[Secure-testing-commits] r5513 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Mar 5 22:14:18 CET 2007
Author: joeyh
Date: 2007-03-05 21:14:14 +0000 (Mon, 05 Mar 2007)
New Revision: 5513
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-03-05 20:30:07 UTC (rev 5512)
+++ data/CVE/list 2007-03-05 21:14:14 UTC (rev 5513)
@@ -1,4 +1,266 @@
-CVE-2007-1218 [tcpdump 802.11 off-by-one]
+CVE-2007-1273
+ RESERVED
+CVE-2007-1272
+ RESERVED
+CVE-2007-1271
+ RESERVED
+CVE-2007-1270
+ RESERVED
+CVE-2007-1269
+ RESERVED
+CVE-2007-1268
+ RESERVED
+CVE-2007-1267
+ RESERVED
+CVE-2007-1266
+ RESERVED
+CVE-2007-1265
+ RESERVED
+CVE-2007-1264
+ RESERVED
+CVE-2007-1263
+ RESERVED
+CVE-2007-1262
+ RESERVED
+CVE-2007-1261 (Unspecified vulnerability in the reports system in OpenBiblio before ...)
+ TODO: check
+CVE-2007-1260 (Stack-based buffer overflow in the connectHandle function in ...)
+ TODO: check
+CVE-2007-1259 (Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have ...)
+ TODO: check
+CVE-2007-1258 (Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and ...)
+ TODO: check
+CVE-2007-1257 (The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, ...)
+ TODO: check
+CVE-2007-1256 (Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address ...)
+ TODO: check
+CVE-2007-1255 (Unrestricted file upload vulnerability in admin.bbcode.php in ...)
+ TODO: check
+CVE-2007-1254 (SQL injection vulnerability in part.userprofile.php in Connectix ...)
+ TODO: check
+CVE-2007-1253 (Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script ...)
+ TODO: check
+CVE-2007-1252 (Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch ...)
+ TODO: check
+CVE-2007-1251 (Format string vulnerability in the new_warning function in ...)
+ TODO: check
+CVE-2007-1250 (SQL injection vulnerability in section/default.asp in ANGEL Learning ...)
+ TODO: check
+CVE-2007-1249 (MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 ...)
+ TODO: check
+CVE-2007-1248 (Multiple cross-site scripting (XSS) vulnerabilities in built2go News ...)
+ TODO: check
+CVE-2007-1247 (Multiple PHP remote file inclusion vulnerabilities in aWeb Labs ...)
+ TODO: check
+CVE-2007-1246 (The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in ...)
+ TODO: check
+CVE-2007-1245 (IrfanView 3.99 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CVE-2007-1244 (Cross-site request forgery (CSRF) vulnerability in the AdminPanel in ...)
+ TODO: check
+CVE-2007-1243 (Audins Audiens 3.3 allows remote attackers to bypass authentication ...)
+ TODO: check
+CVE-2007-1242 (SQL injection vulnerability in system/index.php in Audins Audiens 3.3 ...)
+ TODO: check
+CVE-2007-1241 (Cross-site scripting (XSS) vulnerability in setup.php in Audins ...)
+ TODO: check
+CVE-2007-1240 (Multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS ...)
+ TODO: check
+CVE-2007-1239 (Microsoft Excel 2003 does not properly parse .XLS files, which allows ...)
+ TODO: check
+CVE-2007-1238 (Microsoft Office 2003 allows user-assisted remote attackers to cause a ...)
+ TODO: check
+CVE-2007-1237 (sitex allows remote attackers to obtain potentially sensitive ...)
+ TODO: check
+CVE-2007-1236 (sitex allows remote attackers to obtain sensitive information via a ...)
+ TODO: check
+CVE-2007-1235 (Unrestricted file upload vulnerability in sitex allows remote ...)
+ TODO: check
+CVE-2007-1234 (Multiple cross-site scripting (XSS) vulnerabilities in sitex allow ...)
+ TODO: check
+CVE-2007-1233 (PHP remote file inclusion vulnerability in downloadcounter.php in ...)
+ TODO: check
+CVE-2007-1232 (Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote ...)
