[Secure-testing-commits] r6017 - data/CVE

fw at alioth.debian.org fw at alioth.debian.org
Sat Jun 16 11:50:14 UTC 2007


Author: fw
Date: 2007-06-16 11:50:14 +0000 (Sat, 16 Jun 2007)
New Revision: 6017

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-06-16 11:49:39 UTC (rev 6016)
+++ data/CVE/list	2007-06-16 11:50:14 UTC (rev 6017)
@@ -345,33 +345,33 @@
 CVE-2007-3089 (Mozilla Firefox does not prevent use of document.write to replace an ...)
 	TODO: check
 CVE-2007-3088 (SQL injection vulnerability in index.php in Comicsense allows remote ...)
-	TODO: check
+	NOT-FOR-US: Comicsense
 CVE-2007-3087 (Peercast places a cleartext password in a query string, which might ...)
-	TODO: check
+	NOT-FOR-US: PeerCast
 CVE-2007-3086 (Unrestricted critical resource lock in Agnitum Outpost Firewall PRO ...)
-	TODO: check
+	NOT-FOR-US: Outpost Firewall PRO
 CVE-2007-3085 (Multiple PHP remote file inclusion vulnerabilities in PBSite allow ...)
-	TODO: check
+	NOT-FOR-US: PBSite
 CVE-2007-3084 (PHP remote file inclusion vulnerability in sampleblogger.php in Comdev ...)
-	TODO: check
+	NOT-FOR-US: Comdev Web Blogger
 CVE-2007-3083 (Z-Blog 1.7 stores sensitive information under the web root with ...)
-	TODO: check
+	NOT-FOR-US: Z-Blog
 CVE-2007-3082 (Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 ...)
-	TODO: check
+	NOT-FOR-US: Sendcard
 CVE-2007-3081 (PHP remote file inclusion vulnerability in sampleecommerce.php in ...)
-	TODO: check
+	NOT-FOR-US: Comdev eCommerce
 CVE-2007-3080 (SQL injection vulnerability in haberoku.asp in Hunkaray Okul Portaly ...)
-	TODO: check
+	NOT-FOR-US: Hunkaray Okul Portaly
 CVE-2007-3079 (listmembers.php in EQdkp 1.3.2c and earlier allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: EQdkp
 CVE-2007-3078 (Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before ...)
-	TODO: check
+	NOT-FOR-US: Aigaion
 CVE-2007-3077 (SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and ...)
-	TODO: check
+	NOT-FOR-US: EQdkp
 CVE-2007-3076 (A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker ...)
-	TODO: check
+	NOT-FOR-US: Zenturi ProgramChecker
 CVE-2007-3075 (Directory traversal vulnerability in Microsoft Internet Explorer ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-3074 (Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read ...)
 	TODO: check
 CVE-2007-3073 (Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and ...)
@@ -379,65 +379,65 @@
 CVE-2007-3072 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on ...)
 	TODO: check
 CVE-2007-3071 (Buffer overflow in the GetWebStoreURL function in a certain ActiveX ...)
-	TODO: check
+	NOT-FOR-US: eSellerate
 CVE-2007-3070 (Cross-site scripting (XSS) vulnerability in index.php in BDigital Web ...)
-	TODO: check
+	NOT-FOR-US: BDigital Web Solutions WebStudio
 CVE-2007-3069 (xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris
 CVE-2007-3068 (Stack-based buffer overflow in DVD X Player 4.1 Professional allows ...)
-	TODO: check
+	NOT-FOR-US: DVD X Player
 CVE-2007-3067 (Cross-site scripting (XSS) vulnerability in the Attunement and Key ...)
-	TODO: check
+	NOT-FOR-US: EQdkp
 CVE-2007-3066 (Multiple PHP remote file inclusion vulnerabilities in php(Reactor) ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2007-3065 (SQL injection vulnerability in viewimage.php in Particle Soft Particle ...)
-	TODO: check
+	NOT-FOR-US: Particle Gallery
 CVE-2007-3064 (Cross-site scripting (XSS) vulnerability in diary.php in My Databook ...)
-	TODO: check
+	NOT-FOR-US: My Datebook
 CVE-2007-3063 (SQL injection vulnerability in diary.php in My Databook allows remote ...)
-	TODO: check
+	NOT-FOR-US: My Datebook
 CVE-2007-3062 (Cross-site scripting (XSS) vulnerability in HP System Management ...)
-	TODO: check
+	NOT-FOR-US: HP System Management Homepage
 CVE-2007-3061 (Cactushop 6 and earlier stores sensitive information under the web ...)
