[Secure-testing-commits] r6057 - data/CVE
micah at alioth.debian.org
micah at alioth.debian.org
Mon Jun 25 07:35:57 UTC 2007
Author: micah
Date: 2007-06-25 07:35:56 +0000 (Mon, 25 Jun 2007)
New Revision: 6057
Modified:
data/CVE/list
Log:
bunch of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-06-25 04:02:13 UTC (rev 6056)
+++ data/CVE/list 2007-06-25 07:35:56 UTC (rev 6057)
@@ -8,85 +8,85 @@
CVE-2007-3370 (Multiple PHP remote file inclusion vulnerabilities in Sun Board ...)
TODO: check
CVE-2007-3369 (Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with ...)
- TODO: check
+ NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone
CVE-2007-3368 (Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 ...)
- TODO: check
+ NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone
CVE-2007-3367 (Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2007-3366 (Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2007-3365 (MyServer 0.8.9 and earlier does not properly handle uppercase ...)
- TODO: check
+ NOT-FOR-US: MyServer
CVE-2007-3364 (Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi ...)
- TODO: check
+ NOT-FOR-US: MyServer
CVE-2007-3363 (Multiple unspecified vulnerabilities in ageet AGEphone before 1.6.3 ...)
- TODO: check
+ NOT-FOR-US: AGEphone
CVE-2007-3362 (ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC ...)
- TODO: check
+ NOT-FOR-US: AGEphone
CVE-2007-3361 (The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows ...)
- TODO: check
+ NOT-FOR-US: Nortel PC Client SIP Soft Phone
CVE-2007-3360 (hook.c in BitchX 1.1-final allows remote IRC servers to execute ...)
TODO: check
CVE-2007-3359 (Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and ...)
- TODO: check
+ NOT-FOR-US: SerWeb
CVE-2007-3358 (PHP remote file inclusion vulnerability in html/load_lang.php in ...)
- TODO: check
+ NOT-FOR-US: SerWeb
CVE-2007-3357 (NetClassifieds Premium Edition does not use encryption for (1) stored ...)
- TODO: check
+ NOT-FOR-US: NetClassifieds Premium Edition
CVE-2007-3356 (NetClassifieds Premium Edition allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: NetClassifieds Premium Edition
CVE-2007-3355 (Multiple cross-site scripting (XSS) vulnerabilities in NetClassifieds ...)
- TODO: check
+ NOT-FOR-US: NetClassifieds Premium Edition
CVE-2007-3354 (Multiple SQL injection vulnerabilities in NetClassifieds Premium ...)
- TODO: check
+ NOT-FOR-US: NetClassifieds Premium Edition
CVE-2007-3353 (** DISPUTED ** ...)
TODO: check
CVE-2007-3352 (Cross-site scripting (XSS) vulnerability in the preview form in ...)
- TODO: check
+ NOT-FOR-US: Stephen Ostermiller Contact Form
CVE-2007-3351 (The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim ...)
TODO: check
CVE-2007-3350 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote ...)
- TODO: check
+ NOT-FOR-US: AIM
CVE-2007-3349 (The Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version ...)
- TODO: check
+ NOT-FOR-US: Aastra 9112i SIP Phone
CVE-2007-3348 (The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: D-Link DPH-540/DPH-541 phone
CVE-2007-3347 (The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are ...)
- TODO: check
+ NOT-FOR-US: D-Link DPH-540/DPH-541 phone
CVE-2007-3346 (Directory traversal vulnerability in index.php in PHPAccounts 0.5 ...)
- TODO: check
+ NOT-FOR-US: PHPAccounts
CVE-2007-3345 (Multiple SQL injection vulnerabilities in index.php in PHPAccounts 0.5 ...)
- TODO: check
+ NOT-FOR-US: PHPAccounts
CVE-2007-3344 (Multiple cross-site scripting (XSS) vulnerabilities in netjukebox ...)
- TODO: check
+ NOT-FOR-US: netjukebox
CVE-2007-3343 (Cross-site scripting (XSS) vulnerability in RaidenHTTPD before 2.0.14 ...)
- TODO: check
+ NOT-FOR-US: RaidenHTTPD
CVE-2007-3342 (Multiple cross-site scripting (XSS) vulnerabilities in Movable Type ...)
TODO: check
CVE-2007-3341 (Unspecified vulnerability in the FTP implementation in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2007-3340 (HTTP SERVER 1.6.2 allows remote attackers to cause a denial of service ...)
TODO: check
CVE-2007-3339 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: ColdFusion
CVE-2007-3338 (Multiple buffer stack-based overflows in Ingres database server 2006 ...)
