[Secure-testing-commits] r5869 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Thu May 17 18:44:26 UTC 2007
Author: fw
Date: 2007-05-17 18:44:24 +0000 (Thu, 17 May 2007)
New Revision: 5869
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-17 18:03:37 UTC (rev 5868)
+++ data/CVE/list 2007-05-17 18:44:24 UTC (rev 5869)
@@ -1,31 +1,31 @@
CVE-2007-2715 (Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Snaps! Gallery
CVE-2007-2714 (Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet ...)
- TODO: check
+ NOT-FOR-US: Akismet
CVE-2007-2713 (ifdate 2.x sends a redirect to the web browser but does not exit when ...)
- TODO: check
+ NOT-FOR-US: iFdate
CVE-2007-2712 (Unspecified vulnerability in MH Software Connect Daily before 3.3.3 ...)
- TODO: check
+ NOT-FOR-US: MH Software Connect Daily Web Calendar
CVE-2007-2711 (Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: TinyIdentD
CVE-2007-2710 (PHP remote file inclusion vulnerability in functions/prepend_adm.php ...)
- TODO: check
+ NOT-FOR-US: NagiosQL
CVE-2007-2709 (PHP remote file inclusion vulnerability in functions/prepend_adm.php ...)
- TODO: check
+ NOT-FOR-US: NagiosQL
CVE-2007-2708 (PHP remote file inclusion vulnerability in newsadmin.php in Feindt ...)
- TODO: check
+ NOT-FOR-US: News-Script
CVE-2007-2707 (PHP remote file inclusion vulnerability in linksnet_linkslog_rss.php ...)
- TODO: check
+ NOT-FOR-US: Linksnet Newsfeed
CVE-2007-2706 (PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media ...)
- TODO: check
+ NOT-FOR-US: Geeklog
CVE-2007-2705 (Directory traversal vulnerability in the Test View Console in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic Integration
CVE-2007-2704 (BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic Server
CVE-2007-2703 (BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic Portal
CVE-2007-2702 (Cross-site scripting (XSS) vulnerability in the GroupSpace application ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic Portal
CVE-2007-2701 (The JMS Message Bridge in BEA WebLogic Server 7.0 through SP7 and 8.1 ...)
NOT-FOR-US: BEA WebLogic
CVE-2007-2700 (The WLST script generated by the configToScript command in BEA ...)
@@ -57,11 +57,11 @@
[sarge] - mysql-dfsg-4.1 <unfixed> (bug #424830)
[sarge] - mysql-dfsg <not-affected>
CVE-2007-2690 (Multiple IBM ISS Proventia Series products, including the A, G, and M ...)
- TODO: check
+ NOT-FOR-US: ISS
CVE-2007-2689 (Check Point Web Intelligence does not properly handle certain ...)
- TODO: check
+ NOT-FOR-US: Check Point
CVE-2007-2688 (The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-2687
RESERVED
CVE-2007-2686
@@ -77,91 +77,91 @@
CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in b2evolution ...)
TODO: check
CVE-2007-2680 (Cross-site scripting (XSS) vulnerability in the management interface ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2007-2679 (PHP file inclusion vulnerability in index.php in Ivan Peevski gallery ...)
TODO: check
CVE-2007-2678 (Buffer overflow in the isChecked function in toolbar.dll in Netsprint ...)
- TODO: check
+ NOT-FOR-US: Netsprint
CVE-2007-2677 (Multiple PHP remote file inclusion vulnerabilities in phpChess ...)
- TODO: check
+ NOT-FOR-US: phpChess
CVE-2007-2676 (PHP remote file inclusion vulnerability in skins/header.php in Open ...)
- TODO: check
+ NOT-FOR-US: Open Translation Engine
CVE-2007-2675 (SQL injection vulnerability in search.php in Pre Classifieds Listings ...)
- TODO: check
+ NOT-FOR-US: Pre Classifieds Listings
CVE-2007-2674 (SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 ...)
TODO: check
CVE-2007-2673 (SQL injection vulnerability in censura.php in Censura 1.15.04 allows ...)
- TODO: check
+ NOT-FOR-US: Censura
CVE-2007-2672 (SQL injection vulnerability in index.php in PHP Coupon Script 3.0 ...)
- TODO: check
+ NOT-FOR-US: PHP Coupon Script
CVE-2007-2671 (Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of ...)
TODO: check
CVE-2007-2670 (PHPChain 1.0 and earlier allows remote attackers to obtain the ...)
- TODO: check
+ NOT-FOR-US: PHPChain
CVE-2007-2669 (Multiple cross-site scripting (XSS) vulnerabilities in PHPChain 1.0 ...)
