[Secure-testing-commits] r5871 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Thu May 17 19:10:44 UTC 2007
Author: fw
Date: 2007-05-17 19:10:43 +0000 (Thu, 17 May 2007)
New Revision: 5871
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-05-17 18:50:38 UTC (rev 5870)
+++ data/CVE/list 2007-05-17 19:10:43 UTC (rev 5871)
@@ -165,99 +165,99 @@
CVE-2007-2637 (MoinMoin before 20070507 does not properly enforce ACLs for calendars ...)
TODO: check
CVE-2007-2636 (Unspecified vulnerability in phpTodo before 0.8.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: phpTodo
CVE-2007-2635 (Unspecified vulnerability in Interchange before 5.4.2 allows remote ...)
- interchange 5.4.2-1 (low)
CVE-2007-2634 (PHP remote file inclusion vulnerability in common/errormsg.php in ...)
- TODO: check
+ NOT-FOR-US: aForum
CVE-2007-2633 (Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows ...)
- TODO: check
+ NOT-FOR-US: H-Sphere
CVE-2007-2632 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Multi User ...)
- TODO: check
+ NOT-FOR-US: phpMUR
CVE-2007-2631 (Cross-site request forgery (CSRF) vulnerability in SquirrelMail ...)
TODO: check
CVE-2007-2630 (Incomplete blacklist vulnerability in ...)
- TODO: check
+ NOT-FOR-US: ActiveCampaign products
CVE-2007-2629 (Bradford CampusManager Network Control Application Server 3.1(6) ...)
- TODO: check
+ NOT-FOR-US: Bradford
CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php in ...)
- TODO: check
+ NOT-FOR-US: PHPSecurityAdmin
CVE-2007-2627 (Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, ...)
TODO: check
CVE-2007-2626 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: SchoolBoard
CVE-2007-2625 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: All In One Control Panel (AIOCP)
CVE-2007-2624 (Dynamic variable evaluation vulnerability in ...)
- TODO: check
+ NOT-FOR-US: All In One Control Panel (AIOCP)
CVE-2007-2623 (Multiple buffer overflows in RControl.dll in Remote Display Dev kit ...)
- TODO: check
+ NOT-FOR-US: Remote Display Dev kit
CVE-2007-2622 (Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier ...)
- TODO: check
+ NOT-FOR-US: TaskDriver
CVE-2007-2621 (SQL injection vulnerability in event_view.php in Thyme Calendar 1.3 ...)
- TODO: check
+ NOT-FOR-US: Thyme Calendar
CVE-2007-2620 (PHP remote file inclusion vulnerability in inc/config.inc.php in Jakub ...)
- TODO: check
+ NOT-FOR-US: Jakub Steiner (aka jimmac) original
CVE-2007-2619 (Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login ...)
- TODO: check
+ NOT-FOR-US: Symantec pcAnywhere
CVE-2007-2618 (CRLF injection vulnerability in index.php in Drake CMS 0.4.0 allows ...)
- TODO: check
+ NOT-FOR-US: Drake CMS
CVE-2007-2617 (srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core ...)
TODO: check
CVE-2007-2616 (Stack-based buffer overflow in the SSL version of the NMDMC.EXE ...)
- TODO: check
+ NOT-FOR-US: Novell NetMail
CVE-2007-2615 (Multiple PHP remote file inclusion vulnerabilities in Crie seu ...)
- TODO: check
+ NOT-FOR-US: PHPLojaFacil
CVE-2007-2614 (PHP remote file inclusion vulnerability in examples/widget8.php in ...)
- TODO: check
+ NOT-FOR-US: phpHtmlLib
CVE-2007-2613 (WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a shared ...)
- TODO: check
+ NOT-FOR-US: WikkaWiki
CVE-2007-2612 (SQL injection vulnerability in libs/Wakka.class.php in WikkaWiki ...)
- TODO: check
+ NOT-FOR-US: WikkaWiki
CVE-2007-2611 (Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 ...)
- TODO: check
+ NOT-FOR-US: CGX
CVE-2007-2610 (Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and ...)
- TODO: check
+ NOT-FOR-US: OpenLD
CVE-2007-2609 (Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 ...)
TODO: check
CVE-2007-2608 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Miplex2
CVE-2007-2607 (PHP remote file inclusion vulnerability in views/print/printbar.php in ...)
- TODO: check
+ NOT-FOR-US: LaVague
CVE-2007-2606 (Multiple buffer overflows in Firebird 2.1 allow attackers to trigger ...)
TODO: check
CVE-2007-2605 (Unspecified vulnerability in the GetPropertyById function in ...)
- TODO: check
+ NOT-FOR-US: Brujula Toolbar
CVE-2007-2604 (Unspecified vulnerability in the FlexLabel ActiveX control allows ...)
- TODO: check
+ NOT-FOR-US: FlexLabel
CVE-2007-2603 (Unspecified vulnerability in the Init function in the Audio CD Ripper ...)