- TODO: check
+ NOT-FOR-US: Ingres
CVE-2007-3337 (wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used ...)
- TODO: check
+ NOT-FOR-US: Ingres
CVE-2007-3336 (Multiple "pointer overwrite" vulnerabilities in Ingres database server ...)
- TODO: check
+ NOT-FOR-US: Ingres
CVE-2007-3335 (Multiple SQL injection vulnerabilities in the admin panel in PHPEcho ...)
- TODO: check
+ NOT-FOR-US: PHPEcho CMS
CVE-2007-3334 (Multiple heap-based buffer overflows in the (1) Communications Server ...)
- TODO: check
+ NOT-FOR-US: Ingres
CVE-2007-3333
RESERVED
CVE-2007-3332 (Directory traversal vulnerability in Satellite.php in Satel Lite for ...)
TODO: check
CVE-2007-3331 (Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO ...)
- TODO: check
+ NOT-FOR-US: STphp EasyNews PRO
CVE-2007-3330 (Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0 ...)
- TODO: check
+ NOT-FOR-US: STphp EasyNews PRO
CVE-2007-3329 (Multiple array index errors in the (1) get_intra_block, (2) ...)
TODO: check
CVE-2007-3328 (Multiple cross-site scripting (XSS) vulnerabilities in Interact 2.4 ...)
@@ -94,13 +94,13 @@
CVE-2007-3327 (httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain ...)
TODO: check
CVE-2007-3326 (Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2007-3325 (PHP remote file inclusion vulnerability in lib/language.php in LAN ...)
TODO: check
CVE-2007-3324 (Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart ...)
- TODO: check
+ NOT-FOR-US: Comersus Cart
CVE-2007-3323 (SQL injection vulnerability in comersus_optReviewReadExec.asp in ...)
- TODO: check
+ NOT-FOR-US: Comersus Shop Cart
CVE-2006-7207 (Buffer overflow in ageet AGEphone before 1.4.0 might allow remote ...)
TODO: check
CVE-2006-7206 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
@@ -133,17 +133,17 @@
CVE-2007-3311 (SQL injection vulnerability in print.php in the Articles 1.02 and ...)
NOT-FOR-US: Articles
CVE-2007-3310 (Cross-site scripting (XSS) vulnerability in arama.asp in TDizin allows ...)
- TODO: check
+ NOT-FOR-US: TDizin
CVE-2007-3309 (Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.2 allows ...)
- TODO: check
+ NOT-FOR-US: Simple Machines Forum
CVE-2007-3308 (Simple Machines Forum (SMF) 1.1.2 uses a concatenation method with ...)
- TODO: check
+ NOT-FOR-US: Simple Machines Forum
CVE-2007-3307 (SQL injection vulnerability in game_listing.php in Solar Empire ...)
- TODO: check
+ NOT-FOR-US: Solar Empire
CVE-2007-3306 (PHP remote file inclusion vulnerability in crontab/run_billing.php in ...)
- TODO: check
+ NOT-FOR-US: MiniBill
CVE-2007-3305 (Heap-based buffer overflow in Cerulean Studios Trillian 3.x before ...)
- TODO: check
+ NOT-FOR-US: Cerulean Studios Trillian
CVE-2007-3304 (Apache httpd 1.3.37, and 2.0.59 and 2.2.4 with the Prefork MPM module, ...)
TODO: check
CVE-2007-3303 (Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows ...)
@@ -151,15 +151,15 @@
CVE-2007-3302
RESERVED
CVE-2007-3301 (SQL injection vulnerability in forum/include/error/autherror.cfm in ...)
- TODO: check
+ NOT-FOR-US: FuseTalk
CVE-2007-3300 (Multiple F-Secure anti-virus products for Microsoft Windows and Linux ...)
TODO: check
CVE-2007-3299 (Cross-site scripting (XSS) vulnerability in AWFFull before 3.7.4, when ...)
TODO: check
CVE-2007-3298 (SQL injection vulnerability in Spey before 0.4.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: Spey
CVE-2007-3297 (Multiple PHP remote file inclusion vulnerabilities in Musoo 0.21 allow ...)
- TODO: check
+ NOT-FOR-US: Musoo
CVE-2007-3296 (The ThunderServer.webThunder.1 ActiveX control in xunlei Web ...)
TODO: check
CVE-2007-3295 (Directory traversal vulnerability in Yet another Bulletin Board (YaBB) ...)
More information about the Secure-testing-commits
mailing list