+ TODO: check
+CVE-2007-1231 (Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager ...)
+ TODO: check
+CVE-2007-1230 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2007-1229 (Cross-site scripting (XSS) vulnerability in the Nullsoft ...)
+ TODO: check
+CVE-2007-1228 (IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix ...)
+ TODO: check
+CVE-2007-1227 (VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 ...)
+ TODO: check
+CVE-2007-1226 (McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak ...)
+ TODO: check
+CVE-2007-1225 (The connection log file implementation in Grok Developments NetProxy ...)
+ TODO: check
+CVE-2007-1224 (Grok Developments NetProxy 4.03 allows remote attackers to bypass URL ...)
+ TODO: check
+CVE-2007-1223 (Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows ...)
+ TODO: check
+CVE-2007-1222 (Parallels Desktop for Mac before 20070216 implements Drag and Drop by ...)
+ TODO: check
+CVE-2007-1221 (The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows ...)
+ TODO: check
+CVE-2007-1220 (The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 does not ...)
+ TODO: check
+CVE-2007-1219 (PHP remote file inclusion vulnerability in actions/del.php in Admin ...)
+ TODO: check
+CVE-2007-1217 (Buffer overflow in the bufprint function in capiutil.c in libcapi, as ...)
+ TODO: check
+CVE-2007-1216
+ RESERVED
+CVE-2007-1215
+ RESERVED
+CVE-2007-1214
+ RESERVED
+CVE-2007-1213
+ RESERVED
+CVE-2007-1212
+ RESERVED
+CVE-2007-1211
+ RESERVED
+CVE-2007-1210
+ RESERVED
+CVE-2007-1209
+ RESERVED
+CVE-2007-1208
+ RESERVED
+CVE-2007-1207
+ RESERVED
+CVE-2007-1206
+ RESERVED
+CVE-2007-1205
+ RESERVED
+CVE-2007-1204
+ RESERVED
+CVE-2007-1203
+ RESERVED
+CVE-2007-1202
+ RESERVED
+CVE-2007-1201
+ RESERVED
+CVE-2007-1200
+ RESERVED
+CVE-2007-1199 (Adobe Reader and Acrobat Trial allow remote attackers to read ...)
+ TODO: check
+CVE-2007-1198 (Cross-site scripting (XSS) vulnerability in TaskFreak! before 0.5.7 ...)
+ TODO: check
+CVE-2007-1197 (Multiple unspecified vulnerabilities in Epiware before 4.7.5 have ...)
+ TODO: check
+CVE-2007-1196 (Unspecified vulnerability in Citrix Presentation Server Client for ...)
+ TODO: check
+CVE-2007-1195 (Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow ...)
+ TODO: check
+CVE-2007-1194 (Norman SandBox Analyzer does not use the proper range for Interrupt ...)
+ TODO: check
+CVE-2007-1193 (Multiple unspecified vulnerabilities in the Login page in OrangeHRM ...)
+ TODO: check
+CVE-2007-1192 (Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive ...)
+ TODO: check
+CVE-2007-1191 (The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes ...)
+ TODO: check
+CVE-2007-1190 (Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX ...)
+ TODO: check
+CVE-2007-1189 (Integer overflow in the envwrite function in the Alcatel-Lucent Bell ...)
+ TODO: check
+CVE-2007-1188 (WebAPP before 0.9.9.5 allows remote attackers to submit Search form ...)
+ TODO: check
+CVE-2007-1187 (WebAPP before 0.9.9.5 allows remote authenticated users, without admin ...)
+ TODO: check
+CVE-2007-1186 (WebAPP before 0.9.9.5 does not "censor" the Latest Member real name, ...)
+ TODO: check
+CVE-2007-1185 (The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval ...)
+ TODO: check
+CVE-2007-1184 (The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA ...)
+ TODO: check
+CVE-2007-1183 (WebAPP before 0.9.9.5 allows remote authenticated users to spoof ...)
+ TODO: check
+CVE-2007-1182 (WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest ...)
+ TODO: check
+CVE-2007-1181 (WebAPP before 0.9.9.5 passes (1) Unused Informations and (2) the ...)
