[Secure-testing-commits] r6988 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Tue Oct 16 21:14:08 UTC 2007 

Author: joeyh
Date: 2007-10-16 21:14:07 +0000 (Tue, 16 Oct 2007)
New Revision: 6988

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-16 21:13:51 UTC (rev 6987)
+++ data/CVE/list	2007-10-16 21:14:07 UTC (rev 6988)
@@ -1,3 +1,25 @@
+CVE-2007-5471 (libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in ...)
+	TODO: check
+CVE-2007-5470 (Microsoft Expression Media stores the catalog password in cleartext in ...)
+	TODO: check
+CVE-2007-5469 (OpenSER 1.2.2 does not verify the Digest authentication header URI ...)
+	TODO: check
+CVE-2007-5468 (Cisco CallManager 5.1.1.3000-5 does not verify the Digest ...)
+	TODO: check
+CVE-2007-5467 (Unspecified vulnerability in eXtremail 2.1.1 and earlier allows remote ...)
+	TODO: check
+CVE-2007-5466 (Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote ...)
+	TODO: check
+CVE-2007-5465 (Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows ...)
+	TODO: check
+CVE-2007-5464 (Buffer overflow in Live for Speed 0.5X10 and earlier allows remote ...)
+	TODO: check
+CVE-2007-5463 (ideal_process.php in the iDEAL payment module in ViArt Shop 3.3 beta ...)
+	TODO: check
+CVE-2007-5462 (Unspecified vulnerability in the Sun Solaris RPC services library ...)
+	TODO: check
+CVE-2007-5460 (Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak ...)
+	TODO: check
 CVE-2007-5459 (Cross-site scripting (XSS) vulnerability in the sidebar HTML page in ...)
 	NOT-FOR-US: MouseoverDictionary
 CVE-2007-5458 (SQL injection vulnerability in index.php in the newsletter module 1.0 ...)
@@ -236,7 +258,7 @@
 	TODO: check
 CVE-2002-2228 (MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers ...)
 	TODO: check
-CVE-2007-5461 [path traversal vulnerability in apache tomcat]
+CVE-2007-5461 (Absolute path traversal vulnerability in Apache Tomcat, under certain ...)
 	TODO: check
 CVE-2007-5391 (Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 ...)
 	NOT-FOR-US: HP Select Identity
@@ -6716,7 +6738,7 @@
 	NOT-FOR-US: Pre Classifieds Listings
 CVE-2007-2674 (SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 ...)
 	NOT-FOR-US: Pre Shopping Mall
-CVE-2007-2673 (SQL injection vulnerability in censura.php in Censura 1.15.04 allows ...)
+CVE-2007-2673 (SQL injection vulnerability in includes/funcs_vendors.php in Censura ...)
 	NOT-FOR-US: Censura
 CVE-2007-2672 (SQL injection vulnerability in index.php in PHP Coupon Script 3.0 ...)
 	NOT-FOR-US: PHP Coupon Script

More information about the Secure-testing-commits mailing list