-US: Calimero
CVE-2007-3052 (SQL injection vulnerability in index.php in the PNphpBB2 1.2i and ...)
- TODO: check
+ NOT-FOR-US: PostNuke
CVE-2007-3051 (SQL injection vulnerability in inc/class_users.php in RevokeSoft ...)
- TODO: check
+ NOT-FOR-US: RevokeSoft RevokeBB
CVE-2007-3050 (Session fixation vulnerability in chameleon cms 3.0 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: chameleon cms
CVE-2007-3049 (Cross-site scripting (XSS) vulnerability in index.php in Buttercup web ...)
- TODO: check
+ NOT-FOR-US: Buttercup BWFM
CVE-2007-3048 (** DISPUTED ** ...)
- screen <not-affected> (not reproducible)
CVE-2007-3047 (The Vonage VoIP Telephone Adapter has a default administrator username ...)
- TODO: check
+ NOT-FOR-US: Vonage
CVE-2007-3046 (Buffer overflow in Advanced Software Production Line Vortex Library ...)
- TODO: check
+ NOT-FOR-US: Advanced Software Production Line Vortex Library
CVE-2007-3045 (Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on ...)
- TODO: check
+ NOT-FOR-US: Hitachi TP1
CVE-2007-3044 (Unspecified vulnerability in the Map I/O Service (xpwmap) in Hitachi ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2007-3043 (Cross-site scripting (XSS) vulnerability in Collaboration - File ...)
- TODO: check
+ NOT-FOR-US: Hitachi Collaboration
CVE-2007-3042 (Cross-site scripting (XSS) vulnerability in Meneame before 2 allows ...)
- TODO: check
+ NOT-FOR-US: Meneame
CVE-2007-3041
RESERVED
CVE-2007-3040
@@ -467,7 +467,7 @@
CVE-2007-3028
RESERVED
CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-3026
RESERVED
CVE-2007-3025 (Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before ...)
@@ -477,9 +477,9 @@
CVE-2007-3023 (unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not ...)
- clamav 0.90.3-1
CVE-2007-3022 (Symantec Reporting Server 1.0.197.0, and other versions before ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2007-3021 (Symantec Reporting Server 1.0.197.0, and other versions before ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2007-3020
RESERVED
CVE-2007-3019
@@ -503,81 +503,81 @@
CVE-2007-3010
RESERVED
CVE-2007-3009 (Format string vulnerability in the MprLogToFile::logEvent function in ...)
- TODO: check
+ NOT-FOR-US: Mbedthis AppWeb
CVE-2007-3008 (Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has ...)
- TODO: check
+ NOT-FOR-US: Mbedthis AppWeb
CVE-2007-3007 (PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode ...)
- php5 5.2.3-1 (unimportant)
CVE-2007-3006 (Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted ...)
- TODO: check
+ NOT-FOR-US: Acoustica MP3 CD Burner
CVE-2007-3005 (Unspecified vulnerability in the Sun Java Runtime Environment in JDK ...)
TODO: check
CVE-2007-3004 (Buffer overflow in the image parsing implementation in the Sun Java ...)
TODO: check
CVE-2007-3003 (Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier ...)
- TODO: check
+ NOT-FOR-US: myBloggie
CVE-2007-3002 (PHP JackKnife (PHPJK) allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: PHP JackKnife
CVE-2007-3001 (Multiple cross-site scripting (XSS) vulnerabilities in PHP JackKnife ...)
- TODO: check
+ NOT-FOR-US: PHP JackKnife
CVE-2007-3000 (Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow ...)
- TODO: check
+ NOT-FOR-US: PHP JackKnife
CVE-2007-2999 (Microsoft Windows Server 2003, when time restrictions are in effect ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2007-2998 (The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS ...)
- TODO: check
+ NOT-FOR-US: OpenVMS
CVE-2007-2997 (Multiple SQL injection vulnerabilities in cgi-bin/reorder2.asp in ...)
- TODO: check
+ NOT-FOR-US: SalesCart Shopping Cart
CVE-2007-2996 (Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2007-2995 (Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2007-2994 (SQL injection vulnerability in news.php in DGNews 2.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: DGNews
CVE-2007-2993 (Multiple cross-site scripting (XSS) vulnerabilities in OmegaMw7.asp in ...)
- TODO: check
+ NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
CVE-2007-2992 (Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA (aka ...)
- TODO: check
+ NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
CVE-2007-2991 (Cross-site scripting (XSS) vulnerability in includes/send.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Evenzia CMS
CVE-2007-2990 (Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2007-2989 (The libike library in Sun Solaris 9 before 20070529 contains a logic ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2007-2988 (A certain admin script in Inout Meta Search Engine sends a redirect to ...)
- TODO: check
+ NOT-FOR-US: Inout Meta Search Engine
CVE-2007-2987 (Multiple buffer overflows in certain ActiveX controls in sasatl.dll in ...)
- TODO: check
+ NOT-FOR-US: Zenturi ProgramChecker
CVE-2007-2986 (PHP remote file inclusion vulnerability in lib/live_status.lib.php in ...)
- TODO: check
+ NOT-FOR-US: AdminBot
CVE-2007-2985 (Pheap 2.0 allows remote attackers to bypass authentication by setting ...)
- TODO: check
+ NOT-FOR-US: Pheap
CVE-2007-2984 (Multiple stack-based buffer overflows in the Media Technology Group ...)
- TODO: check
+ NOT-FOR-US: Media Technology Group CDPass
CVE-2007-2982 (Multiple buffer overflows in the British Telecommunications Business ...)
- TODO: check
+ NOT-FOR-US: British Telecommunications Business Connect
CVE-2007-2981 (Buffer overflow in a certain ActiveX control in LEAD Technologies ...)
- TODO: check
+ NOT-FOR-US: LeadTools
CVE-2007-2980 (Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS ...)
- TODO: check
+ NOT-FOR-US: LeadTools
CVE-2007-2979 (Techno Dreams Web Directory / Search Engine 2.0 stores sensitive ...)
- TODO: check
+ NOT-FOR-US: Techno Dreams Web Directory / Search Engine
CVE-2007-2978 (Session fixation vulnerability in eggblog 3.1.0 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: eggblog
CVE-2007-2977 (Buffer overflow in the receive function in submit/submitcommon.c in ...)
- TODO: check
+ NOT-FOR-US: DOMjudge
CVE-2007-2976 (Centrinity FirstClass 8.3 and earlier, and Server and Internet ...)
- TODO: check
+ NOT-FOR-US: Centrinity
CVE-2007-2975 (Unspecified vulnerability in the built-in admin console in Ignite ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime
CVE-2007-2974 (Buffer overflow in the file parsing engine in Avira Antivir Antivirus ...)
- TODO: check
+ NOT-FOR-US: Avira Antivirus
CVE-2007-2973 (Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Avira Antivirus
CVE-2007-2972 (The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 ...)
- TODO: check
+ NOT-FOR-US: Avira Antivirus
CVE-2007-2971 (SQL injection vulnerability in getnewsitem.php in gCards 1.46 and ...)
- TODO: check
+ NOT-FOR-US: gCards
CVE-2007-2970 (Multiple cross-site scripting (XSS) vulnerabilities in cgi/block.cgi ...)
TODO: check
CVE-2007-2969 (PHP remote file inclusion vulnerability in newsletter.php in ...)
More information about the Secure-testing-commits
mailing list