+ TODO: check
+CVE-2007-1180 (WebAPP before 0.9.9.5 does not check referrers in certain forms, which ...)
+ TODO: check
+CVE-2007-1179 (WebAPP before 0.9.9.5 does not properly manage e-mail addresses in ...)
+ TODO: check
+CVE-2007-1178 (WebAPP before 0.9.9.5 does not check access in certain contexts ...)
+ TODO: check
+CVE-2007-1177 (WebAPP before 0.9.9.5 does not properly filter certain characters in ...)
+ TODO: check
+CVE-2007-1176 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before ...)
+ TODO: check
+CVE-2007-1175 (Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP ...)
+ TODO: check
+CVE-2007-1174 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before ...)
+ TODO: check
+CVE-2007-1173
+ RESERVED
+CVE-2007-1172 (SQL injection vulnerability in nukesentinel.php in NukeSentinel ...)
+ TODO: check
+CVE-2007-1171 (SQL injection vulnerability in includes/nsbypass.php in NukeSentinel ...)
+ TODO: check
+CVE-2007-1170 (SimBin GTR - FIA GT Racing Game 1.5.0.0 and earlier, GT Legends ...)
+ TODO: check
+CVE-2007-1169 (The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, ...)
+ TODO: check
+CVE-2007-1168 (Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before ...)
+ TODO: check
+CVE-2007-1167 (inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and ...)
+ TODO: check
+CVE-2007-1166 (SQL injection vulnerability in result.php in Nabopoll 1.2 allows ...)
+ TODO: check
+CVE-2007-1165 (Multiple PHP remote file inclusion vulnerabilities in DBGuestbook 1.1 ...)
+ TODO: check
+CVE-2007-1164 (Multiple PHP remote file inclusion vulnerabilities in DBImageGallery ...)
+ TODO: check
+CVE-2007-1163 (SQL injection vulnerability in printview.php in webSPELL 4.01.02 and ...)
+ TODO: check
+CVE-2007-1162 (A certain ActiveX control in the Common Controls Replacement Project ...)
+ TODO: check
+CVE-2007-1161 (Cross-site scripting (XSS) vulnerability in call_entry.php in Call ...)
+ TODO: check
+CVE-2006-7108 (login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when ...)
+ TODO: check
+CVE-2006-7107 (PHP remote file inclusion vulnerability in upgrade.php in Coalescent ...)
+ TODO: check
+CVE-2006-7106 (PHP remote file inclusion vulnerability in config.inc.php3 in Power ...)
+ TODO: check
+CVE-2006-7105 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-7104 (PHP remote file inclusion vulnerability in htmltemplate.php in the ...)
+ TODO: check
+CVE-2006-7103 (Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 ...)
+ TODO: check
+CVE-2006-7102 (Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal ...)
+ TODO: check
+CVE-2006-7101 (SQL injection vulnerability in admin.php in PHPWind 5.0.1 and earlier ...)
+ TODO: check
+CVE-2006-7100 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2006-7099 (Directory traversal vulnerability in index.php in SolarPay allows ...)
+ TODO: check
+CVE-2006-7098 (The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server ...)
+ TODO: check
+CVE-2006-7097 (Multiple unspecified vulnerabilities in TaskFreak! before 0.1.4 have ...)
+ TODO: check
+CVE-2006-7096 (Buffer overflow in the network_host_handle_join function in host.c in ...)
+ TODO: check
+CVE-2006-7095 (Integer signedness error in the network_receive_packet function in ...)
+ TODO: check
+CVE-2006-7094 (ftpd, as used by Gentoo and Debian Linux, sets the gid to the ...)
+ TODO: check
+CVE-2005-4832 (SQL injection vulnerability in the Oracle Database Server 10g allows ...)
+ TODO: check
+CVE-2005-4831 (viewcvs in ViewCVS 0.9.2 allows remote attackers to set the ...)
+ TODO: check
+CVE-2005-4830 (CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote ...)
+ TODO: check
+CVE-2004-2680 (mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly ...)
+ TODO: check
+CVE-2007-1218 (Off-by-one buffer overflow in the parse_elements function in the ...)
