thr3ads.net - Secure testing commits - [Secure-testing-commits] r6179

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2007-Jul-26 21:14 UTC
[Secure-testing-commits] r6179 - data/CVE

Author: joeyh
Date: 2007-07-26 21:14:07 +0000 (Thu, 26 Jul 2007)
New Revision: 6179

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-07-26 21:02:44 UTC (rev 6178)
+++ data/CVE/list	2007-07-26 21:14:07 UTC (rev 6179)
@@ -1,3 +1,304 @@
+CVE-2007-5645
+	REJECTED
+	TODO: check
+CVE-2007-4018 (Citrix Access Gateway Advanced Edition before firmware 4.5.5
allows ...)
+	TODO: check
+CVE-2007-4017 (Cross-site request forgery (CSRF) vulnerability in the web-based
...)
+	TODO: check
+CVE-2007-4016 (Unspecified vulnerability in the client components in Citrix
Access ...)
+	TODO: check
+CVE-2007-4015 (Citrix Access Gateway Advanced Edition before 4.5 HF1 allows
attackers ...)
+	TODO: check
+CVE-2007-4014 (Cross-site scripting (XSS) vulnerability in a certain index.php
...)
+	TODO: check
+CVE-2007-4013 (Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka
...)
+	TODO: check
+CVE-2007-4012 (Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750
...)
+	TODO: check
+CVE-2007-4011 (Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750
...)
+	TODO: check
+CVE-2007-4010 (The win32std extension in PHP 5.2.3 does not follow safe_mode
and ...)
+	TODO: check
+CVE-2007-4009 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2007-4008 (Directory traversal vulnerability in custom.php in Entertainment
CMS ...)
+	TODO: check
+CVE-2007-4007 (PHP remote file inclusion vulnerability in index.php in Article
...)
+	TODO: check
+CVE-2007-4006 (Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has
...)
+	TODO: check
+CVE-2007-4005 (Stack-based buffer overflow in Mike Dubman Windows RSH daemon
(rshd) ...)
+	TODO: check
+CVE-2007-4004
+	RESERVED
+CVE-2007-4003
+	RESERVED
+CVE-2007-4002
+	RESERVED
+CVE-2007-4001
+	RESERVED
+CVE-2007-4000
+	RESERVED
+CVE-2007-3999
+	RESERVED
+CVE-2007-3998
+	RESERVED
+CVE-2007-3997
+	RESERVED
+CVE-2007-3996
+	RESERVED
+CVE-2007-3995
+	RESERVED
+CVE-2007-3994
+	RESERVED
+CVE-2007-3993 (Unspecified vulnerability in the attachment filter in Kerio
MailServer ...)
+	TODO: check
+CVE-2007-3992 (SQL injection vulnerability in vir_login.asp in iExpress
Property Pro ...)
+	TODO: check
+CVE-2007-3991 (Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in
Asp ...)
+	TODO: check
+CVE-2007-3990 (SQL injection vulnerability in default.asp in Dora Emlak 1.0,
when the ...)
+	TODO: check
+CVE-2007-3989 (Multiple cross-site scripting (XSS) vulnerabilities in
default.asp in ...)
+	TODO: check
+CVE-2007-3988 (Session fixation vulnerability in Virtual Hosting Control System
...)
+	TODO: check
+CVE-2007-3987 (SQL injection vulnerability in SearchResults.asp in ImageRacer
1.0, ...)
+	TODO: check
+CVE-2007-3986 (file.cgi in Secure Computing SecurityReporter (aka Network
Security ...)
+	TODO: check
+CVE-2007-3985 (Directory traversal vulnerability in file.cgi in Secure
Computing ...)
+	TODO: check
+CVE-2007-3984 (Buffer overflow in a certain ActiveX control in the
NixonMyPrograms ...)
+	TODO: check
+CVE-2007-3983 (Absolute path traversal vulnerability in the Data Dynamics ...)
+	TODO: check
+CVE-2007-3982 (Absolute path traversal vulnerability in the Data Dynamics ...)
+	TODO: check
+CVE-2007-3981 (SQL injection vulnerability in index.php in WSN Links Basic
Edition ...)
+	TODO: check
+CVE-2007-3980 (PHP remote file inclusion vulnerability in page.php in RCMS Pro
...)
+	TODO: check
+CVE-2007-3979 (SQL injection vulnerability in index.php in BlogSite
Professional (aka ...)
