Author: nion Date: 2007-11-14 11:55:52 +0000 (Wed, 14 Nov 2007) New Revision: 7298 Modified: data/CVE/list Log: NFU CVE-2007-5922 ircii-pana not-affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-11-14 11:24:26 UTC (rev 7297) +++ data/CVE/list 2007-11-14 11:55:52 UTC (rev 7298) @@ -15,39 +15,40 @@ CVE-2007-5925 (The convert_search_mode_to_innobase function in ha_innodb.cc in the ...) - mysql-dfsg-5.0 <unfixed> (medium; bug #451235) CVE-2007-5924 (Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task ...) - TODO: check + NOT-FOR-US: IBM Lotus Domino CVE-2007-5923 (Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in ...) - TODO: check + NOT-FOR-US: eTrust SiteMinder Agent CVE-2007-5922 (The modules/mdop.m in the Cypress 1.0k script for BitchX, as ...) - TODO: check + - ircii-pana <not-affected> (Does not ship this script) CVE-2007-5921 (Unspecified vulnerability in the ioctl interface in the Solaris Volume ...) - TODO: check + NOT-FOR-US: Solaris CVE-2007-5920 (index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote ...) - TODO: check + NOT-FOR-US: Domenico Mancini PicoFlat CMS CVE-2007-5919 (MyWebFTP stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: MyWebFTP CVE-2007-5918 (Cross-site request forgery (CSRF) vulnerability in edit.php in the MS ...) - TODO: check + NOT-FOR-US: MS TopSites CVE-2007-5917 (Cross-site request forgery (CSRF) vulnerability in ...) - TODO: check + NOT-FOR-US: Skalinks CVE-2007-5916 (SQL injection vulnerability in the login page in phphelpdesk 0.6.16 ...) - TODO: check + NOT-FOR-US: phphelpdesk CVE-2007-5915 (Directory traversal vulnerability in index.php in phphelpdesk 0.6.16 ...) - TODO: check + NOT-FOR-US: phphelpdesk CVE-2007-5914 (Direct static code injection vulnerability in ...) - TODO: check + NOT-FOR-US: JBC Explorer CVE-2007-5913 (dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not ...) - TODO: check + NOT-FOR-US: JBC Explorer CVE-2007-5912 (SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote ...) - TODO: check + NOT-FOR-US: jPORTAL CVE-2007-5911 (Multiple stack-based buffer overflows in the AxMetaStream ActiveX ...) - TODO: check + NOT-FOR-US: Viewpoint Media Player CVE-2007-5910 (Stack-based buffer overflow in Autonomy (formerly Verity) KeyView ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes, Symantec Mail Security, and others CVE-2007-5909 (Multiple stack-based buffer overflows in Autonomy (formerly Verity) ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes, Symantec Mail Security, and others CVE-2007-5908 (Buffer overflow in the (1) sysfs_show_available_clocksources and (2) ...) TODO: check + NOTE: how can a user specify clocksource name values? CVE-2007-5907 (Xen 3.1.1 does not prevent modification of the CR4 TSC from ...) TODO: check CVE-2007-5906 (Xen 3.1.1 allows virtual guest system users to cause a denial of ...)