thr3ads.net - Secure testing commits - [Secure-testing-commits] r5732

If this information is useful, please help other people find it:
Share via:
Joey Hess
2007-Apr-25 21:14 UTC
[Secure-testing-commits] r5732 - data/CVE

Author: joeyh
Date: 2007-04-25 21:14:15 +0000 (Wed, 25 Apr 2007)
New Revision: 5732

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-04-25 19:29:45 UTC (rev 5731)
+++ data/CVE/list	2007-04-25 21:14:15 UTC (rev 5732)
@@ -1,3 +1,315 @@
+CVE-2007-2262 (Multiple PHP remote file inclusion vulnerabilities in ...)
+	TODO: check
+CVE-2007-2261 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2007-2260 (Multiple PHP remote file inclusion vulnerabilities in bibtex
mase beta ...)
+	TODO: check
+CVE-2007-2259 (SQL injection vulnerability in forum.php in EsForum 3.0 allows
remote ...)
+	TODO: check
+CVE-2007-2258 (PHP remote file inclusion vulnerability in includes/init.inc.php
in ...)
+	TODO: check
+CVE-2007-2257 (PHP remote file inclusion vulnerability in subscp.php in Fully
Modded ...)
+	TODO: check
+CVE-2007-2256 (Cross-site scripting (XSS) vulnerability in you.php in TJSChat
0.95 ...)
+	TODO: check
+CVE-2007-2255 (Multiple PHP remote file inclusion vulnerabilities in
Download-Engine ...)
+	TODO: check
+CVE-2007-2254 (PHP remote file inclusion vulnerability in
admin/setup/level2.php in ...)
+	TODO: check
+CVE-2007-2253 (Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to
...)
+	TODO: check
+CVE-2007-2252 (Directory traversal vulnerability in iconspopup.php in Exponent
CMS ...)
+	TODO: check
+CVE-2007-2251 (Unspecified vulnerability in the Roles module in Xaraya 1.1.2
and ...)
+	TODO: check
+CVE-2007-2250 (admin.php in Phorum before 5.1.22 allows remote attackers to
obtain ...)
+	TODO: check
+CVE-2007-2249 (include/controlcenter/users.php in Phorum before 5.1.22 allows
remote ...)
+	TODO: check
+CVE-2007-2248 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php
in ...)
+	TODO: check
+CVE-2007-2247 (SQL injection vulnerability in modules/news/article.php in
phpMySpace ...)
+	TODO: check
+CVE-2007-2246 (Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when
running ...)
+	TODO: check
+CVE-2007-2245 (Multiple cross-site scripting (XSS) vulnerabilities in
phpMyAdmin ...)
+	TODO: check
+CVE-2007-2244 (Multiple buffer overflows in Adobe Photoshop CS2 and CS3 allow
...)
+	TODO: check
+CVE-2007-2243 (OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is
...)
+	TODO: check
+CVE-2007-2242 (The IPv6 protocol allows remote attackers to cause a denial of
service ...)
+	TODO: check
+CVE-2007-2241
+	RESERVED
+CVE-2007-2240
+	RESERVED
+CVE-2007-2239
+	RESERVED
+CVE-2007-2238
+	RESERVED
+CVE-2007-2237
+	RESERVED
+CVE-2007-2236 (footer.php in PunBB 1.2.14 and earlier allows remote attackers
to ...)
+	TODO: check
+CVE-2007-2235 (Multiple cross-site scripting (XSS) vulnerabilities in PunBB
1.2.14 ...)
+	TODO: check
+CVE-2007-2234 (include/common.php in PunBB 1.2.14 and earlier does not properly
...)
+	TODO: check
+CVE-2007-2233 (cosign-bin/cosign.cgi in Cosign 2.0.2 and earlier allows remote
...)
+	TODO: check
+CVE-2007-2232 (The CHECK command in Cosign 2.0.1 and earlier allows remote
attackers ...)
