thr3ads.net - Secure testing commits - [Secure-testing-commits] r5871

If this information is useful, please help other people find it:
Share via:
fw at alioth.debian.org
2007-May-17 19:10 UTC
[Secure-testing-commits] r5871 - data/CVE

Author: fw
Date: 2007-05-17 19:10:43 +0000 (Thu, 17 May 2007)
New Revision: 5871

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-05-17 18:50:38 UTC (rev 5870)
+++ data/CVE/list	2007-05-17 19:10:43 UTC (rev 5871)
@@ -165,99 +165,99 @@
 CVE-2007-2637 (MoinMoin before 20070507 does not properly enforce ACLs for
calendars ...)
 	TODO: check
 CVE-2007-2636 (Unspecified vulnerability in phpTodo before 0.8.1 allows remote
...)
-	TODO: check
+	NOT-FOR-US: phpTodo
 CVE-2007-2635 (Unspecified vulnerability in Interchange before 5.4.2 allows
remote ...)
 	- interchange 5.4.2-1 (low)
 CVE-2007-2634 (PHP remote file inclusion vulnerability in common/errormsg.php
in ...)
-	TODO: check
+	NOT-FOR-US: aForum
 CVE-2007-2633 (Directory traversal vulnerability in H-Sphere SiteStudio 1.6
allows ...)
-	TODO: check
+	NOT-FOR-US: H-Sphere
 CVE-2007-2632 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Multi
User ...)
-	TODO: check
+	NOT-FOR-US: phpMUR
 CVE-2007-2631 (Cross-site request forgery (CSRF) vulnerability in SquirrelMail
...)
 	TODO: check
 CVE-2007-2630 (Incomplete blacklist vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: ActiveCampaign products
 CVE-2007-2629 (Bradford CampusManager Network Control Application Server 3.1(6)
...)
-	TODO: check
+	NOT-FOR-US: Bradford
 CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php in
...)
-	TODO: check
+	NOT-FOR-US: PHPSecurityAdmin
 CVE-2007-2627 (Cross-site scripting (XSS) vulnerability in sidebar.php in
WordPress, ...)
 	TODO: check
 CVE-2007-2626 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: SchoolBoard
 CVE-2007-2625 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: All In One Control Panel (AIOCP)
 CVE-2007-2624 (Dynamic variable evaluation vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: All In One Control Panel (AIOCP)
 CVE-2007-2623 (Multiple buffer overflows in RControl.dll in Remote Display Dev
kit ...)
-	TODO: check
+	NOT-FOR-US: Remote Display Dev kit
 CVE-2007-2622 (Multiple SQL injection vulnerabilities in TaskDriver 1.2 and
earlier ...)
-	TODO: check
+	NOT-FOR-US: TaskDriver
 CVE-2007-2621 (SQL injection vulnerability in event_view.php in Thyme Calendar
1.3 ...)
-	TODO: check
+	NOT-FOR-US: Thyme Calendar
 CVE-2007-2620 (PHP remote file inclusion vulnerability in inc/config.inc.php in
Jakub ...)
-	TODO: check
+	NOT-FOR-US: Jakub Steiner (aka jimmac) original 
 CVE-2007-2619 (Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login
...)
-	TODO: check
+	NOT-FOR-US: Symantec pcAnywhere
 CVE-2007-2618 (CRLF injection vulnerability in index.php in Drake CMS 0.4.0
allows ...)
-	TODO: check
+	NOT-FOR-US: Drake CMS
 CVE-2007-2617 (srsexec in Sun Remote Services (SRS) Net Connect Software Proxy
Core ...)
 	TODO: check
 CVE-2007-2616 (Stack-based buffer overflow in the SSL version of the NMDMC.EXE
...)
-	TODO: check
+	NOT-FOR-US: Novell NetMail
 CVE-2007-2615 (Multiple PHP remote file inclusion vulnerabilities in Crie seu
...)
-	TODO: check
+	NOT-FOR-US: PHPLojaFacil
 CVE-2007-2614 (PHP remote file inclusion vulnerability in examples/widget8.php
in ...)
-	TODO: check
+	NOT-FOR-US: phpHtmlLib
 CVE-2007-2613 (WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a
shared ...)
-	TODO: check
+	NOT-FOR-US: WikkaWiki
 CVE-2007-2612 (SQL injection vulnerability in libs/Wakka.class.php in WikkaWiki
...)
-	TODO: check
+	NOT-FOR-US: WikkaWiki
 CVE-2007-2611 (Multiple PHP remote file inclusion vulnerabilities in CGX
20050314 ...)
-	TODO: check
+	NOT-FOR-US: CGX
 CVE-2007-2610 (Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9,
and ...)
-	TODO: check
+	NOT-FOR-US: OpenLD
 CVE-2007-2609 (Multiple PHP remote file inclusion vulnerabilities in gnuedu
1.3b2 ...)
 	TODO: check
 CVE-2007-2608 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Miplex2
 CVE-2007-2607 (PHP remote file inclusion vulnerability in
views/print/printbar.php in ...)
-	TODO: check
+	NOT-FOR-US: LaVague
 CVE-2007-2606 (Multiple buffer overflows in Firebird 2.1 allow attackers to
trigger ...)
 	TODO: check
 CVE-2007-2605 (Unspecified vulnerability in the GetPropertyById function in
...)
-	TODO: check
+	NOT-FOR-US: Brujula Toolbar
 CVE-2007-2604 (Unspecified vulnerability in the FlexLabel ActiveX control
allows ...)
-	TODO: check
+	NOT-FOR-US: FlexLabel
 CVE-2007-2603 (Unspecified vulnerability in the Init function in the Audio CD
Ripper ...)
-	TODO: check
+	NOT-FOR-US: Audio CD Ripper
 CVE-2007-2602 (Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11
