[Secure-testing-commits] r7296 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Tue Nov 13 21:14:12 UTC 2007
Author: joeyh
Date: 2007-11-13 21:14:11 +0000 (Tue, 13 Nov 2007)
New Revision: 7296
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-13 16:08:57 UTC (rev 7295)
+++ data/CVE/list 2007-11-13 21:14:11 UTC (rev 7296)
@@ -1,3 +1,67 @@
+CVE-2007-5932 (Multiple cross-site scripting (XSS) vulnerabilities in Fatwire Content ...)
+ TODO: check
+CVE-2007-5931 (The reDirect function in lib/controllers/RepViewController.php in ...)
+ TODO: check
+CVE-2007-5930 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
+ TODO: check
+CVE-2007-5929 (Buffer overflow in OpenBase 10.0.5 and earlier might allow remote ...)
+ TODO: check
+CVE-2007-5928 (OpenBase 10.0.5 and earlier allows remote authenticated users to ...)
+ TODO: check
+CVE-2007-5927 (Directory traversal vulnerability in OpenBase 10.0.5 and earlier ...)
+ TODO: check
+CVE-2007-5926 (OpenBase 10.0.5 and earlier allows remote authenticated users to ...)
+ TODO: check
+CVE-2007-5925 (The convert_search_mode_to_innobase function in ha_innodb.cc in the ...)
+ TODO: check
+CVE-2007-5924 (Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task ...)
+ TODO: check
+CVE-2007-5923 (Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in ...)
+ TODO: check
+CVE-2007-5922 (The modules/mdop.m in the Cypress 1.0k script for BitchX, as ...)
+ TODO: check
+CVE-2007-5921 (Unspecified vulnerability in the ioctl interface in the Solaris Volume ...)
+ TODO: check
+CVE-2007-5920 (index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote ...)
+ TODO: check
+CVE-2007-5919 (MyWebFTP stores sensitive information under the web root with ...)
+ TODO: check
+CVE-2007-5918 (Cross-site request forgery (CSRF) vulnerability in edit.php in the MS ...)
+ TODO: check
+CVE-2007-5917 (Cross-site request forgery (CSRF) vulnerability in ...)
+ TODO: check
+CVE-2007-5916 (SQL injection vulnerability in the login page in phphelpdesk 0.6.16 ...)
+ TODO: check
+CVE-2007-5915 (Directory traversal vulnerability in index.php in phphelpdesk 0.6.16 ...)
+ TODO: check
+CVE-2007-5914 (Direct static code injection vulnerability in ...)
+ TODO: check
+CVE-2007-5913 (dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not ...)
+ TODO: check
+CVE-2007-5912 (SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote ...)
+ TODO: check
+CVE-2007-5911 (Multiple stack-based buffer overflows in the AxMetaStream ActiveX ...)
+ TODO: check
+CVE-2007-5910 (Stack-based buffer overflow in Autonomy (formerly Verity) KeyView ...)
+ TODO: check
+CVE-2007-5909 (Multiple stack-based buffer overflows in Autonomy (formerly Verity) ...)
+ TODO: check
+CVE-2007-5908 (Buffer overflow in the (1) sysfs_show_available_clocksources and (2) ...)
+ TODO: check
+CVE-2007-5907 (Xen 3.1.1 does not prevent modification of the CR4 TSC from ...)
+ TODO: check
+CVE-2007-5906 (Xen 3.1.1 allows virtual guest system users to cause a denial of ...)
+ TODO: check
+CVE-2007-5905
+ RESERVED
+CVE-2007-5904 (Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and ...)
+ TODO: check
+CVE-2007-5903
+ RESERVED
+CVE-2007-5902
+ RESERVED
+CVE-2007-5901
+ RESERVED
CVE-2007-XXXX [Incorrect input from client can lead to remote DoS in pioneers server]
- pioneers <unfixed> (bug #449541)
CVE-2007-5900
@@ -480,7 +544,7 @@
CVE-2002-2365 (Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary ...)
NOT-FOR-US: Data pre-dating the Security Tracker
CVE-2007-5740 (The format string protection mechanism in IMAPD for Perdition Mail ...)
- {DSA-1398-1}
+ {DSA-1398-1 DTSA-84-1}
- perdition 1.17.1-1 (medium; bug #448853)
CVE-2007-5751 (Liferea before 1.4.6 uses weak permissions (0644) for the ...)
- liferea 1.4.6-1 (low; bug #448850)
@@ -1732,7 +1796,7 @@
NOTE: CVE-2007-5414, mailed mitre
CVE-2007-5414 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
- iceweasel 2.0+dfsg-1
-CVE-2007-5413 (Unspecified vulnerability in httpd.tkd in HP OpenView Configuration ...)
+CVE-2007-5413 (httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView ...)
NOT-FOR-US: HP OpenView
CVE-2007-5412 (Multiple PHP remote file inclusion vulnerabilities in the Quoc-Huy MP3 ...)
NOT-FOR-US: Joomla! extension
@@ -1766,8 +1830,8 @@
RESERVED
CVE-2007-5397
RESERVED
-CVE-2007-5396
- RESERVED
+CVE-2007-5396 (Format string vulnerability in the ext_yahoo_contact_added function in ...)
+ TODO: check
CVE-2007-5395 (Stack-based buffer overflow in the separate_word function in ...)
- link-grammar 4.2.5-1 (medium; bug #450695)
CVE-2007-5394
@@ -3955,8 +4019,8 @@
NOTE: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
NOTE: very easy to exploit locally
-CVE-2007-4570
- RESERVED
+CVE-2007-4570 (Algorithmic complexity vulnerability in the MCS translation daemon in ...)
+ TODO: check
CVE-2007-4569 (backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is ...)
{DSA-1376-1 DTSA-60-1}
- kdebase 4:3.5.7-4
More information about the Secure-testing-commits
mailing list