+	TODO: check
+CVE-2007-2231 (Directory traversal vulnerability in index/mbox/mbox-storage.c
in ...)
+	TODO: check
+CVE-2007-2230 (SQL injection vulnerability in CA Clever Path Portal allows
remote ...)
+	TODO: check
+CVE-2007-2229
+	RESERVED
+CVE-2007-2228
+	RESERVED
+CVE-2007-2227
+	RESERVED
+CVE-2007-2226
+	RESERVED
+CVE-2007-2225
+	RESERVED
+CVE-2007-2224
+	RESERVED
+CVE-2007-2223
+	RESERVED
+CVE-2007-2222
+	RESERVED
+CVE-2007-2221
+	RESERVED
+CVE-2007-2220
+	RESERVED
+CVE-2007-2219
+	RESERVED
+CVE-2007-2218
+	RESERVED
+CVE-2007-2217
+	RESERVED
+CVE-2007-2216
+	RESERVED
+CVE-2007-2215
+	RESERVED
+CVE-2007-2214 (Unrestricted file upload vulnerability in
includes/upload_file.php in ...)
+	TODO: check
+CVE-2007-2213 (Unspecified vulnerability in the Initialize function in ...)
+	TODO: check
+CVE-2007-2212 (Multiple SQL injection vulnerabilities in calendar.php in MyBB
(aka ...)
+	TODO: check
+CVE-2007-2211 (SQL injection vulnerability in calendar.php in MyBB (aka ...)
+	TODO: check
+CVE-2007-2210 (A certain ActiveX control in askPopStp.dll in Netsprint Ask IE
Toolbar ...)
+	TODO: check
+CVE-2007-2209 (Buffer overflow in Corel Paint Shop Pro Photo 11.20 allows ...)
+	TODO: check
+CVE-2007-2208 (Multiple PHP remote file inclusion vulnerabilities in Extreme
PHPBB2 ...)
+	TODO: check
+CVE-2007-2207 (SQL injection vulnerability in contact/index.php in Ripe Website
...)
+	TODO: check
+CVE-2007-2206 (Cross-site scripting (XSS) vulnerability in contact/index.php in
Ripe ...)
+	TODO: check
+CVE-2007-2205 (PHP remote file inclusion vulnerability in
modules/rtmessageadd.php in ...)
+	TODO: check
+CVE-2007-2204 (Multiple PHP remote file inclusion vulnerabilities in GPL PHP
Board ...)
+	TODO: check
+CVE-2007-2203 (Cross-site scripting (XSS) vulnerability in Big Blue Guestbook
allows ...)
+	TODO: check
+CVE-2007-2202 (PHP remote file inclusion vulnerability in
inc_ACVS/SOAP/Transport.php ...)
+	TODO: check
+CVE-2007-2201 (Multiple PHP remote file inclusion vulnerabilities in Post
Revolution ...)
+	TODO: check
+CVE-2007-2200 (Directory traversal vulnerability in navigator/navigator_ok.php
in ...)
+	TODO: check
+CVE-2007-2199 (PHP remote file inclusion vulnerability in
libraries/pcl/pcltar.php in ...)
+	TODO: check
+CVE-2007-2198 (Cross-site scripting (XSS) vulnerability in LAN Management
System ...)
+	TODO: check
+CVE-2007-2197 (Race condition in the NeatUpload ASP.NET component 1.2.11
through ...)
+	TODO: check
+CVE-2007-2196 (PHP remote file inclusion vulnerability in jambook.php in the
Jambook ...)
+	TODO: check
+CVE-2007-2195 (aMSN (aka Alvaro''s Messenger) 0.96 and earlier allows
remote attackers ...)
+	TODO: check
+CVE-2007-2194 (Stack-based buffer overflow in XnView 1.90.3 allows
user-assisted ...)
+	TODO: check
+CVE-2007-2193 (Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0
Build ...)
+	TODO: check
+CVE-2007-2192 (Buffer overflow in Photofiltre Studio 8.1.1 allows user-assisted
...)
