[Secure-testing-commits] r6638 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Tue Sep 18 22:38:43 UTC 2007
Author: nion
Date: 2007-09-18 22:38:43 +0000 (Tue, 18 Sep 2007)
New Revision: 6638
Modified:
data/CVE/list
Log:
NFUs
CVE-2007-4915 boa not-affected
CVE-2007-4904 helix-player unfixed, unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-09-18 21:54:35 UTC (rev 6637)
+++ data/CVE/list 2007-09-18 22:38:43 UTC (rev 6638)
@@ -1,49 +1,50 @@
CVE-2007-4924
RESERVED
CVE-2007-4923 (PHP remote file inclusion vulnerability in admin.joomlaradiov5.php in ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2007-4922 (SQL injection vulnerability in index.php in the jeuxflash 1.0 module ...)
- TODO: check
+ NOT-FOR-US: KwsPhp
CVE-2007-4921 (PHP remote file inclusion vulnerability in _includes/settings.inc.php ...)
- TODO: check
+ NOT-FOR-US: Ajax File Browser
CVE-2007-4920 (SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest ...)
- TODO: check
+ NOT-FOR-US: Webquest
CVE-2007-4919 (Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) remote ...)
- TODO: check
+ NOT-FOR-US: Jblog
CVE-2007-4918 (SQL injection vulnerability in index.php in Gelato allows remote ...)
- TODO: check
+ NOT-FOR-US: Gelato
CVE-2007-4917 (Cross-site scripting (XSS) vulnerability in tracking.php in PHP-Stats ...)
- TODO: check
+ NOT-FOR-US: Php-Stats
CVE-2007-4916 (Heap-based buffer overflow in the FileFind::FindFile method in (1) ...)
- TODO: check
+ NOT-FOR-US: MFC Library
CVE-2007-4915 (The Intersil isl3893 extensions for Boa 0.93.15, as used on the ...)
- TODO: check
+ - boa <not-affected> (We don't ship this extension)
CVE-2007-4914 (Unspecified vulnerability in the subscriptions manager in Invision ...)
- TODO: check
+ NOT-FOR-US: Invision Power Board
CVE-2007-4913 (ips_kernel/class_upload.php in Invision Power Board (IPB or IP.Board) ...)
- TODO: check
+ NOT-FOR-US: Invision Power Board
CVE-2007-4912 (Cross-site scripting (XSS) vulnerability in ips_kernel/class_ajax.php ...)
- TODO: check
+ NOT-FOR-US: Invision Power Board
CVE-2007-4911 (JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: JetCast Server
CVE-2007-4910 (Unspecified vulnerability in netInvoicing before 2.7.3 has unknown ...)
- TODO: check
+ NOT-FOR-US: Netinvoicing
CVE-2007-4909 (Interpretation conflict in WinSCP before 4.0.4 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: WinSCP
CVE-2007-4908 (Directory traversal vulnerability in index.php in AuraCMS 2.1 and ...)
- TODO: check
+ NOT-FOR-US: AuraCMS
CVE-2007-4907 (Multiple PHP remote file inclusion vulnerabilities in X-Cart allow ...)
- TODO: check
+ NOT-FOR-US: X-Cart
CVE-2007-4906 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: NuclearBB
CVE-2007-4905 (Unrestricted file upload vulnerability in mod/contak.php in AuraCMS ...)
- TODO: check
+ NOT-FOR-US: AuraCMS
CVE-2007-4904 (RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player ...)
- TODO: check
+ - helix-player <unfixed> (unimportant; bug #443130)
+ NOTE: Just a floating point exception by via a crafted .au file)
CVE-2007-4903 (Multiple buffer overflows in a certain ActiveX control in CryptoX.dll ...)
- TODO: check
+ NOT-FOR-US: Ultra Crypto Component
CVE-2007-4902 (Absolute path traversal vulnerability in a certain ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: Ultra Crypto Component
CVE-2007-4901 (Unspecified vulnerability in AOL Instant Messenger (AIM) 6.1.41.2 ...)
NOT-FOR-US: AOL Instant Messenger
CVE-2007-4900 (Cross-site scripting (XSS) vulnerability in the logon page in RSA ...)
More information about the Secure-testing-commits
mailing list