micah at alioth.debian.org
2007-Jun-25 07:35 UTC
[Secure-testing-commits] r6057 - data/CVE
Author: micah Date: 2007-06-25 07:35:56 +0000 (Mon, 25 Jun 2007) New Revision: 6057 Modified: data/CVE/list Log: bunch of NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-06-25 04:02:13 UTC (rev 6056) +++ data/CVE/list 2007-06-25 07:35:56 UTC (rev 6057) @@ -8,85 +8,85 @@ CVE-2007-3370 (Multiple PHP remote file inclusion vulnerabilities in Sun Board ...) TODO: check CVE-2007-3369 (Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with ...) - TODO: check + NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone CVE-2007-3368 (Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 ...) - TODO: check + NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone CVE-2007-3367 (Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before ...) - TODO: check + NOT-FOR-US: cPanel CVE-2007-3366 (Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper ...) - TODO: check + NOT-FOR-US: cPanel CVE-2007-3365 (MyServer 0.8.9 and earlier does not properly handle uppercase ...) - TODO: check + NOT-FOR-US: MyServer CVE-2007-3364 (Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi ...) - TODO: check + NOT-FOR-US: MyServer CVE-2007-3363 (Multiple unspecified vulnerabilities in ageet AGEphone before 1.6.3 ...) - TODO: check + NOT-FOR-US: AGEphone CVE-2007-3362 (ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC ...) - TODO: check + NOT-FOR-US: AGEphone CVE-2007-3361 (The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows ...) - TODO: check + NOT-FOR-US: Nortel PC Client SIP Soft Phone CVE-2007-3360 (hook.c in BitchX 1.1-final allows remote IRC servers to execute ...) TODO: check CVE-2007-3359 (Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and ...) - TODO: check + NOT-FOR-US: SerWeb CVE-2007-3358 (PHP remote file inclusion vulnerability in html/load_lang.php in ...) - TODO: check + NOT-FOR-US: SerWeb CVE-2007-3357 (NetClassifieds Premium Edition does not use encryption for (1) stored ...) - TODO: check + NOT-FOR-US: NetClassifieds Premium Edition CVE-2007-3356 (NetClassifieds Premium Edition allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: NetClassifieds Premium Edition CVE-2007-3355 (Multiple cross-site scripting (XSS) vulnerabilities in NetClassifieds ...) - TODO: check + NOT-FOR-US: NetClassifieds Premium Edition CVE-2007-3354 (Multiple SQL injection vulnerabilities in NetClassifieds Premium ...) - TODO: check + NOT-FOR-US: NetClassifieds Premium Edition CVE-2007-3353 (** DISPUTED ** ...) TODO: check CVE-2007-3352 (Cross-site scripting (XSS) vulnerability in the preview form in ...) - TODO: check + NOT-FOR-US: Stephen Ostermiller Contact Form CVE-2007-3351 (The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim ...) TODO: check CVE-2007-3350 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote ...) - TODO: check + NOT-FOR-US: AIM CVE-2007-3349 (The Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version ...) - TODO: check + NOT-FOR-US: Aastra 9112i SIP Phone CVE-2007-3348 (The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: D-Link DPH-540/DPH-541 phone CVE-2007-3347 (The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are ...) - TODO: check + NOT-FOR-US: D-Link DPH-540/DPH-541 phone CVE-2007-3346 (Directory traversal vulnerability in index.php in PHPAccounts 0.5 ...) - TODO: check + NOT-FOR-US: PHPAccounts CVE-2007-3345 (Multiple SQL injection vulnerabilities in index.php in PHPAccounts 0.5 ...) - TODO: check + NOT-FOR-US: PHPAccounts CVE-2007-3344 (Multiple cross-site scripting (XSS) vulnerabilities in netjukebox ...) - TODO: check + NOT-FOR-US: netjukebox CVE-2007-3343 (Cross-site scripting (XSS) vulnerability in RaidenHTTPD before 2.0.14 ...) - TODO: check + NOT-FOR-US: RaidenHTTPD CVE-2007-3342 (Multiple cross-site scripting (XSS) vulnerabilities in Movable Type ...) TODO: check CVE-2007-3341 (Unspecified vulnerability in the FTP implementation in Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-3340 (HTTP SERVER 1.6.2 allows remote attackers to cause a denial of service ...) TODO: check CVE-2007-3339 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + NOT-FOR-US: ColdFusion CVE-2007-3338 (Multiple buffer stack-based overflows in Ingres database server 2006 ...) - TODO: check + NOT-FOR-US: Ingres CVE-2007-3337 (wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used ...) - TODO: check + NOT-FOR-US: Ingres CVE-2007-3336 (Multiple "pointer overwrite" vulnerabilities in Ingres database server ...) - TODO: check + NOT-FOR-US: Ingres CVE-2007-3335 (Multiple SQL injection vulnerabilities in the admin panel in PHPEcho ...) - TODO: check + NOT-FOR-US: PHPEcho CMS CVE-2007-3334 (Multiple heap-based buffer overflows in the (1) Communications Server ...) - TODO: check + NOT-FOR-US: Ingres CVE-2007-3333 RESERVED CVE-2007-3332 (Directory traversal vulnerability in Satellite.php in Satel Lite for ...) TODO: check CVE-2007-3331 (Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO ...) - TODO: check + NOT-FOR-US: STphp EasyNews PRO CVE-2007-3330 (Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0 ...) - TODO: check + NOT-FOR-US: STphp EasyNews PRO CVE-2007-3329 (Multiple array index errors in the (1) get_intra_block, (2) ...) TODO: check CVE-2007-3328 (Multiple cross-site scripting (XSS) vulnerabilities in Interact 2.4 ...) @@ -94,13 +94,13 @@ CVE-2007-3327 (httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain ...) TODO: check CVE-2007-3326 (Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow ...) - TODO: check + NOT-FOR-US: vBulletin CVE-2007-3325 (PHP remote file inclusion vulnerability in lib/language.php in LAN ...) TODO: check CVE-2007-3324 (Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart ...) - TODO: check + NOT-FOR-US: Comersus Cart CVE-2007-3323 (SQL injection vulnerability in comersus_optReviewReadExec.asp in ...) - TODO: check + NOT-FOR-US: Comersus Shop Cart CVE-2006-7207 (Buffer overflow in ageet AGEphone before 1.4.0 might allow remote ...) TODO: check CVE-2006-7206 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...) @@ -133,17 +133,17 @@ CVE-2007-3311 (SQL injection vulnerability in print.php in the Articles 1.02 and ...) NOT-FOR-US: Articles CVE-2007-3310 (Cross-site scripting (XSS) vulnerability in arama.asp in TDizin allows ...) - TODO: check + NOT-FOR-US: TDizin CVE-2007-3309 (Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.2 allows ...) - TODO: check + NOT-FOR-US: Simple Machines Forum CVE-2007-3308 (Simple Machines Forum (SMF) 1.1.2 uses a concatenation method with ...) - TODO: check + NOT-FOR-US: Simple Machines Forum CVE-2007-3307 (SQL injection vulnerability in game_listing.php in Solar Empire ...) - TODO: check + NOT-FOR-US: Solar Empire CVE-2007-3306 (PHP remote file inclusion vulnerability in crontab/run_billing.php in ...) - TODO: check + NOT-FOR-US: MiniBill CVE-2007-3305 (Heap-based buffer overflow in Cerulean Studios Trillian 3.x before ...) - TODO: check + NOT-FOR-US: Cerulean Studios Trillian CVE-2007-3304 (Apache httpd 1.3.37, and 2.0.59 and 2.2.4 with the Prefork MPM module, ...) TODO: check CVE-2007-3303 (Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows ...) @@ -151,15 +151,15 @@ CVE-2007-3302 RESERVED CVE-2007-3301 (SQL injection vulnerability in forum/include/error/autherror.cfm in ...) - TODO: check + NOT-FOR-US: FuseTalk CVE-2007-3300 (Multiple F-Secure anti-virus products for Microsoft Windows and Linux ...) TODO: check CVE-2007-3299 (Cross-site scripting (XSS) vulnerability in AWFFull before 3.7.4, when ...) TODO: check CVE-2007-3298 (SQL injection vulnerability in Spey before 0.4.1 allows remote ...) - TODO: check + NOT-FOR-US: Spey CVE-2007-3297 (Multiple PHP remote file inclusion vulnerabilities in Musoo 0.21 allow ...) - TODO: check + NOT-FOR-US: Musoo CVE-2007-3296 (The ThunderServer.webThunder.1 ActiveX control in xunlei Web ...) TODO: check CVE-2007-3295 (Directory traversal vulnerability in Yet another Bulletin Board (YaBB) ...)