+	TODO: check
+CVE-2007-3978 (Session fixation vulnerability in bwired allows remote attackers
to ...)
+	TODO: check
+CVE-2007-3977 (Cross-site scripting (XSS) vulnerability in bwired allows remote
...)
+	TODO: check
+CVE-2007-3976 (SQL injection vulnerability in index.php in bwired allows remote
...)
+	TODO: check
+CVE-2007-3975 (Cross-site scripting (XSS) vulnerability in index.php in Elite
Forum ...)
+	TODO: check
+CVE-2007-3974 (admin/ajoutaut.php in JBlog 1.0 does not require authentication,
which ...)
+	TODO: check
+CVE-2007-3973 (Multiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0
allow ...)
+	TODO: check
+CVE-2007-3972 (ESET NOD32 Antivirus before 2.2289 allows remote attackers to
cause a ...)
+	TODO: check
+CVE-2007-3971 (Integer overflow in ESET NOD32 Antivirus before 2.2289 allows
remote ...)
+	TODO: check
+CVE-2007-3970 (Race condition in ESET NOD32 Antivirus before 2.2289 allows
remote ...)
+	TODO: check
+CVE-2007-3969 (Buffer overflow in Panda Antivirus before 20070720 allows remote
...)
+	TODO: check
+CVE-2007-3968 (index.php in dirLIST before 0.1.1 allows remote attackers to
list the ...)
+	TODO: check
+CVE-2007-3967 (Directory traversal vulnerability in index.php in PHP Directory
Lister ...)
+	TODO: check
+CVE-2007-3966 (SQL injection vulnerability in Munch Pro allows remote attackers
to ...)
+	TODO: check
+CVE-2007-3965 (Unspecified vulnerability in uFMOD before 1.2.5 has unknown
impact and ...)
+	TODO: check
+CVE-2007-3964 (Itaka before 0.2.1, when using Authentication mode, allows
remote ...)
+	TODO: check
+CVE-2007-3963 (Multiple cross-site scripting (XSS) vulnerabilities in UseBB
1.0.7, ...)
+	TODO: check
+CVE-2007-3962 (Multiple stack-based buffer overflows in fsplib.c in fsplib
before 0.9 ...)
+	TODO: check
+CVE-2007-3961 (Off-by-one error in the fsp_readdir_r function in fsplib.c in
fsplib ...)
+	TODO: check
+CVE-2007-3960 (Multiple unspecified vulnerabilities in IBM WebSphere
Application ...)
+	TODO: check
+CVE-2007-3959 (The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably
earlier ...)
+	TODO: check
+CVE-2007-3958 (Microsoft Windows Explorer (explorer.exe) allows user-assisted
remote ...)
+	TODO: check
+CVE-2007-3957 (Buffer overflow in Nipun Jain xserver 0.1 alpha allows remote
...)
+	TODO: check
+CVE-2007-3956 (TeamSpeak WebServer 2.0 for Windows does not validate parameter
value ...)
+	TODO: check
+CVE-2007-3955 (Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control
in ...)
+	TODO: check
+CVE-2007-3954 (Argument injection vulnerability in Microsoft Internet Explorer,
when ...)
+	TODO: check
+CVE-2007-3953 (The OLE2 parsing in Norman Antivirus before 5.91.02 allows
remote ...)
+	TODO: check
+CVE-2007-3952 (The OLE2 parsing in Norman Antivirus before 5.91.02 allows
remote ...)
+	TODO: check
+CVE-2007-3951 (Multiple buffer overflows in Norman Antivirus 5.90 allow remote
...)
+	TODO: check
+CVE-2007-3950 (lighttpd 1.4.15, when run on 32 bit platforms, allows remote
attackers ...)
+	TODO: check
+CVE-2007-3949 (mod_access.c in lighttpd 1.4.15 ignores trailing / (slash)
characters ...)
+	TODO: check
+CVE-2007-3948 (connections.c in lighttpd before 1.4.16 might accept more
connections ...)
+	TODO: check
+CVE-2007-3947 (request.c in lighttpd 1.4.15 allows remote attackers to cause a
denial ...)
+	TODO: check
+CVE-2007-3946 (mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote
...)
+	TODO: check
+CVE-2007-3945 (Rule Set Based Access Control (RSBAC) before 1.3.5 does not
properly ...)
+	TODO: check
+CVE-2007-3944 (Unspecified vulnerability in Safari (MobileSafari) on the Apple
iPhone ...)