+	TODO: check
+CVE-2007-2191 (Multiple cross-site scripting (XSS) vulnerabilities in freePBX
2.2.x ...)
+	TODO: check
+CVE-2007-2190 (PHP remote file inclusion vulnerability in
admin/public/webpages.php ...)
+	TODO: check
+CVE-2007-2189 (PHP remote file inclusion vulnerability in
admin/admin_album_otf.php ...)
+	TODO: check
+CVE-2007-2188 (eXtremail 2.1.1 and earlier does not verify the ID field (aka
...)
+	TODO: check
+CVE-2007-2187 (Stack-based buffer overflow in eXtremail 2.1.1 and earlier
allows ...)
+	TODO: check
+CVE-2007-2186 (Foxit Reader 2.0 allows remote attackers to cause a denial of
service ...)
+	TODO: check
+CVE-2007-2185 (Multiple PHP remote file inclusion vulnerabilities in Supasite
1.23b ...)
+	TODO: check
+CVE-2007-2184 (Directory traversal vulnerability in imgsrv.php in jchit counter
1.0.0 ...)
+	TODO: check
+CVE-2007-2183 (SQL injection vulnerability in index.php in PHP-Ring Webring
System ...)
+	TODO: check
+CVE-2007-2182 (Unrestricted file upload vulnerability in forum_write.php in
Maran PHP ...)
+	TODO: check
+CVE-2007-2181 (PHP remote file inclusion vulnerability in admin/login.php in
Webinsta ...)
+	TODO: check
+CVE-2007-2180 (Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted
remote ...)
+	TODO: check
+CVE-2007-2179 (Multiple unspecified vulnerabilities in IXceedCompression in
...)
+	TODO: check
+CVE-2007-2178 (Multiple unspecified vulnerabilities in Objective Development
Sharity ...)
+	TODO: check
+CVE-2007-2177 (Stack-based buffer overflow in the Microgaming Download Helper
ActiveX ...)
+	TODO: check
+CVE-2007-2176 (Unspecified vulnerability in Mozilla Firefox allows remote
attackers ...)
+	TODO: check
+CVE-2007-2175 (Unspecified vulnerability in Apple Safari allows remote
attackers to ...)
+	TODO: check
+CVE-2007-2174 (The IOCTL handling in srescan.sys in the ZoneAlarm Spyware
Removal ...)
+	TODO: check
+CVE-2007-2173 (Eval injection vulnerability in (1) courier-imapd.indirect and
(2) ...)
+	TODO: check
+CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 causes RTA_MAX to
be used ...)
+	TODO: check
+CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in
...)
+	TODO: check
+CVE-2007-2170 (The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does
not ...)
+	TODO: check
+CVE-2007-2169 (Static code injection vulnerability in add.php in Mozzers
SubSystem ...)
+	TODO: check
+CVE-2007-2168 (Static code injection vulnerability in process.php in AimStats
3.2 and ...)
+	TODO: check
+CVE-2007-2167 (Static code injection vulnerability in process.php in AimStats
3.2 ...)
+	TODO: check
+CVE-2007-2166 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2007-2165 (The Auth API in ProFTPD before 20070417, when multiple
simultaneous ...)
+	TODO: check
+CVE-2007-2164 (Konqueror 3.5.5 release 45.4 allows remote attackers to cause a
denial ...)
+	TODO: check
+CVE-2007-2163 (Apple Safari allows remote attackers to cause a denial of
service ...)
+	TODO: check
+CVE-2007-2162 ((1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow
remote ...)
+	TODO: check
+CVE-2007-2161 (Microsoft Internet Explorer 7 allows remote attackers to cause a
...)
+	TODO: check
+CVE-2007-2160 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
+	TODO: check
+CVE-2007-2159 (Multiple cross-site scripting (XSS) vulnerabilities in the
Database ...)