- TODO: check
+ NOT-FOR-US: Audio CD Ripper
CVE-2007-2602 (Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows ...)
- TODO: check
+ NOT-FOR-US: Ipswitch WhatsUp
CVE-2007-2601 (Buffer overflow in a certain ActiveX control in the GDivX Zenith ...)
- TODO: check
+ NOT-FOR-US: GDivX Zenith Player
CVE-2007-2600 (Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS ...)
- TODO: check
+ NOT-FOR-US: TutorialCMS
CVE-2007-2599 (Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop ...)
- TODO: check
+ NOT-FOR-US: TutorialCMS
CVE-2007-2598 (SQL injection vulnerability in print.php in SimpleNews 1.0.0 FINAL ...)
- TODO: check
+ NOT-FOR-US: PHP SimpleNEWS
CVE-2007-2597 (Multiple PHP remote file inclusion vulnerabilities in telltarget CMS ...)
- TODO: check
+ NOT-FOR-US: telltarget CMS
CVE-2007-2596 (PHP remote file inclusion vulnerability in common/func.php in aForum ...)
- TODO: check
+ NOT-FOR-US: aForum
CVE-2007-2595 (RSAuction 2.73.1.3 allows remote authenticated users to move their own ...)
- TODO: check
+ NOT-FOR-US: RSAuction
CVE-2007-2594 (PHP remote file inclusion vulnerability in inc/articles.inc.php in ...)
- TODO: check
+ NOT-FOR-US: phpMyPortal
CVE-2007-2593 (The Terminal Server in Microsoft Windows 2003 Server, when using TLS, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2007-2592 (Multiple cross-site scripting (XSS) vulnerabilities in Nokia ...)
- TODO: check
+ NOT-FOR-US: Nokia
CVE-2007-2591 (usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, ...)
- TODO: check
+ NOT-FOR-US: Nokia
CVE-2007-2590 (Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, ...)
- TODO: check
+ NOT-FOR-US: Nokia
CVE-2007-2589 (Cross-site request forgery (CSRF) vulnerability in compose.php in ...)
TODO: check
CVE-2003-1327 (Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and ...)
@@ -400,9 +400,9 @@
CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS (Open ...)
- otrs2 <unfixed> (bug #423524)
CVE-2007-2523 (CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before ...)
- TODO: check
+ NOT-FOR-US: CA Anti-Virus
CVE-2007-2522 (Stack-based buffer overflow in the inoweb Console Server in CA ...)
- TODO: check
+ NOT-FOR-US: CA Anti-Virus
CVE-2007-2521 (PHP remote file inclusion vulnerability in common.php in E-GADS! 2.2.6 ...)
NOT-FOR-US: E-GADS!
CVE-2007-2520
@@ -1771,11 +1771,11 @@
CVE-2007-1904 (Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 ...)
NOT-FOR-US: AOL Instant Messenger
CVE-2007-1903 (Cross-site scripting (XSS) vulnerability in search.php in SonicBB 1.0 ...)
- TODO: check
+ NOT-FOR-US: SonicBB
CVE-2007-1902 (Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote ...)
- TODO: check
+ NOT-FOR-US: SonicBB
CVE-2007-1901 (SonicBB 1.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: SonicBB
CVE-2007-1900 (CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ...)
{DSA-1283-1}
- php5 5.2.0-11 (low)
@@ -4946,7 +4946,7 @@
CVE-2007-0755
RESERVED
CVE-2007-0754 (Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows ...)
- TODO: check
+ NOT-FOR-US: Apple QuickTime
CVE-2007-0753
RESERVED
CVE-2007-0752
@@ -4956,9 +4956,9 @@
CVE-2007-0750
RESERVED
CVE-2007-0749 (Multiple stack-based buffer overflows in the is_command function in ...)
- TODO: check
+ NOT-FOR-US: Apple Darwin Streaming Server
CVE-2007-0748 (Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using ...)
- TODO: check
+ NOT-FOR-US: Apple Darwin Streaming Server
CVE-2007-0747 (load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly ...)
NOT-FOR-US: Apple Mac OS X
CVE-2007-0746 (Heap-based buffer overflow in the VideoConference framework in Apple ...)
@@ -5078,7 +5078,7 @@
CVE-2007-0690
RESERVED
CVE-2007-0689 (MyBB 1.2.4 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: MyBB (aka MyBulletinBoard)
CVE-2006-6968 (Cross-site scripting (XSS) vulnerability in the group moderation ...)
NOT-FOR-US: Phorum
CVE-2006-6967 (Check Point FireWall-1 allows remote attackers to obtain certificate ...)
@@ -14586,7 +14586,7 @@
CVE-2006-3457 (Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and the ...)
NOT-FOR-US: Symantec
CVE-2006-3456 (The Symantec NAVOPTS.DLL ActiveX control (aka ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2006-3455 (The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate ...)
NOT-FOR-US: Symantec
CVE-2006-3454 (Multiple format string vulnerabilities in Symantec AntiVirus Corporate ...)
More information about the Secure-testing-commits
mailing list