+	TODO: check
+CVE-2007-3943 (SQL injection vulnerability in Infinite Responder before 1.48
allows ...)
+	TODO: check
+CVE-2007-3942 (** DISPUTED ** ...)
+	TODO: check
+CVE-2007-3941 (Cross-site scripting (XSS) vulnerability in profile.php in
Jasmine CMS ...)
+	TODO: check
+CVE-2007-3940 (Cross-site scripting (XSS) vulnerability in default.asp in
QuickerSite ...)
+	TODO: check
+CVE-2007-3939 (SQL injection vulnerability in index.php in SpoonLabs Vivvo
Article ...)
+	TODO: check
+CVE-2007-3938 (SQL injection vulnerability in index.php in MAXdev MDPro
(MD-Pro) ...)
+	TODO: check
+CVE-2007-3937 (Multiple SQL injection vulnerabilities in A-shop 0.70 and
earlier ...)
+	TODO: check
+CVE-2007-3936 (Directory traversal vulnerability in admin/filebrowser.asp in
A-shop ...)
+	TODO: check
+CVE-2007-3935 (PHP remote file inclusion vulnerability in link_main.php in the
...)
+	TODO: check
+CVE-2007-3934 (PHP remote file inclusion vulnerability in
postscript/postscript.php ...)
+	TODO: check
+CVE-2007-3933 (SQL injection vulnerability in insertorder.cfm in QuickEStore
8.2 and ...)
+	TODO: check
+CVE-2007-3932 (uploadimg.php in the Expose RC35 and earlier (com_expose)
component ...)
+	TODO: check
+CVE-2007-3931 (The wrap_setuid_third_party_application function in the
installation ...)
+	TODO: check
+CVE-2007-3930 (Interpretation conflict between Microsoft Internet Explorer and
...)
+	TODO: check
+CVE-2007-3929 (Use-after-free vulnerability in the BitTorrent support in Opera
before ...)
+	TODO: check
+CVE-2007-3928 (Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted
remote ...)
+	TODO: check
+CVE-2007-3927 (Multiple buffer overflows in Ipswitch IMail Server 2006 before
2006.21 ...)
+	TODO: check
+CVE-2007-3926 (Ipswitch IMail Server 2006 before 2006.21 allows remote
attackers to ...)
+	TODO: check
+CVE-2007-3925 (Multiple buffer overflows in the IMAP service (imapd32.exe) in
...)
+	TODO: check
+CVE-2007-3924 (Argument injection vulnerability in Microsoft Internet Explorer,
when ...)
+	TODO: check
+CVE-2007-3923 (The Common Internet File System (CIFS) optimization in Cisco
Wide Area ...)
+	TODO: check
+CVE-2007-3922 (Unspecified vulnerability in the Java Runtime Environment (JRE)
Applet ...)
+	TODO: check
+CVE-2007-3921
+	RESERVED
+CVE-2007-3920
+	RESERVED
+CVE-2007-3919
+	RESERVED
+CVE-2007-3918
+	RESERVED
+CVE-2007-3917
+	RESERVED
+CVE-2007-3916
+	RESERVED
+CVE-2007-3915
+	RESERVED
+CVE-2007-3914
+	RESERVED
+CVE-2007-3913
+	RESERVED
+CVE-2007-3912
+	RESERVED
+CVE-2007-3911
+	RESERVED
+CVE-2007-3910 (Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4
allows ...)
+	TODO: check
+CVE-2007-3909 (Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow
...)
+	TODO: check
+CVE-2007-3908 (Unspecified vulnerability in HP ServiceGuard for Linux for Red
Hat ...)
+	TODO: check
+CVE-2007-3907 (Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through
1.2.6 ...)
+	TODO: check
+CVE-2007-3906 (Unspecified vulnerability in Kaspersky Anti-Virus for Check
Point ...)
+	TODO: check
+CVE-2007-3905 (SQL injection vulnerability in Zoph before 0.7.0.1 might allow
remote ...)