+	TODO: check
+CVE-2007-2158 (PHP remote file inclusion vulnerability in index.php in jGallery
1.3 ...)
+	TODO: check
+CVE-2007-2157 (Directory traversal vulnerability in upload/force_download.php
in ...)
+	TODO: check
+CVE-2007-2156 (Multiple PHP remote file inclusion vulnerabilities in Rezervi
Generic ...)
+	TODO: check
+CVE-2007-2155 (Directory traversal vulnerability in template.php in in phpFaber
...)
+	TODO: check
+CVE-2007-2154 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2007-2153 (Cross-site scripting (XSS) vulnerability in atmail.php in @Mail
5.0 ...)
+	TODO: check
+CVE-2007-2152 (Buffer overflow in the On-Access Scanner in McAfee VirusScan
...)
+	TODO: check
+CVE-2007-2151 (The administration server in McAfee e-Business Server before
8.1.1 and ...)
+	TODO: check
+CVE-2007-2150 (BlueArc-FTPD in BlueArc Titan 2x00 devices with firmware
4.2.944b ...)
+	TODO: check
+CVE-2007-2149 (Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier stores
...)
+	TODO: check
+CVE-2007-2148 (Direct static code injection vulnerability in admin/save.php in
...)
+	TODO: check
+CVE-2007-2147 (admin/options.php in Stephen Craton (aka WiredPHP) Chatness
2.5.3 and ...)
+	TODO: check
+CVE-2007-2146 (The imagecomments function in classes.php in MiniGal b13 allow
remote ...)
+	TODO: check
+CVE-2007-2145 (The imagecomments function in classes.php in MiniGal b13 allows
remote ...)
+	TODO: check
+CVE-2007-2144 (PHP remote file inclusion vulnerability in
includes/CAltInstaller.php ...)
+	TODO: check
+CVE-2007-2143 (PHP remote file inclusion vulnerability in index.php in the
Be2004-2 ...)
+	TODO: check
+CVE-2007-2142 (Multiple PHP remote file inclusion vulnerabilities in
AjPortal2Php ...)
+	TODO: check
+CVE-2007-2141 (Direct static code injection vulnerability in shoutbox.php in
ShoutPro ...)
+	TODO: check
+CVE-2007-2140 (PHP remote file inclusion vulnerability in everything.php in
Franklin ...)
+	TODO: check
+CVE-2007-2139
+	RESERVED
+CVE-2007-2137 (Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring
Express ...)
+	TODO: check
+CVE-2007-2136 (Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol
...)
+	TODO: check
+CVE-2007-2135 (The ADI_BINARY component in the Oracle E-Business Suite allows
remote ...)
+	TODO: check
+CVE-2007-2134 (Unspecified vulnerability in the HTML Server in Oracle JD
Edwards ...)
+	TODO: check
+CVE-2007-2133 (Unspecified vulnerability in the PeopleSoft Enterprise Human
Capital ...)
+	TODO: check
+CVE-2007-2132 (Unspecified vulnerability in the PeopleTools component in Oracle
...)
+	TODO: check
+CVE-2007-2131 (Unspecified vulnerability in PeopleTools in Oracle PeopleSoft
...)
+	TODO: check
+CVE-2007-2130 (Unspecified vulnerability in Workflow Cartridge, as used in
Oracle ...)
+	TODO: check
+CVE-2007-2129 (Unspecified vulnerability in the Agent component in Oracle
Enterprise ...)
+	TODO: check
+CVE-2007-2128 (Unspecified vulnerability in the Sales Online component for
Oracle ...)
+	TODO: check
+CVE-2007-2127 (Multiple unspecified vulnerabilities in Oracle E-Business Suite
12.0.0 ...)
+	TODO: check
+CVE-2007-2126 (Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2
has ...)
+	TODO: check
+CVE-2007-2125 (Unspecified vulnerability in Collaborative Workspace in Oracle
...)
+	TODO: check
+CVE-2007-2124 (Unspecified vulnerability in the Portal component in Oracle ...)
