Author: nion Date: 2007-12-15 14:56:34 +0000 (Sat, 15 Dec 2007) New Revision: 7623 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-12-15 09:14:09 UTC (rev 7622) +++ data/CVE/list 2007-12-15 14:56:34 UTC (rev 7623) @@ -33,17 +33,17 @@ CVE-2007-6348 [SquirrelMail package compromise] - squirrelmail <not-affected> (Compromised packages were never in Debian) CVE-2007-6347 (PHP remote file inclusion vulnerability in blocks/block_site_map.php ...) - TODO: check + NOT-FOR-US: ViArt, CMS, HelpDesk, Shop Evaluation, Shop Free CVE-2007-6346 (Cross-site scripting (XSS) vulnerability in Rainboard before 2.10 ...) - TODO: check + NOT-FOR-US: Rainboard CVE-2007-6345 (SQL injection vulnerability in aurora framework before 20071208 allows ...) - TODO: check + NOT-FOR-US: aurora CVE-2007-6344 (Directory traversal vulnerability in modules/cms/index.php in Mcms ...) - TODO: check + NOT-FOR-US: Mcms Easy Web Make CVE-2007-6343 (Cross-site scripting (XSS) vulnerability in HP OpenView Network Node ...) - TODO: check + NOT-FOR-US: HP OpenView Network Node Manager CVE-2007-6342 (SQL injection vulnerability in the David Castro AuthCAS module ...) - TODO: check + NOT-FOR-US: Apache AuthCAS module CVE-2007-6341 RESERVED CVE-2007-6340 @@ -61,29 +61,29 @@ CVE-2007-6334 RESERVED CVE-2007-6333 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as ...) - TODO: check + NOT-FOR-US: HP Info Center / HP Quick Launch Buttons CVE-2007-6332 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as ...) - TODO: check + NOT-FOR-US: HP Info Center HP Quick Launch Buttons CVE-2007-6331 (Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ...) - TODO: check + NOT-FOR-US: HP Info Center / HP Quick Launch Buttons CVE-2007-6330 (Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames ...) - TODO: check + NOT-FOR-US: Meridian Prolog Manager CVE-2007-6329 (Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not ...) - TODO: check + NOT-FOR-US: Microsoft Office CVE-2007-6328 (** DISPUTED ** ...) TODO: check CVE-2007-6327 (Buffer overflow in a certain ActiveX control in Online Media ...) - TODO: check + NOT-FOR-US: Online Media Technologies CVE-2007-6326 (Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote ...) - TODO: check + NOT-FOR-US: Simple HTTPD CVE-2007-6325 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Fastpublish CVE-2007-6324 (PHP remote file inclusion vulnerability in head.php in CityWriter ...) - TODO: check + NOT-FOR-US: CityWriter CVE-2007-6323 (Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 ...) - TODO: check + NOT-FOR-US: MMS Gallery PHP CVE-2007-6322 (Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 ...) - TODO: check + NOT-FOR-US: xml2owl CVE-2007-6320 (Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does ...) NOT-FOR-US: Feature (third party drupal module) CVE-2007-6319 @@ -341,7 +341,7 @@ - serendipity 1.2.1-1 (low) [etch] - serendipity <no-dsa> (Can only be exploited in rare conditions) CVE-2007-6204 (Multiple stack-based buffer overflows in HP OpenView Network Node ...) - TODO: check + NOT-FOR-US: HP OpenView CVE-2007-6203 (Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method ...) - apache2 2.2.6-3 (low) [sarge] - apache2 <no-dsa> (minor issue)