-	TODO: check
+	NOT-FOR-US: Cactushop
 CVE-2007-3060 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 ...)
 	TODO: check
 CVE-2007-3059 (SendCard 3.3.0 allows remote attackers to obtain sensitive information ...)
-	TODO: check
+	NOT-FOR-US: SendCard
 CVE-2007-3058 (Multiple PHP remote file inclusion vulnerabilities in Madirish Webmail ...)
-	TODO: check
+	NOT-FOR-US: Madirish Webmail
 CVE-2007-3057 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: XOOPS
 CVE-2007-3056 (Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN ...)
 	TODO: check
 CVE-2007-3055 (Cross-site scripting (XSS) vulnerability in index.php in Codelib ...)
-	TODO: check
+	NOT-FOR-US: Codelib Linker
 CVE-2007-3054 (Cross-site scripting (XSS) vulnerability in search.php in Codelib ...)
-	TODO: check
+	NOT-FOR-US: Codelib Linker
 CVE-2007-3053 (Session fixation vulnerability in Calimero.CMS 3.3.1232 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Calimero
 CVE-2007-3052 (SQL injection vulnerability in index.php in the PNphpBB2 1.2i and ...)
-	TODO: check
+	NOT-FOR-US: PostNuke
 CVE-2007-3051 (SQL injection vulnerability in inc/class_users.php in RevokeSoft ...)
-	TODO: check
+	NOT-FOR-US: RevokeSoft RevokeBB
 CVE-2007-3050 (Session fixation vulnerability in chameleon cms 3.0 and earlier allows ...)
-	TODO: check
+	NOT-FOR-US: chameleon cms
 CVE-2007-3049 (Cross-site scripting (XSS) vulnerability in index.php in Buttercup web ...)
-	TODO: check
+	NOT-FOR-US: Buttercup BWFM
 CVE-2007-3048 (** DISPUTED ** ...)
 	- screen <not-affected> (not reproducible)
 CVE-2007-3047 (The Vonage VoIP Telephone Adapter has a default administrator username ...)
-	TODO: check
+	NOT-FOR-US: Vonage
 CVE-2007-3046 (Buffer overflow in Advanced Software Production Line Vortex Library ...)
-	TODO: check
+	NOT-FOR-US: Advanced Software Production Line Vortex Library
 CVE-2007-3045 (Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on ...)
-	TODO: check
+	NOT-FOR-US: Hitachi TP1
 CVE-2007-3044 (Unspecified vulnerability in the Map I/O Service (xpwmap) in Hitachi ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2007-3043 (Cross-site scripting (XSS) vulnerability in Collaboration - File ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Collaboration
 CVE-2007-3042 (Cross-site scripting (XSS) vulnerability in Meneame before 2 allows ...)
-	TODO: check
+	NOT-FOR-US: Meneame
 CVE-2007-3041
 	RESERVED
 CVE-2007-3040
@@ -467,7 +467,7 @@
 CVE-2007-3028
 	RESERVED
 CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-3026
 	RESERVED
 CVE-2007-3025 (Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before ...)
@@ -477,9 +477,9 @@
 CVE-2007-3023 (unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not ...)
 	- clamav 0.90.3-1
 CVE-2007-3022 (Symantec Reporting Server 1.0.197.0, and other versions before ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2007-3021 (Symantec Reporting Server 1.0.197.0, and other versions before ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2007-3020
 	RESERVED
 CVE-2007-3019
@@ -503,81 +503,81 @@
 CVE-2007-3010
 	RESERVED
 CVE-2007-3009 (Format string vulnerability in the MprLogToFile::logEvent function in ...)
-	TODO: check
+	NOT-FOR-US: Mbedthis AppWeb
 CVE-2007-3008 (Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has ...)
-	TODO: check
+	NOT-FOR-US: Mbedthis AppWeb
 CVE-2007-3007 (PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode ...)
 	- php5 5.2.3-1 (unimportant)
 CVE-2007-3006 (Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted ...)
-	TODO: check
+	NOT-FOR-US: Acoustica MP3 CD Burner
 CVE-2007-3005 (Unspecified vulnerability in the Sun Java Runtime Environment in JDK ...)
 	TODO: check
 CVE-2007-3004 (Buffer overflow in the image parsing implementation in the Sun Java ...)
 	TODO: check
 CVE-2007-3003 (Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier ...)
-	TODO: check
+	NOT-FOR-US: myBloggie
 CVE-2007-3002 (PHP JackKnife (PHPJK) allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOT-FOR-US: PHP JackKnife
 CVE-2007-3001 (Multiple cross-site scripting (XSS) vulnerabilities in PHP JackKnife ...)