+	TODO: check
+CVE-2007-2123 (Unspecified vulnerability in the Portal component in Oracle ...)
+	TODO: check
+CVE-2007-2122 (Unspecified vulnerability in the Wireless component in Oracle
...)
+	TODO: check
+CVE-2007-2121 (Unspecified vulnerability in the COREid Access component in
Oracle ...)
+	TODO: check
+CVE-2007-2120 (The Oracle Discoverer servlet in Oracle Application Server
9.0.4.3, ...)
+	TODO: check
+CVE-2007-2119 (Cross-site scripting (XSS) vulnerability in boundary_rules.jsp
in the ...)
+	TODO: check
+CVE-2007-2118 (Unspecified vulnerability in the Upgrade/Downgrade component of
Oracle ...)
+	TODO: check
+CVE-2007-2117 (Unspecified vulnerability in the Oracle Text component in Oracle
...)
+	TODO: check
+CVE-2007-2116 (Unspecified vulnerability in the Advanced Replication component
in ...)
+	TODO: check
+CVE-2007-2115 (Unspecified vulnerability in the Change Data Capture (CDC)
component ...)
+	TODO: check
+CVE-2007-2114 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5
and ...)
+	TODO: check
+CVE-2007-2113 (SQL injection vulnerability in the Upgrade/Downgrade component
...)
+	TODO: check
+CVE-2007-2112 (Unspecified vulnerability in the Authentication component for
Oracle ...)
+	TODO: check
+CVE-2007-2111 (SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in
...)
+	TODO: check
+CVE-2007-2110 (Unspecified vulnerability in the Core RDBMS component for Oracle
...)
+	TODO: check
+CVE-2007-2109 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3
have ...)
+	TODO: check
+CVE-2007-2108 (Unspecified vulnerability in the Core RDBMS component Oracle
Database ...)
+	TODO: check
+CVE-2006-7196
+	RESERVED
+CVE-2006-7195
+	RESERVED
 CVE-2007-XXXX [buffer overflow in mixmaster importing type 2 messages]
 	- mixmaster 3.0b2-5 (low; bug #418662)
 CVE-2007-XXXX [unspecified vulnerability in Clamav''s PDF parser]
@@ -7,7 +319,7 @@
 CVE-2007-XXXX [heap-based buffer overflow in git-blame with long file names]
 	- git-core 1.5.1.2-1 (low)
 	NOTE:
http://git.kernel.org/?p=git/git.git;a=commit;h=1bb88be99e4fdedcd5cc5292c11b566a00028deb
-CVE-2007-2138 [PostgreSQL: use temporary objects to execute code]
+CVE-2007-2138 (Untrusted search path vulnerability in PostgreSQL before 7.3.19,
7.4.x ...)
 	- postgresql-8.2 8.2.4-1
 	- postgresql-8.1 8.1.9-1
 	- postgresql-7.4 1:7.4.17-1
@@ -175,6 +487,7 @@
 	[etch] - lha <no-dsa> (Non-free not supported)
 CVE-2007-2029
 	RESERVED
+	{DSA-1281-1}
 CVE-2007-2028 (Memory leak in freeRADIUS 1.1.5 and earlier allows remote
attackers to ...)
 	- freeradius <unfixed> (low)
 CVE-2007-2027 (Untrusted search path vulnerability in the
add_filename_to_string ...)
@@ -246,6 +559,7 @@
 CVE-2007-1998 (Direct static code injection vulnerability in HIOX Guest Book
(HGB) ...)
 	NOT-FOR-US: HIOX Guest Book
 CVE-2007-1997 (Integer signedness error in the (1) cab_unstore and (2)
cab_extract ...)
+	{DSA-1281-1}
 	- clamav 0.90.2-1 (high)
 CVE-2007-1996 (PHP remote file inclusion vulnerability in codebreak.php in
CodeBreak, ...)
