[Secure-testing-commits] r6606 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Thu Sep 13 21:14:08 UTC 2007
Author: joeyh
Date: 2007-09-13 21:14:07 +0000 (Thu, 13 Sep 2007)
New Revision: 6606
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-13 12:54:13 UTC (rev 6605)
+++ data/CVE/list 2007-09-13 21:14:07 UTC (rev 6606)
@@ -1,3 +1,49 @@
+CVE-2007-4850
+ RESERVED
+CVE-2007-4849 (JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly ...)
+ TODO: check
+CVE-2007-4848 (Microsoft Internet Explorer 4.0 through 7 allows remote attackers to ...)
+ TODO: check
+CVE-2007-4847 (Google Picasa allows remote attackers to read image files stored by ...)
+ TODO: check
+CVE-2007-4846 (SQL injection vulnerability in start.php in Webace-Linkscript (wls) ...)
+ TODO: check
+CVE-2007-4845 (Multiple SQL injection vulnerabilities in UPLOAD/index.php in ...)
+ TODO: check
+CVE-2007-4844 (X-Diesel Unreal Commander 0.92 build 565 and 573 does not properly ...)
+ TODO: check
+CVE-2007-4843 (Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 ...)
+ TODO: check
+CVE-2007-4842 (Directory traversal vulnerability in Enriva Development Magellan ...)
+ TODO: check
+CVE-2007-4841 (Mozilla Firefox 2.0.0.6 allows remote attackers to execute arbitrary ...)
+ TODO: check
+CVE-2007-4840 (PHP 5.2.4 and earlier allows context-dependent attackers to cause a ...)
+ TODO: check
+CVE-2007-4839 (Unspecified vulnerability in the PD tools component in IBM WebSphere ...)
+ TODO: check
+CVE-2007-4838 (Multiple buffer overflows in CellFactor Revolution 1.03 and earlier ...)
+ TODO: check
+CVE-2007-4837 (SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows ...)
+ TODO: check
+CVE-2007-4836 (Cross-site scripting (XSS) vulnerability in index.php in phpMyQuote ...)
+ TODO: check
+CVE-2007-4835 (SQL injection vulnerability in index.php in phpMyQuote 0.20 allows ...)
+ TODO: check
+CVE-2007-4834 (Multiple PHP remote file inclusion vulnerabilities in phpRealty 0.02 ...)
+ TODO: check
+CVE-2007-4833 (Unspecified vulnerability in the Edge Component in IBM WebSphere ...)
+ TODO: check
+CVE-2007-4832 (Format string vulnerability in CellFactor Revolution 1.03 and earlier ...)
+ TODO: check
+CVE-2007-4831 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2007-4830 (Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in ...)
+ TODO: check
+CVE-2007-4829
+ RESERVED
+CVE-2007-4828 (Cross-site scripting (XSS) vulnerability in the API pretty-printing ...)
+ TODO: check
CVE-2007-4827
RESERVED
CVE-2007-4826 (bgpd in Quagga before 0.99.9 allows remote BGP peers to cause a denial ...)
@@ -219,8 +265,7 @@
RESERVED
CVE-2007-4728
RESERVED
-CVE-2007-4727 [lighttpd: header overflow when using the mod_fastcgi extension]
- RESERVED
+CVE-2007-4727 (Buffer overflow in the fcgi_env_add function in ...)
- lighttpd 1.4.18-1 (medium; bug #441555)
NOTE: http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt
NOTE: http://www.lighttpd.net/download/lighttpd-1.4.x_mod_fastcgi_overrun.patch
@@ -2097,8 +2142,8 @@
NOT-FOR-US: SSAPI Engine
CVE-2007-3872 (Multiple stack-based buffer overflows in the Shared Trace Service ...)
NOT-FOR-US: HP OpenView
-CVE-2007-3871
- RESERVED
+CVE-2007-3871 (Stampit Web uses guessable id values for online stamp purchases, which ...)
+ TODO: check
CVE-2006-7221 (Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow ...)
- gftp <unfixed> (unimportant; bug #437710)
NOTE: Only a crasher, w/o security impact for a client application like gftp
More information about the Secure-testing-commits
mailing list