Author: fw Date: 2007-06-16 09:51:35 +0000 (Sat, 16 Jun 2007) New Revision: 6006 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-06-16 09:50:54 UTC (rev 6005) +++ data/CVE/list 2007-06-16 09:51:35 UTC (rev 6006) @@ -70,19 +70,19 @@ - glpi <unfixed> (bug #429192) - wordpress <unfixed> (bug #429194) CVE-2007-3214 (SQL injection vulnerability in style.php in e-Vision CMS 2.02 and ...) - TODO: check + NOT-FOR-US: e-Vision CMS CVE-2007-3213 (Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in ...) - TODO: check + NOT-FOR-US: Sporum Forum CVE-2007-3212 (Multiple cross-site scripting (XSS) vulnerabilities in links.php in ...) - TODO: check + NOT-FOR-US: Beehive Forum CVE-2007-3211 (Cross-site scripting (XSS) vulnerability in 404.php in Domain ...) - TODO: check + NOT-FOR-US: Domain Technologie Control (DTC) CVE-2007-3210 (Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens ...) - TODO: check + NOT-FOR-US: Cellosoft Tokens Object CVE-2007-3209 (Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses ...) - mail-notification <unfixed> (low; bug #429200) CVE-2007-3208 (CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 ...) - TODO: check + NOT-FOR-US: YaBB CVE-2007-3207 RESERVED CVE-2007-3206 @@ -91,47 +91,47 @@ - php4 <unfixed> (low) - php5 <unfixed> (low) CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network ...) - TODO: check + NOT-FOR-US: Just For Fun Network Management System (JFFNMS) CVE-2007-3203 (Stack-based buffer overflow in smtpdll.dll in the SMTP service in ...) - TODO: check + NOT-FOR-US: 602Pro LAN SUITE CVE-2007-3202 (Cross-site scripting (XSS) vulnerability in the rich text editor in ...) - TODO: check + NOT-FOR-US: Webwiz CVE-2007-3201 (Visual truncation vulnerability in Windows Privacy Tray (WinPT) 1.2.0 ...) - TODO: check + NOT-FOR-US: Windows Privacy Tray (WinPT) CVE-2007-3200 (NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and ...) - TODO: check + NOT-FOR-US: Novell CVE-2007-3199 (Unrestricted file upload vulnerability in Link Request Contact Form ...) - TODO: check + NOT-FOR-US: Link Request Contact Form CVE-2007-3198 (Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP ...) - TODO: check + NOT-FOR-US: Maran PHP Blog CVE-2007-3197 (SQL injection vulnerability in vBSupport.php in vBSupport 1.1 before ...) - TODO: check + NOT-FOR-US: vBulletin CVE-2007-3196 (SQL injection vulnerability in vBSupport.php in vSupport Integrated ...) - TODO: check + NOT-FOR-US: VBulletin CVE-2007-3195 (Cross-site scripting (XSS) vulnerability in index.php in ERFAN WIKI ...) - TODO: check + NOT-FOR-US: ERFAN WIKI CVE-2007-3194 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: myBloggie CVE-2007-3193 (lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the ...) - phpwiki <unfixed> (low; bug #429201) CVE-2007-3192 (admin/setup.php in Just For Fun Network Management System (JFFNMS) ...) - TODO: check + NOT-FOR-US: Just For Fun Network Management System (JFFNMS) CVE-2007-3191 (Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote ...) - TODO: check + NOT-FOR-US: Just For Fun Network Management System (JFFNMS) CVE-2007-3190 (Multiple SQL injection vulnerabilities in auth.php in Just For Fun ...) - TODO: check + NOT-FOR-US: Just For Fun Network Management System (JFFNMS) CVE-2007-3189 (Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun ...) - TODO: check + NOT-FOR-US: Just For Fun Network Management System (JFFNMS) CVE-2007-3188 (SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX ...) - TODO: check + NOT-FOR-US: Fullaspsite GeometriX Download Portal CVE-2007-3187 (Multiple unspecified vulnerabilities in Apple Safari for Windows allow ...) - TODO: check + NOT-FOR-US: Apple CVE-2007-3186 (Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Apple CVE-2007-3185 (Apple Safari Beta 3.0.1 for Windows public beta allows remote ...) - TODO: check + NOT-FOR-US: Apple CVE-2007-3184 (Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-3183 RESERVED CVE-2007-3182 @@ -139,39 +139,39 @@ CVE-2007-3181 (Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows ...) TODO: check CVE-2007-3180 (Buffer overflow in Help and Support Center before 4.4 C on HP Windows ...) - TODO: check + NOT-FOR-US: HP CVE-2007-3179 (Multiple SQL injection vulnerabilities in archives.php in Particle ...) - TODO: check + NOT-FOR-US: Particle Blogger CVE-2007-3178 (Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi ...) - TODO: check + NOT-FOR-US: Sistemi CVE-2007-3177 (Ingate Firewall and SIParator before 4.5.2 allow remote attackers to ...) - TODO: check + NOT-FOR-US: Ingate Firewall / SIParator CVE-2007-3176 (Unspecified vulnerability in Ingate Firewall and SIParator before ...) - TODO: check + NOT-FOR-US: Ingate Firewall / SIParator CVE-2007-3175 (Multiple SQL injection vulnerabilities in W2B Online Banking allow ...) - TODO: check + NOT-FOR-US: W2B Online Banking CVE-2007-3174 (Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online ...) - TODO: check + NOT-FOR-US: W2B Online Banking CVE-2007-3173 (Almnzm allows remote attackers to obtain sensitive information via an ...) - TODO: check + NOT-FOR-US: Almnzm CVE-2007-3172 (Directory traversal vulnerability in demo/pop3/error.php in Uebimiau ...) - TODO: check + NOT-FOR-US: UebiMiau CVE-2007-3171 (Uebimiau Webmail allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: UebiMiau CVE-2007-3170 (Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau ...) - TODO: check + NOT-FOR-US: Uebimiau CVE-2007-3169 (Buffer overflow in a certain ActiveX control in the EDraw Office ...) - TODO: check + NOT-FOR-US: EDraw Office Viewer Component CVE-2007-3168 (A certain ActiveX control in the EDraw Office Viewer Component ...) - TODO: check + NOT-FOR-US: EDraw Office Viewer Component CVE-2007-3167 (Stack-based buffer overflow in the Vivotek Motion Jpeg ActiveX control ...) - TODO: check + NOT-FOR-US: Vivotek CVE-2007-3166 (Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, ...) - TODO: check + NOT-FOR-US: Qualcomm Eudora CVE-2007-3165 (Tor before 0.1.2.14 can construct circuits in which an entry guard is ...) - tor 0.1.2.14-1 (medium) CVE-2007-3164 (Microsoft Internet Explorer 7, when prompting for HTTP Basic ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in Frederico ...) TODO: check CVE-2007-3162 (Buffer overflow in the NotSafe function in the idaiehlp ActiveX ...)