-	TODO: check
+	NOT-FOR-US: PHP JackKnife
 CVE-2007-3000 (Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow ...)
-	TODO: check
+	NOT-FOR-US: PHP JackKnife
 CVE-2007-2999 (Microsoft Windows Server 2003, when time restrictions are in effect ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2007-2998 (The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS ...)
-	TODO: check
+	NOT-FOR-US: OpenVMS
 CVE-2007-2997 (Multiple SQL injection vulnerabilities in cgi-bin/reorder2.asp in ...)
-	TODO: check
+	NOT-FOR-US: SalesCart Shopping Cart
 CVE-2007-2996 (Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-2995 (Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-2994 (SQL injection vulnerability in news.php in DGNews 2.1 allows remote ...)
-	TODO: check
+	NOT-FOR-US: DGNews
 CVE-2007-2993 (Multiple cross-site scripting (XSS) vulnerabilities in OmegaMw7.asp in ...)
-	TODO: check
+	NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
 CVE-2007-2992 (Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA (aka ...)
-	TODO: check
+	NOT-FOR-US: OMEGA INterneSErvicesLosungen (INSEL)
 CVE-2007-2991 (Cross-site scripting (XSS) vulnerability in includes/send.inc.php in ...)
-	TODO: check
+	NOT-FOR-US: Evenzia CMS
 CVE-2007-2990 (Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris
 CVE-2007-2989 (The libike library in Sun Solaris 9 before 20070529 contains a logic ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris
 CVE-2007-2988 (A certain admin script in Inout Meta Search Engine sends a redirect to ...)
-	TODO: check
+	NOT-FOR-US: Inout Meta Search Engine
 CVE-2007-2987 (Multiple buffer overflows in certain ActiveX controls in sasatl.dll in ...)
-	TODO: check
+	NOT-FOR-US: Zenturi ProgramChecker
 CVE-2007-2986 (PHP remote file inclusion vulnerability in lib/live_status.lib.php in ...)
-	TODO: check
+	NOT-FOR-US: AdminBot
 CVE-2007-2985 (Pheap 2.0 allows remote attackers to bypass authentication by setting ...)
-	TODO: check
+	NOT-FOR-US: Pheap
 CVE-2007-2984 (Multiple stack-based buffer overflows in the Media Technology Group ...)
-	TODO: check
+	NOT-FOR-US: Media Technology Group CDPass
 CVE-2007-2982 (Multiple buffer overflows in the British Telecommunications Business ...)
-	TODO: check
+	NOT-FOR-US: British Telecommunications Business Connect
 CVE-2007-2981 (Buffer overflow in a certain ActiveX control in LEAD Technologies ...)
-	TODO: check
+	NOT-FOR-US: LeadTools
 CVE-2007-2980 (Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS ...)
-	TODO: check
+	NOT-FOR-US: LeadTools
 CVE-2007-2979 (Techno Dreams Web Directory / Search Engine 2.0 stores sensitive ...)
-	TODO: check
+	NOT-FOR-US: Techno Dreams Web Directory / Search Engine
 CVE-2007-2978 (Session fixation vulnerability in eggblog 3.1.0 and earlier allows ...)
-	TODO: check
+	NOT-FOR-US: eggblog
 CVE-2007-2977 (Buffer overflow in the receive function in submit/submitcommon.c in ...)
-	TODO: check
+	NOT-FOR-US: DOMjudge
 CVE-2007-2976 (Centrinity FirstClass 8.3 and earlier, and Server and Internet ...)
-	TODO: check
+	NOT-FOR-US: Centrinity
 CVE-2007-2975 (Unspecified vulnerability in the built-in admin console in Ignite ...)
-	TODO: check
+	NOT-FOR-US: Ignite Realtime
 CVE-2007-2974 (Buffer overflow in the file parsing engine in Avira Antivir Antivirus ...)
-	TODO: check
+	NOT-FOR-US: Avira Antivirus
 CVE-2007-2973 (Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Avira Antivirus
 CVE-2007-2972 (The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 ...)
-	TODO: check
+	NOT-FOR-US: Avira Antivirus
 CVE-2007-2971 (SQL injection vulnerability in getnewsitem.php in gCards 1.46 and ...)
-	TODO: check
+	NOT-FOR-US: gCards
 CVE-2007-2970 (Multiple cross-site scripting (XSS) vulnerabilities in cgi/block.cgi ...)
 	TODO: check
 CVE-2007-2969 (PHP remote file inclusion vulnerability in newsletter.php in ...)




More information about the Secure-testing-commits mailing list