joeyh at alioth.debian.org
2007-Dec-26 21:14 UTC
[Secure-testing-commits] r7728 - data/CVE
Author: joeyh
Date: 2007-12-26 21:14:09 +0000 (Wed, 26 Dec 2007)
New Revision: 7728
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-12-26 15:51:00 UTC (rev 7727)
+++ data/CVE/list 2007-12-26 21:14:09 UTC (rev 7728)
@@ -1,3 +1,19 @@
+CVE-2007-6524 (Opera before 9.25 allows remote attackers to obtain potentially
...)
+ TODO: check
+CVE-2007-6523 (Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x
before ...)
+ TODO: check
+CVE-2007-6522 (The rich text editing functionality in Opera before 9.25 allows
remote ...)
+ TODO: check
+CVE-2007-6521 (Unspecified vulnerability in Opera before 9.25 allows remote
attackers ...)
+ TODO: check
+CVE-2007-6520 (Opera before 9.25 allows remote attackers to conduct
cross-domain ...)
+ TODO: check
+CVE-2007-6519 (Unspecified vulnerability in the File-on-File Mounting File
System ...)
+ TODO: check
+CVE-2007-6518 (Multiple SQL injection vulnerabilities in search.php in WoltLab
...)
+ TODO: check
+CVE-2007-6517 (SQL injection vulnerability in the forget password section ...)
+ TODO: check
CVE-2007-XXXX [remote buffer overflow in tcpreen]
- tcpreen 1.4.3-0.3 (medium; bug #457781)
NOTE: CVE id pending
@@ -153,9 +169,11 @@
CVE-2007-6452 (Unspecified vulnerability in the benchmark reporting system in
Google ...)
- gwt <itp> (bug #402841)
CVE-2007-6451 (Unspecified vulnerability in the CIP dissector in Wireshark
(formerly ...)
+ {DTSA-104-1}
- wireshark 0.99.7-1
- ethereal <removed>
CVE-2007-6450 (The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to
0.99.6 ...)
+ {DTSA-104-1}
- wireshark 0.99.7-1
- ethereal <removed>
CVE-2007-6449
@@ -175,20 +193,24 @@
CVE-2007-6442
REJECTED
CVE-2007-6441 (The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6
allows ...)
+ {DTSA-104-1}
- wireshark 0.99.7-1
[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
CVE-2007-6440
REJECTED
CVE-2007-6439 (Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to
cause ...)
+ {DTSA-104-1}
- wireshark 0.99.7-1
[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
CVE-2007-6438 (Unspecified vulnerability in the SMB dissector in Wireshark
(formerly ...)
+ {DTSA-104-1}
- wireshark 0.99.7-1
[sarge] - ethereal <not-affected> (vulnerable code introduced in 0.99.6)
[etch] - wireshark <not-affected> (vulnerable code introduced in 0.99.6)
CVE-2007-6437 (Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8
allows ...)
+ {DTSA-105-1}
- syslog-ng 2.0.6-1 (low; bug #457334)
CVE-2003-1538 (susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server,
and ...)
NOT-FOR-US: predating security tracker
@@ -238,8 +260,8 @@
RESERVED
CVE-2007-6420
RESERVED
-CVE-2007-6419
- RESERVED
+CVE-2007-6419 (Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11,
...)
+ TODO: check
CVE-2007-6417 (The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11
through ...)
{DSA-1436-1}
- linux-2.6 2.6.23-2
@@ -304,6 +326,7 @@
CVE-2007-6388
RESERVED
CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local
users ...)
+ {DSA-1437-1}
- cupsys 1.3.5-1 (low; bug #456960)
[sarge] - cupsys <no-dsa> (Minor issue)
NOTE: the debian package is a bit confusing here as it also ships a pdftops
@@ -1671,6 +1694,7 @@
CVE-2007-5850 (Heap-based buffer overflow in Desktop Services in Apple Mac OS X
...)
NOT-FOR-US: Desktop Services (Apple Mac OS X)
CVE-2007-5849 (Integer underflow in the asn1_get_string function in the SNMP
back end ...)
+ {DSA-1437-1}
- cupsys 1.3.5-1 (medium; bug #457453)
[sarge] - cupsys <not-affected> (Vulnerable code not present)
CVE-2007-5848 (Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local
admin ...)