+	TODO: check
+CVE-2007-3904
+	RESERVED
+CVE-2007-3903
+	RESERVED
+CVE-2007-3902
+	RESERVED
+CVE-2007-3901
+	RESERVED
+CVE-2007-3900
+	RESERVED
+CVE-2007-3899
+	RESERVED
+CVE-2007-3898
+	RESERVED
+CVE-2007-3897
+	RESERVED
+CVE-2007-3896
+	RESERVED
+CVE-2007-3895
+	RESERVED
+CVE-2007-3894
+	RESERVED
+CVE-2007-3893
+	RESERVED
+CVE-2007-3892
+	RESERVED
+CVE-2007-3891
+	RESERVED
+CVE-2007-3890
+	RESERVED
+CVE-2007-3889 (Multiple SQL injection vulnerabilities in Insanely Simple Blog
0.5 and ...)
+	TODO: check
+CVE-2007-3888 (Multiple cross-site scripting (XSS) vulnerabilities in Insanely
Simple ...)
+	TODO: check
+CVE-2007-3887 (Multiple cross-site scripting (XSS) vulnerabilities in
mesaj_formu.asp ...)
+	TODO: check
+CVE-2007-3886 (Cross-site scripting (XSS) vulnerability in default.asp in
Element CMS ...)
+	TODO: check
+CVE-2007-3885 (Cross-site scripting (XSS) vulnerability in philboard_search.asp
in ...)
+	TODO: check
+CVE-2007-3884 (SQL injection vulnerability in philboard_forum.asp in
husrevforum ...)
+	TODO: check
+CVE-2007-3883 (The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.1
and ...)
+	TODO: check
+CVE-2007-3882 (SQL injection vulnerability in index.php in Expert Advisor
allows ...)
+	TODO: check
+CVE-2007-3881 (SQL injection vulnerability in index.php in Pictures Rating
(Picture ...)
+	TODO: check
+CVE-2007-3880
+	RESERVED
+CVE-2007-3879
+	RESERVED
+CVE-2007-3878
+	RESERVED
+CVE-2007-3877
+	RESERVED
+CVE-2007-3876
+	RESERVED
+CVE-2007-3875 (arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust
Antivirus) ...)
+	TODO: check
+CVE-2007-3874
+	RESERVED
+CVE-2007-3873
+	RESERVED
+CVE-2007-3872
+	RESERVED
+CVE-2007-3871
+	RESERVED
+CVE-2006-7221 (Multiple off-by-one errors in fsplib.c in fsplib before 0.8
allow ...)
+	TODO: check
 CVE-2007-XXXX [asterisk DoS in IAX2 channel driver]
 	- asterisk 1:1.4.9~dfsg-1
 	NOTE: ASA-2007-018
@@ -27,7 +328,7 @@
 	TODO: check
 CVE-2007-3859 (Unspecified vulnerability in the Oracle Internet Directory
component ...)
 	TODO: check
-CVE-2007-3858 (Multiple unspecified vulnerabilities in in Oracle Database
10.2.0.3 ...)
+CVE-2007-3858 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3
allow ...)
 	TODO: check
 CVE-2007-3857 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5
allow ...)
 	TODO: check
@@ -93,8 +394,8 @@
 	TODO: check
 CVE-2007-3826 (Microsoft Internet Explorer 7 on Windows XP SP2 allows remote
...)
 	TODO: check
-CVE-2007-3825
-	RESERVED
+CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation
in ...)
+	TODO: check
 CVE-2007-3824 (SQL injection vulnerability in katgoster.asp in MzK Blog (tr)
allows ...)
 	TODO: check
 CVE-2007-3823 (The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0
allows ...)
@@ -413,8 +714,8 @@
 	TODO: check
 CVE-2007-3680 (Stack-based buffer overflow in the odm_searchpath function in
libodm ...)
 	TODO: check
-CVE-2007-3679
-	RESERVED
+CVE-2007-3679 (The Citrix EPA ActiveX control (aka the &quot;endpoint
checking control&quot; or ...)
+	TODO: check
 CVE-2007-3678 (Stack-based buffer overflow in the MSWord text-import extension
(Word ...)
 	TODO: check
 CVE-2007-3677 (Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst
allow ...)
@@ -716,8 +1017,8 @@
 	TODO: check
 CVE-2007-3532
 	RESERVED
-CVE-2007-3531
-	RESERVED
+CVE-2007-3531 (The set_default_speeds function in backend/backend.c in NVidia
NVClock ...)
+	TODO: check
 CVE-2007-3530 (PHPDirector 0.21 and earlier stores the admin account name and
...)
 	TODO: check
 CVE-2007-3529 (videos.php in PHPDirector 0.21 and earlier allows remote
attackers to ...)