 	NOT-FOR-US: CodeBreak
@@ -295,8 +609,8 @@
 	NOT-FOR-US: Xoops modules
 CVE-2007-1973 (Race condition in the Virtual DOS Machine (VDM) in the Windows
Kernel ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2007-1972
-	RESERVED
+CVE-2007-1972 (** DISPUTED ** ...)
+	TODO: check
 CVE-2006-7194 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: Agora
 CVE-2006-7193 (** DISPUTED ** ...)
@@ -813,6 +1127,7 @@
 CVE-2007-1746
 	RESERVED
 CVE-2007-1745 (The chm_decompress_stream function in libclamav/chmunpack.c in
Clam ...)
+	{DSA-1281-1}
 	- clamav 0.90.2-1 (high)
 CVE-2007-1744
 	RESERVED
@@ -934,10 +1249,10 @@
 	RESERVED
 CVE-2007-1692 (The default configuration of Microsoft Windows uses the Web
Proxy ...)
 	NOT-FOR-US: Microsoft
-CVE-2007-1691
-	RESERVED
-CVE-2007-1690
-	RESERVED
+CVE-2007-1691 (Stack-based buffer overflow in Second Sight Software ActiveMod
ActiveX ...)
+	TODO: check
+CVE-2007-1690 (Multiple stack-based buffer overflows in Second Sight Software
...)
+	TODO: check
 CVE-2007-1689
 	RESERVED
 CVE-2007-1688
@@ -954,8 +1269,8 @@
 	RESERVED
 CVE-2007-1682
 	RESERVED
-CVE-2007-1681
-	RESERVED
+CVE-2007-1681 (Format string vulnerability in libwebconsole_services.so in Sun
Java ...)
+	TODO: check
 CVE-2007-1680 (Stack-based buffer overflow in the createAndJoinConference
function in ...)
 	NOT-FOR-US: AudioConf ActiveX control
 CVE-2007-1679 (** DISPUTED ** ...)
@@ -1724,8 +2039,8 @@
 	RESERVED
 CVE-2007-1354
 	RESERVED
-CVE-2007-1353
-	RESERVED
+CVE-2007-1353 (The setsockopt function in the L2CAP and HCI Bluetooth support
in the ...)
+	TODO: check
 CVE-2007-1352 (Integer overflow in the FontFileInitTable function in X.Org
libXfont ...)
 	- libxfont 1:1.2.2-2 (medium)
 CVE-2007-1351 (Integer overflow in the bdfReadCharacters function in bdfread.c
in (1) ...)
@@ -2794,8 +3109,8 @@
 	NOT-FOR-US: VS-Gastebuch
 CVE-2007-1010 (Multiple PHP remote file inclusion vulnerabilities in ZebraFeeds
1.0, ...)
 	NOT-FOR-US: ZebraFeeds
-CVE-2007-1009
-	RESERVED
+CVE-2007-1009 (Macrovision InstallAnywhere Enterprise before 8.0.1 uses the
...)
+	TODO: check
 CVE-2007-1008 (Apple iTunes 7.0.2 allows user-assisted remote attackers to
cause a ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2007-1007 (Format string vulnerability in GnomeMeeting 1.0.2 and earlier
allows ...)
@@ -3588,52 +3903,52 @@
 	RESERVED
 CVE-2007-0748
 	RESERVED
-CVE-2007-0747
-	RESERVED
-CVE-2007-0746
-	RESERVED
+CVE-2007-0747 (load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not
properly ...)
+	TODO: check
+CVE-2007-0746 (Heap-based buffer overflow in the VideoConference framework in
Apple ...)
+	TODO: check
 CVE-2007-0745
 	RESERVED
-CVE-2007-0744
-	RESERVED
-CVE-2007-0743
-	RESERVED
-CVE-2007-0742
-	RESERVED
-CVE-2007-0741
-	RESERVED
+CVE-2007-0744 (SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly
clean ...)
+	TODO: check
+CVE-2007-0743 (URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the
username ...)