allows ...)
-	TODO: check
+	NOT-FOR-US: Ipswitch WhatsUp
 CVE-2007-2601 (Buffer overflow in a certain ActiveX control in the GDivX Zenith
...)
-	TODO: check
+	NOT-FOR-US: GDivX Zenith Player
 CVE-2007-2600 (Multiple cross-site scripting (XSS) vulnerabilities in
TutorialCMS ...)
-	TODO: check
+	NOT-FOR-US: TutorialCMS
 CVE-2007-2599 (Multiple SQL injection vulnerabilities in TutorialCMS (aka
Photoshop ...)
-	TODO: check
+	NOT-FOR-US: TutorialCMS
 CVE-2007-2598 (SQL injection vulnerability in print.php in SimpleNews 1.0.0
FINAL ...)
-	TODO: check
+	NOT-FOR-US: PHP SimpleNEWS
 CVE-2007-2597 (Multiple PHP remote file inclusion vulnerabilities in telltarget
CMS ...)
-	TODO: check
+	NOT-FOR-US: telltarget CMS
 CVE-2007-2596 (PHP remote file inclusion vulnerability in common/func.php in
aForum ...)
-	TODO: check
+	NOT-FOR-US: aForum
 CVE-2007-2595 (RSAuction 2.73.1.3 allows remote authenticated users to move
their own ...)
-	TODO: check
+	NOT-FOR-US: RSAuction
 CVE-2007-2594 (PHP remote file inclusion vulnerability in inc/articles.inc.php
in ...)
-	TODO: check
+	NOT-FOR-US: phpMyPortal
 CVE-2007-2593 (The Terminal Server in Microsoft Windows 2003 Server, when using
TLS, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2007-2592 (Multiple cross-site scripting (XSS) vulnerabilities in Nokia
...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2007-2591 (usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2,
...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2007-2590 (Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2,
...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2007-2589 (Cross-site request forgery (CSRF) vulnerability in compose.php
in ...)
 	TODO: check
 CVE-2003-1327 (Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and
...)
@@ -400,9 +400,9 @@
 CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS
(Open ...)
 	- otrs2 <unfixed> (bug #423524)
 CVE-2007-2523 (CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before
...)
-	TODO: check
+	NOT-FOR-US: CA Anti-Virus
 CVE-2007-2522 (Stack-based buffer overflow in the inoweb Console Server in CA
...)
-	TODO: check
+	NOT-FOR-US: CA Anti-Virus
 CVE-2007-2521 (PHP remote file inclusion vulnerability in common.php in E-GADS!
2.2.6 ...)
 	NOT-FOR-US: E-GADS!
 CVE-2007-2520
@@ -1771,11 +1771,11 @@
 CVE-2007-1904 (Directory traversal vulnerability in AOL Instant Messenger (AIM)
5.9 ...)
 	NOT-FOR-US: AOL Instant Messenger
 CVE-2007-1903 (Cross-site scripting (XSS) vulnerability in search.php in
SonicBB 1.0 ...)
-	TODO: check
+	NOT-FOR-US: SonicBB
 CVE-2007-1902 (Multiple SQL injection vulnerabilities in SonicBB 1.0 allow
remote ...)
-	TODO: check
+	NOT-FOR-US: SonicBB
 CVE-2007-1901 (SonicBB 1.0 allows remote attackers to obtain sensitive
information ...)
-	TODO: check
+	NOT-FOR-US: SonicBB
 CVE-2007-1900 (CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter
in ...)
 	{DSA-1283-1}
 	- php5 5.2.0-11 (low)
@@ -4946,7 +4946,7 @@
 CVE-2007-0755
 	RESERVED
 CVE-2007-0754 (Heap-based buffer overflow in Apple QuickTime before 7.1.3
allows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2007-0753
 	RESERVED
 CVE-2007-0752
@@ -4956,9 +4956,9 @@
 CVE-2007-0750
 	RESERVED
 CVE-2007-0749 (Multiple stack-based buffer overflows in the is_command function
in ...)
-	TODO: check
+	NOT-FOR-US: Apple Darwin Streaming Server
 CVE-2007-0748 (Heap-based buffer overflow in Apple Darwin Streaming Proxy, when
using ...)
-	TODO: check
+	NOT-FOR-US: Apple Darwin Streaming Server
 CVE-2007-0747 (load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not
properly ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2007-0746 (Heap-based buffer overflow in the VideoConference framework in
Apple ...)
@@ -5078,7 +5078,7 @@
 CVE-2007-0690
 	RESERVED
 CVE-2007-0689 (MyBB 1.2.4 allows remote attackers to obtain sensitive
information via ...)
-	TODO: check
+	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2006-6968 (Cross-site scripting (XSS) vulnerability in the group moderation
...)
 	NOT-FOR-US: Phorum
 CVE-2006-6967 (Check Point FireWall-1 allows remote attackers to obtain
certificate ...)
@@ -14586,7 +14586,7 @@
 CVE-2006-3457 (Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and
the ...)
 	NOT-FOR-US: Symantec
 CVE-2006-3456 (The Symantec NAVOPTS.DLL ActiveX control (aka ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2006-3455 (The SAVRT.SYS device driver, as used in Symantec AntiVirus
Corporate ...)
 	NOT-FOR-US: Symantec
 CVE-2006-3454 (Multiple format string vulnerabilities in Symantec AntiVirus
Corporate ...)
Secure testing commits - May 2007 - r5871 - data/CVE

[Secure-testing-commits] r5871 - data/CVE
