[Secure-testing-commits] r6501 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Tue Sep 4 21:14:08 UTC 2007
Author: joeyh
Date: 2007-09-04 21:14:07 +0000 (Tue, 04 Sep 2007)
New Revision: 6501
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-04 21:12:49 UTC (rev 6500)
+++ data/CVE/list 2007-09-04 21:14:07 UTC (rev 6501)
@@ -1,3 +1,41 @@
+CVE-2007-4649 (MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and ...)
+ TODO: check
+CVE-2007-4648 (The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak ...)
+ TODO: check
+CVE-2007-4647 (newswire/uploadmedia.cgi in 2coolcode Our Space (Ourspace) 2.0.9 ...)
+ TODO: check
+CVE-2007-4646 (Buffer overflow in the pop3 service in Hexamail Server 3.0.0.001 Lite ...)
+ TODO: check
+CVE-2007-4645 (SQL injection vulnerability in index.php in NMDeluxe 2.0.0 allows ...)
+ TODO: check
+CVE-2007-4644 (Format string vulnerability in the Cl_GetPackets function in cl_main.c ...)
+ TODO: check
+CVE-2007-4643 (Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier ...)
+ TODO: check
+CVE-2007-4642 (Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and ...)
+ TODO: check
+CVE-2007-4641 (Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and ...)
+ TODO: check
+CVE-2007-4640 (Unrestricted file upload vulnerability in index.php in Pakupaku CMS ...)
+ TODO: check
+CVE-2007-4639 (EnterpriseDB Advanced Server 8.2 does not properly handle certain ...)
+ TODO: check
+CVE-2007-4638 (Blizzard Entertainment StarCraft Brood War 1.15.1 and earlier allows ...)
+ TODO: check
+CVE-2007-4637 (xGB.php in xGB 2.0 does not require authentication for an admin edit ...)
+ TODO: check
+CVE-2007-4636 (Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 ...)
+ TODO: check
+CVE-2007-4635 (Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to ...)
+ TODO: check
+CVE-2007-4634 (Multiple SQL injection vulnerabilities in Cisco CallManager and ...)
+ TODO: check
+CVE-2007-4633 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco ...)
+ TODO: check
+CVE-2007-4632 (Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the ...)
+ TODO: check
+CVE-2007-4631 (The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and ...)
+ TODO: check
CVE-2007-XXXX [maradns DoS]
- maradns 1.2.12.08-1
NOTE: http://marc.info/?l=maradns-list&m=118842373527534&w=2
@@ -111,7 +149,8 @@
[sarge] - tcp-wrappers <not-affected> (Vulnerability was introduced in -10)
CVE-2007-4580 (Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows ...)
NOT-FOR-US: BufferZone (Windows)
-CVE-2007-4579 (Heap-based buffer overflow in Microsoft MSN Messenger 7.x and Live ...)
+CVE-2007-4579
+ REJECTED
NOT-FOR-US: MSN
CVE-2007-4578 (Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows ...)
NOT-FOR-US: Sophos
@@ -256,8 +295,8 @@
RESERVED
CVE-2007-4516
RESERVED
-CVE-2007-4515
- RESERVED
+CVE-2007-4515 (Buffer overflow in a certain ActiveX control in YVerInfo.dll before ...)
+ TODO: check
CVE-2007-4514
RESERVED
CVE-2007-4513
@@ -1381,6 +1420,7 @@
RESERVED
CVE-2007-3999 [buffer overflow in RPC library]
RESERVED
+ {DSA-1368-1 DSA-1367-1}
- librpcsecgss <unfixed>
- krb5 <unfixed>
CVE-2007-3998
@@ -1562,6 +1602,7 @@
CVE-2007-3913
RESERVED
CVE-2007-3912 [debian-goodies checkrestart missing shell metachar escaping]
+ RESERVED
- debian-goodies 0.34 (bug #440411; medium)
CVE-2007-3911 (Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka ...)
NOT-FOR-US: BakBone NetVault Reporter
@@ -3842,8 +3883,8 @@
NOT-FOR-US: Qtpfsgui and pfstools
CVE-2007-2955 (Multiple unspecified "input validation error" vulnerabilities in ...)
NOT-FOR-US: Norton Antivirus/Internet Security/System Works
-CVE-2007-2954
- RESERVED
+CVE-2007-2954 (Multiple stack-based buffer overflows in the Spooler service ...)
+ TODO: check
CVE-2007-2953 (Format string vulnerability in the helptags_one function in ...)
{DSA-1364-1}
- vim 1:7.1-056+1 (low)
@@ -3893,8 +3934,8 @@
NOT-FOR-US: Phil-a-Form
CVE-2007-2932 (Cross-site scripting (XSS) vulnerability in index.php in BoastMachine ...)
NOT-FOR-US: BoastMachine
-CVE-2007-2931
- RESERVED
+CVE-2007-2931 (Heap-based buffer overflow in Microsoft MSN Messenger 7.x and Live ...)
+ TODO: check
CVE-2007-2930
RESERVED
CVE-2007-2929 (The IBM Lenovo Access Support acpRunner ActiveX control, as ...)
@@ -6960,6 +7001,7 @@
CVE-2007-1615 (SQL injection vulnerability in index.php in ScriptMagix Jokes 2.0 and ...)
NOT-FOR-US: ScriptMagix
CVE-2007-1614 (Stack-based buffer overflow in the zzip_open_shared_io function in ...)
+ {DTSA-56-1}
- zziplib 0.13.49-0 (bug #436701; low)
[etch] - zziplib <no-dsa> (Minor issue)
NOTE: http://www.securitylab.ru/forum/read.php?FID=21&TID=40858&MID=326187#message326187
More information about the Secure-testing-commits
mailing list