+	TODO: check
+CVE-2007-0742 (The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier
...)
+	TODO: check
+CVE-2007-0741 (Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9
...)
+	TODO: check
 CVE-2007-0740
 	RESERVED
-CVE-2007-0739
-	RESERVED
-CVE-2007-0738
-	RESERVED
-CVE-2007-0737
-	RESERVED
-CVE-2007-0736
-	RESERVED
-CVE-2007-0735
-	RESERVED
-CVE-2007-0734 (The AirPort Disk feature of the AirPort Extreme Base Station
with ...)
+CVE-2007-0739 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays
the ...)
+	TODO: check
+CVE-2007-0738 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not
...)
+	TODO: check
+CVE-2007-0737 (The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does
not ...)
+	TODO: check
+CVE-2007-0736 (Integer overflow in the RPC library in Libinfo in Apple Mac OS X
...)
+	TODO: check
+CVE-2007-0735 (Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9
...)
+	TODO: check
+CVE-2007-0734 (fsck, as used by the AirPort Disk feature of the AirPort Extreme
Base ...)
 	NOT-FOR-US: AirPort Extreme Base Station
 CVE-2007-0733 (Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9
and 10.4 ...)
 	NOT-FOR-US: Apple Mac ImageIO
-CVE-2007-0732
-	RESERVED
+CVE-2007-0732 (Unspecified vulnerability in the CoreServices daemon in
CarbonCore in ...)
+	TODO: check
 CVE-2007-0731 (Stack-based buffer overflow in the Apple-specific Samba module
(SMB ...)
 	NOT-FOR-US: Apple Mac
 CVE-2007-0730 (Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4
through ...)
 	NOT-FOR-US: Apple Mac Server Manager
-CVE-2007-0729
-	RESERVED
+CVE-2007-0729 (Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9
through ...)
+	TODO: check
 CVE-2007-0728 (Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4
through ...)
 	NOT-FOR-US: Apple Mac
 CVE-2007-0727
 	RESERVED
 CVE-2007-0726 (The SSH key generation process in OpenSSH in Apple Mac OS X
10.3.9 and ...)
 	NOT-FOR-US: Apple OpenSSH
-CVE-2007-0725
-	RESERVED
+CVE-2007-0725 (Buffer overflow in the AirPortDriver module for AirPort in Apple
Mac ...)
+	TODO: check
 CVE-2007-0724 (The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4
through ...)
 	NOT-FOR-US: Apple Mac
 CVE-2007-0723 (Unspecified vulnerability in the authentication feature for ...)
@@ -4043,7 +4358,7 @@
 	- wordpress 2.1.0-1 (low)
 CVE-2007-0540 (WordPress allows remote attackers to cause a denial of service
...)
 	- wordpress 2.1.0-1 (low)
-CVE-2007-0539 (WordPress before 2.1 allows remote attackers to cause a denial
of ...)
+CVE-2007-0539 (The wp_remote_fopen function in WordPress before 2.1 allows
remote ...)
 	{DTSA-33-1}
 	- wordpress 2.1.0-1 (low)
 CVE-2007-0538 (Telligent Community Server 2.1 and earlier allows remote
attackers to ...)
@@ -4295,8 +4610,8 @@
 	NOT-FOR-US: Kaspersky Anti-Virus
 CVE-2007-0444 (Stack-based buffer overflow in the print provider library
(cpprov.dll) ...)
 	NOT-FOR-US: Citrix
-CVE-2007-0443
-	RESERVED
+CVE-2007-0443 (Multiple buffer overflows in the CDDBControl ActiveX control in
...)
+	TODO: check
 CVE-2007-0442 (Unspecified vulnerability in IBM OS/400 R530 and R535 has
unknown ...)
 	NOT-FOR-US: IBM OS/400
 CVE-2007-0441 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
Secure testing commits - Apr 2007 - r5732 - data/CVE

[Secure-testing-commits] r5732 - data/CVE