- tcpdump 3.9.5-2 (bug #413430; medium)
CVE-2007-XXXX [puttygen can create world-readable private keys]
- putty <unfixed> (bug #400804; low)
@@ -129,7 +391,7 @@
NOT-FOR-US: Photostand
CVE-2007-1101 (Multiple cross-site scripting (XSS) vulnerabilities in Photostand ...)
NOT-FOR-US: Photostand
-CVE-2007-1100 (Directory traversal vulnerability in download.php in Pickle allows ...)
+CVE-2007-1100 (Directory traversal vulnerability in download.php in Ahmet Sacan ...)
NOT-FOR-US: Pickle
CVE-2007-1099 (dbclient in Dropbear SSH client before 0.49 does not sufficiently warn ...)
- dropbear 0.49-1 (unimportant; bug #412899)
@@ -137,7 +399,7 @@
[etch] - dropbear 0.48.1-2
CVE-2007-1098 (Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have ...)
NOT-FOR-US: ScryMUD
-CVE-2007-1097 (Unspecified vulnerability in the upload tool in Wiclear before 0.11.1 ...)
+CVE-2007-1097 (Unrestricted file upload vulnerability in the onAttachFiles function ...)
NOT-FOR-US: Wiclear
CVE-2007-1096 (Cross-site scripting (XSS) vulnerability in ps_cart.php in VirtueMart ...)
NOT-FOR-US: VirtueMart
@@ -500,8 +762,8 @@
- gnomemeeting <removed> (high)
CVE-2007-1006 (Multiple format string vulnerabilities in the ...)
- ekiga 2.0.3-2.1 (bug #411944; high)
-CVE-2007-1005
- RESERVED
+CVE-2007-1005 (Heap-based buffer overflow in SW3eng.exe in the eID Engine service in ...)
+ TODO: check
CVE-2007-1004 (Mozilla Firefox mmight allow remote attackers to condut spoofing and ...)
- iceweasel <unfixed> (low)
CVE-2007-1003
@@ -1173,8 +1435,8 @@
[sarge] - mozilla-firefox <unfixed> (high)
[sarge] - mozilla-thunderbird <unfixed> (low)
[sarge] - mozilla <unfixed> (high)
-CVE-2007-0774
- RESERVED
+CVE-2007-0774 (Stack-based buffer overflow in the map_uri_to_worker function ...)
+ TODO: check
CVE-2007-0773
RESERVED
CVE-2007-0772 (The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows ...)
@@ -4743,7 +5005,7 @@
- tdiary 2.0.2+20060303-4.1 (bug #400447; bug #400650)
CVE-2006-6173 (Buffer overflow in the shared_region_make_private_np function in ...)
NOT-FOR-US: Mac OS X
-CVE-2006-6172 (Buffer overflow in the asmrp_eval function for Real Media input plugin ...)
+CVE-2006-6172 (Buffer overflow in the asmrp_eval function in the RealMedia RTSP ...)
{DSA-1244-1}
- xine-lib 1.1.2+dfsg-2 (medium; bug #401740)
- mplayer 1.0~rc1-11 (medium)
@@ -9841,8 +10103,8 @@
RESERVED
CVE-2006-3893 (Multiple buffer overflows in the ActiveX controls in Newtone ImageKit ...)
NOT-FOR-US: Newtone ImageKit
-CVE-2006-3892
- RESERVED
+CVE-2006-3892 (The Management Console server in EMC NetWorker (formerly Legato ...)
+ TODO: check
CVE-2006-3891
RESERVED
CVE-2006-3890 (Stack-based buffer overflow in the Sky Software FileView ActiveX ...)
@@ -28923,8 +29185,8 @@
NOT-FOR-US: Cookie Cart
CVE-2005-1731
RESERVED
-CVE-2005-1730
- RESERVED
+CVE-2005-1730 (Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in ...)
+ TODO: check
CVE-2005-1729 (Novell eDirectory 8.7.3 allows remote attackers to cause a denial of ...)
NOT-FOR-US: Novell
CVE-2005-1728 (MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs ...)
More information about the Secure-testing-commits
mailing list