- TODO: check
+ NOT-FOR-US: PHPChain
CVE-2007-2668 (Buffer overflow in webdesproxy 0.0.1 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: webdesproxy
CVE-2007-2667 (Buffer overflow in the DB Software Laboratory VImpX ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: VImpX
CVE-2007-2666 (Stack-based buffer overflow in SciLexer.dll in notepad++ 4.1.1 and ...)
- TODO: check
+ NOT-FOR-US: notepad++
CVE-2007-2665 (PHP remote file inclusion vulnerability in block.php in PhpFirstPost ...)
- TODO: check
+ NOT-FOR-US: PhpFirstPost
CVE-2007-2664 (PHP remote file inclusion vulnerability in includes/common.php in Yaap ...)
- TODO: check
+ NOT-FOR-US: Yaap
CVE-2007-2663 (PHP remote file inclusion vulnerability in language/1/splash.lang.php ...)
- TODO: check
+ NOT-FOR-US: Beacon
CVE-2007-2662 (SQL injection vulnerability in EfesTECH Haber 5.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: EfesTECH
CVE-2007-2661 (SQL injection vulnerability in archshow.asp in BlogMe 3.0 allows ...)
- TODO: check
+ NOT-FOR-US: BlogMe
CVE-2007-2660 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: PhpConcept
CVE-2007-2659 (Directory traversal vulnerability in index.php in PHP Advanced ...)
- TODO: check
+ NOT-FOR-US: PHP Advanced Transfer Manager (phpATM)
CVE-2007-2658 (Unspecified vulnerability in the ID Automation Linear Barcode 1.6.0.5 ...)
- TODO: check
+ NOT-FOR-US: ID Automation
CVE-2007-2657 (Unspecified vulnerability in the PrecisionID Barcode 1.3 ActiveX ...)
- TODO: check
+ NOT-FOR-US: PrecisionID
CVE-2007-2656 (Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2007-2655 (Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before ...)
- TODO: check
+ NOT-FOR-US: NetWin
CVE-2007-2654 (xfs_fsr in xfsdump creates a temporary directory with insecure ...)
TODO: check
CVE-2007-2653 (Unspecified vulnerability in Vim (Vi IMproved) before 7.1 has ...)
TODO: check
CVE-2007-2652 (Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow ...)
- TODO: check
+ NOT-FOR-US: Free-SA
CVE-2007-2651 (Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow ...)
- TODO: check
+ NOT-FOR-US: VooDoo cIRCle
CVE-2007-2650 (The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to ...)
TODO: check
CVE-2007-2649 (Deutsche Telekom (T-com) Speedport W 700v uses JavaScript delays for ...)
TODO: check
CVE-2007-2648 (Stack-based buffer overflow in the Clever Database Comparer 2.2 ...)
- TODO: check
+ NOT-FOR-US: Clever Database Comparer
CVE-2007-2647 (Static code injection vulnerability in admin/admin_configuration.php ...)
- TODO: check
+ NOT-FOR-US: MonAlbum
CVE-2007-2646 (Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted ...)
- TODO: check
+ NOT-FOR-US: yEnc32
CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in ...)
- libexif <unfixed> (bug #424775)
CVE-2007-2644 (A certain ActiveX control in Morovia Barcode ActiveX Professional ...)
- TODO: check
+ NOT-FOR-US: Morovia
CVE-2007-2643 (Directory traversal vulnerability in phpThumb.php in PinkCrow Designs ...)
- TODO: check
+ NOT-FOR-US: maGAZIn
CVE-2007-2642 (Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 ...)
- TODO: check
+ NOT-FOR-US: R2K Gallery
CVE-2007-2641 (SQL injection vulnerability in W1L3D4_bolum.asp in W1L3D4 Philboard ...)
- TODO: check
+ NOT-FOR-US: W1L3D4
CVE-2007-2640 (LibTMCG before 1.1.1 does not perform a range check to avoid "trivial ...)
- TODO: check
+ NOT-FOR-US: LibTMCG
CVE-2007-2639 (Directory traversal vulnerability in TFTPdWin 0.4.2 allows remote ...)
- TODO: check
+ NOT-FOR-US: TFTPDWIN
CVE-2007-2638 (eFileCabinet 3.3 allows remote attackers to bypass authentication and ...)
- TODO: check
+ NOT-FOR-US: eFileCabinet
CVE-2007-2637 (MoinMoin before 20070507 does not properly enforce ACLs for calendars ...)
TODO: check
CVE-2007-2636 (Unspecified vulnerability in phpTodo before 0.8.1 allows remote ...)
More information about the Secure-testing-commits
mailing list