thr3ads.net - Secure testing commits - [Secure-testing-commits] r7458

If this information is useful, please help other people find it:
Share via:
nion at alioth.debian.org
2007-Dec-01 14:59 UTC
[Secure-testing-commits] r7458 - data/CVE

Author: nion
Date: 2007-12-01 14:59:22 +0000 (Sat, 01 Dec 2007)
New Revision: 7458

Modified:
   data/CVE/list
Log:
NFUs
new issue: acidbase (CVE-2007-6156)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-12-01 14:22:40 UTC (rev 7457)
+++ data/CVE/list	2007-12-01 14:59:22 UTC (rev 7458)
@@ -37,11 +37,11 @@
 CVE-2007-6181 (Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and
earlier ...)
 	NOT-FOR-US: Cygwin
 CVE-2007-6180 (Race condition in the Remote Procedure Call kernel module
(rpcmod) in ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2007-6179 (Multiple PHP remote file inclusion vulnerabilities in
Charray''s CMS ...)
 	NOT-FOR-US: Charray''s CMS
 CVE-2007-6178 (Multiple PHP remote file inclusion vulnerabilities in Easy
Hosting ...)
-	TODO: check
+	NOT-FOR-US: Easy Hosting Control Panel for Ubuntu
 CVE-2007-6177 (PHP remote file inclusion vulnerability in Exchange/include.php
in ...)
 	NOT-FOR-US: PHP-CON
 CVE-2007-6176 (kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows
remote ...)
@@ -57,31 +57,31 @@
 CVE-2007-6169 (SQL injection vulnerability in admin/index2.asp in GOUAE DWD
Realty ...)
 	NOT-FOR-US: GOUAE DWD Realty
 CVE-2007-6168 (SQL injection vulnerability in default.asp in VU Case Manager
allows ...)
-	TODO: check
+	NOT-FOR-US: VU Case Manager
 CVE-2007-6167 (yast2-core includes the current working directory in its search
path, ...)
-	TODO: check
+	NOT-FOR-US: Yast2
 CVE-2007-6166 (Stack-based buffer overflow in Apple QuickTime 7.2 and 7.3
allows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2007-6165 (Mail in Apple Mac OS X Leopard allows user-assisted remote
attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple Mac OS X
 CVE-2007-6164 (Multiple SQL injection vulnerabilities in Eurologon CMS allow
remote ...)
-	TODO: check
+	NOT-FOR-US: Eurologon CMS
 CVE-2007-6163 (SQL injection vulnerability in admin/index2.asp in GOUAE DWD
Realty ...)
-	TODO: check
+	NOT-FOR-US: GOUAE DWD Realty
 CVE-2007-6162 (Cross-site scripting (XSS) vulnerability in index.php in
FMDeluxe ...)
-	TODO: check
+	NOT-FOR-US: FMDeluxe
 CVE-2007-6161 (index.php in Tilde CMS 4.x and earlier allows remote attackers
to ...)
-	TODO: check
+	NOT-FOR-US: Tilde CMS
 CVE-2007-6160 (Cross-site scripting (XSS) vulnerability in index.php in Tilde
CMS 4.x ...)
-	TODO: check
+	NOT-FOR-US: Tilde CMS
 CVE-2007-6159 (SQL injection vulnerability in index.php in Tilde CMS 4.x and
earlier ...)
-	TODO: check
+	NOT-FOR-US: Tilde CMS
 CVE-2007-6158 (Multiple SQL injection vulnerabilities in caladmin.inc.php in
Proverbs ...)
-	TODO: check
+	NOT-FOR-US: Proverbs Web Calendar
 CVE-2007-6157 (Cross-site scripting (XSS) vulnerability in index.php in
SimpleGallery ...)
-	TODO: check
+	NOT-FOR-US: SimpleGallery
 CVE-2007-6156 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	- acidbase <unfixed> (low; bug #453838)
 CVE-2007-6155
 	RESERVED
 CVE-2007-6154
@@ -97,33 +97,33 @@
 CVE-2007-6148
 	RESERVED
 CVE-2007-6147 (Multiple PHP remote file inclusion vulnerabilities in IAPR
COMMENCE ...)
-	TODO: check
+	NOT-FOR-US: IAPR COMMENCE
 CVE-2007-6146 (Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-02
on ...)
-	TODO: check
+	NOT-FOR-US: JP1/File Transmission Server/FTP on windows
 CVE-2007-6145 (Unspecified vulnerability in Hitachi JP1/File Transmission
Server/FTP ...)
-	TODO: check
+	NOT-FOR-US: Hitachi JP1/File Transmission Server/FTP
 CVE-2007-6144 (Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX
control ...)
-	TODO: check
+	NOT-FOR-US: Xunlei Thunder
 CVE-2007-6143 (SQL injection vulnerability in default.asp (aka the Login Page)
in VU ...)
-	TODO: check
+	NOT-FOR-US: VU Case Manager
 CVE-2007-6142 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk
just ...)
-	TODO: check
+	NOT-FOR-US: JAF CMS
 CVE-2007-6141 (Cross-site scripting (XSS) vulnerability in vBTube.php in vBTube
1.1 ...)
-	TODO: check
+	NOT-FOR-US: vBTube
 CVE-2007-6140 (Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow
remote ...)
-	TODO: check
+	NOT-FOR-US: Dora Emlak
 CVE-2007-6139 (PHP remote file inclusion vulnerability in index.php in Mp3
ToolBox ...)
-	TODO: check
+	NOT-FOR-US: Mp3 ToolBox
 CVE-2007-6138 (SQL injection vulnerability in redir.asp in VU Mass Mailer
allows ...)
-	TODO: check
+	NOT-FOR-US: VU Mass Mailer
 CVE-2007-6137 (SQL injection vulnerability in news.php in Content Injector 1.52
...)
-	TODO: check
+	NOT-FOR-US: Content Injector
 CVE-2007-6136 (Multiplce cross-site scripting (XSS) vulnerabilities in
index.php in ...)
-	TODO: check
+	NOT-FOR-US: M2Scripts MySpace Scripts
 CVE-2007-6135 (Cross-site scripting (XSS) vulnerability in phpslideshow.php in
...)
-	TODO: check
+	NOT-FOR-US: PHPSlideShow
 CVE-2007-6134 (SQL injection vulnerability in pkinc/public/article.php in
PHPKIT ...)
-	TODO: check
+	NOT-FOR-US: PHPKIT
 CVE-2007-6133 (PHP remote file inclusion vulnerability in
admin/kfm/initialise.php in ...)
 	TODO: check
 CVE-2007-XXXX [zabbix-agent runs as gid 0]
Secure testing commits - Dec 2007 - r7458 - data/CVE

[Secure-testing-commits] r7458 - data/CVE