@@ -1091,8 +1392,7 @@
 	RESERVED
 CVE-2007-3384
 	RESERVED
-CVE-2007-3383 [XSS in Tomcat send mail example]
-	RESERVED
+CVE-2007-3383 (Cross-site scripting (XSS) vulnerability in SendMailServlet in
the ...)
 	- tomcat4 <removed> (low)
 	[sarge] - tomcat4 <no-dsa> (minor issue)
 	NOTE: affects example app in tomcat4-webapps
@@ -1100,8 +1400,8 @@
 	RESERVED
 CVE-2007-3381
 	RESERVED
-CVE-2007-3380
-	RESERVED
+CVE-2007-3380 (The Distributed Lock Manager (DLM) in the cluster manager for
Linux ...)
+	TODO: check
 CVE-2007-3379
 	RESERVED
 CVE-2007-3378 (The (1) session_save_path and (2) ini_set functions in PHP 4.4.7
and ...)
@@ -1293,7 +1593,7 @@
 	NOT-FOR-US: MiniBill
 CVE-2007-3305 (Heap-based buffer overflow in Cerulean Studios Trillian 3.x
before ...)
 	NOT-FOR-US: Cerulean Studios Trillian
-CVE-2007-3304 (Apache httpd 1.3.37, and 2.2.4 with the Prefork MPM module,
allows ...)
+CVE-2007-3304 (Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM
module, ...)
 	- apache <removed> (low)
 	[etch] - apache <unfixed> (low)
 	[sarge] - apache <unfixed> (low)
@@ -1303,8 +1603,8 @@
 CVE-2007-3303 (Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module,
allows ...)
 	- apache2 <unfixed> (unimportant)
 	NOTE: If you can execute arbitrary code, a DoS is not a problem.
-CVE-2007-3302
-	RESERVED
+CVE-2007-3302 (The CallCode ActiveX control in caller.dll 3.0 before 20070713,
and ...)
+	TODO: check
 CVE-2007-3301 (SQL injection vulnerability in forum/include/error/autherror.cfm
in ...)
 	NOT-FOR-US: FuseTalk
 CVE-2007-3300 (Multiple F-Secure anti-virus products for Microsoft Windows and
Linux ...)
@@ -1375,8 +1675,8 @@
 	NOT-FOR-US: phpMyInventory
 CVE-2007-3269 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo
Light 3.6 ...)
 	NOT-FOR-US: Papoo Light
-CVE-2007-3268
-	RESERVED
+CVE-2007-3268 (The TFTP implementation in IBM Tivoli Provisioning Manager for
OS ...)
+	TODO: check
 CVE-2007-3267 (Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime
Forum ...)
 	NOT-FOR-US: Fuzzylime Forum
 CVE-2007-3266 (Directory traversal vulnerability in webif.cgi in ifnet WEBIF
allows ...)
@@ -1941,8 +2241,8 @@
 	NOT-FOR-US: Microsoft
 CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7
allows ...)
 	NOT-FOR-US: Microsoft Internet Explorer
-CVE-2007-3026
-	RESERVED
+CVE-2007-3026 (Integer overflow in Panda Software AdminSecure allows remote
attackers ...)
+	TODO: check
 CVE-2007-3025 (Unspecified vulnerability in libclamav/phishcheck.c in ClamAV
before ...)
 	- clamav <not-affected> (Solaris-specific bug)
 CVE-2007-3024 (libclamav/others.c in ClamAV before 0.90.3 and 0.91 before
0.91rc1 ...)
@@ -2112,8 +2412,8 @@
 	RESERVED
 CVE-2007-2951 (The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in
KVIrc ...)
 	- kvirc <unfixed> (bug #434419; medium)
-CVE-2007-2950
-	RESERVED
+CVE-2007-2950 (Centennial Discovery 2006 Feature Pack 1, which is used by (1)
Numara ...)
+	TODO: check
 CVE-2007-2949 (Integer overflow in the seek_to_and_unpack_pixeldata function in
the ...)
 	{DSA-1335-1}
 	- gimp 2.2.16-1 (medium)
@@ -2164,10 +2464,10 @@
 	RESERVED
 CVE-2007-2927
 	RESERVED
-CVE-2007-2926
-	RESERVED
-CVE-2007-2925
-	RESERVED
+CVE-2007-2926 (ISC BIND 9 through 9.5.0a5 uses a weak random number generator
during ...)
+	TODO: check
+CVE-2007-2925 (The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1,
and ...)
+	TODO: check
 CVE-2007-2924 (Multiple buffer overflows in RealNetworks GameHouse dldisplay
ActiveX ...)
 	NOT-FOR-US: RealNetworks GameHouse
 CVE-2007-2923 (The launch method in the LocalExec ActiveX control
(LocalExec.ocx) in ...)
@@ -5058,7 +5358,7 @@
 	NOT-FOR-US: IBM Lotus Domino
 CVE-2007-1674 (Stack-based buffer overflow in the Alert Service (aolnsrvr.exe)
in ...)
 	NOT-FOR-US: LANDesk Management Suite
-CVE-2007-1673 (unzoo.c allows remote attackers to cause a denial of service
(infinite ...)
+CVE-2007-1673 (unzoo.c, as used in multiple products including AMaViS 2.4.1 and
...)
 	[sarge] - zoo <no-dsa> (Minor issue)
 	[etch] - zoo <no-dsa> (Minor issue)
 	- zoo 2.10-19 (bug #424686)
@@ -5071,7 +5371,7 @@
 	NOT-FOR-US: Avira
 CVE-2007-1670 (Panda Software Antivirus before 20070402 allows remote attackers
to ...)
 	NOT-FOR-US: Panda
-CVE-2007-1669 (Barracuda Spam Firewall 3.4 and later with virusdef before
2.0.6399, ...)
+CVE-2007-1669 (zoo decoder 2.10 (zoo-2.10), as used in multiple products
including ...)
 	NOT-FOR-US: Barracuda
 CVE-2007-1668
 	RESERVED
@@ -8846,11 +9146,11 @@
 	NOT-FOR-US: Oracle
 CVE-2007-0273 (Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8,
...)
 	NOT-FOR-US: Oracle
-CVE-2007-0272 (Unspecified vulnerability in Oracle Database 8.1.7.4, 9.0.1.5,
...)
+CVE-2007-0272 (Multiple buffer overflows in MDSYS.MD in Oracle Database
8.1.7.4, ...)
 	NOT-FOR-US: Oracle
 CVE-2007-0271 (Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7
has ...)
 	NOT-FOR-US: Oracle
-CVE-2007-0270 (Unspecified vulnerability in Oracle Database 9.2.0.7 and
10.1.0.4 has ...)
+CVE-2007-0270 (Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and
...)
 	NOT-FOR-US: Oracle
 CVE-2007-0269 (Unspecified vulnerability in Oracle Database 9.2.0.8, 10.1.0.5,
and ...)
 	NOT-FOR-US: Oracle
@@ -9405,8 +9705,8 @@
 	RESERVED
 CVE-2007-0061
 	RESERVED
-CVE-2007-0060
-	RESERVED
+CVE-2007-0060 (Stack-based buffer overflow in the Message Queuing Server
(Cam.exe) in ...)
+	TODO: check
 CVE-2007-0059 (Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3
...)
 	NOT-FOR-US: Apple Quicktime
 CVE-2007-0058 (Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through
3.6.1.1 ...)
@@ -15715,8 +16015,8 @@
 	NOT-FOR-US: Novell eDirectory
 CVE-2006-4184 (SmartLine DeviceLock before 5.73 Build 305 does not properly
enforce ...)
 	NOT-FOR-US: SmartLine DeviceLock
-CVE-2006-4183
-	RESERVED
+CVE-2006-4183 (Heap-based buffer overflow in Microsoft DirectX SDK (February
2006) ...)
+	TODO: check
 CVE-2006-4182 (Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions
...)
 	{DSA-1196-1}
 	- clamav 0.88.5-1 (high; bug #393445)
@@ -28713,7 +29013,7 @@
 	NOTE: May have been fixed earlier, 2.99.51 was never uploaded to Debian.
 CVE-2002-2197 (Unknown vulnerability in Sun Solaris 8.0 allows local users to
cause a ...)
 	NOT-FOR-US: Solaris
-CVE-2002-2196 (Samba 2.2.5 and earlier does not properly terminate the ...)
+CVE-2002-2196 (Samba before 2.2.5 does not properly terminate the ...)
 	- samba 2.2.5 (high)
 CVE-2002-2195 (Buffer overflow in the version update check for Winamp 2.80 and
...)
 	NOT-FOR-US: Winamp
Secure testing commits - Jul 2007 - r6179 - data/CVE

[Secure-testing-commits] r6179 - data/CVE
