Author: keescook-guest Date: 2007-03-08 01:29:12 +0000 (Thu, 08 Mar 2007) New Revision: 5522 Modified: data/CVE/list Log: NFUs: 121 unfixed: blender gnupg iceweasel isdnutils linux-2.6 php4 php5 tomcat5.5 util-linux viewcvs fixed: icedove iceweasel linux-ftpd wordpress not-affected: smarty wordpress Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-03-07 22:07:07 UTC (rev 5521) +++ data/CVE/list 2007-03-08 01:29:12 UTC (rev 5522) @@ -1,17 +1,18 @@ CVE-2007-1287 (A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and ...) - TODO: check + - php4 <unfixed> (low) CVE-2007-1286 (Integer overflow in PHP 4.4.4 and earlier allows remote ...) - TODO: check + - php4 <unfixed> (low) CVE-2007-1285 (The Zend Engine in PHP 4.x and 5.x allows remote attackers to cause a ...) - TODO: check + - php5 <unfixed> (low) + - php4 <unfixed> (low) CVE-2007-1284 RESERVED CVE-2007-1283 RESERVED CVE-2007-1282 (Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey ...) - TODO: check + - icedove 1.5.0.10.dfsg1-1 (medium) CVE-2007-1281 (Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux ...) - TODO: check + NOT-FOR-US: Kaspersky AntiVirus Engine CVE-2007-1280 RESERVED CVE-2007-1279 @@ -19,65 +20,65 @@ CVE-2007-1278 RESERVED CVE-2007-1277 (WordPress 2.1.1, as downloaded from some official distribution sites ...) - TODO: check + - wordpress <not-affected> (orig.tar.gz not compromised) CVE-2007-1276 (Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in ...) - TODO: check + NOT-FOR-US: Webmin CVE-2007-1275 RESERVED CVE-2007-1274 RESERVED CVE-2006-7134 (Unrestricted file upload vulnerability in main_user.php in Upload Tool ...) - TODO: check + NOT-FOR-US: Upload Tool for PHP CVE-2006-7133 (Directory traversal vulnerability in upload/bin/download.php in Upload ...) - TODO: check + NOT-FOR-US: Upload Tool for PHP CVE-2006-7132 (Directory traversal vulnerability in pmd-config.php in PHPMyDesk ...) - TODO: check + NOT-FOR-US: PHPMyDesk CVE-2006-7131 (PHP remote file inclusion vulnerability in extras/mt.php in Jinzora ...) - TODO: check + NOT-FOR-US: Jinzora CVE-2006-7130 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Jinzora CVE-2006-7129 (ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier ...) - TODO: check + NOT-FOR-US: ISS BlackICE CVE-2006-7128 (PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 ...) - TODO: check + NOT-FOR-US: JAF CMS CVE-2006-7127 (Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 ...) - TODO: check + NOT-FOR-US: JAF CMS CVE-2006-7126 (SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 ...) - TODO: check + NOT-FOR-US: Joomla component BSQ Sitestats CVE-2006-7125 (Cross-site scripting (XSS) vulnerability in Joomla BSQ Sitestats 1.8.0 ...) - TODO: check + NOT-FOR-US: Joomla component BSQ Sitestats CVE-2006-7124 (PHP remote file inclusion vulnerability in external/rssfeeds.php in ...) - TODO: check + NOT-FOR-US: Joomla component BSQ Sitestats CVE-2006-7123 (Multiple SQL injection vulnerabilities in BSQ Sitestats (component for ...) - TODO: check + NOT-FOR-US: Joomla component BSQ Sitestats CVE-2006-7122 (Cross-site scripting (XSS) vulnerability in the IP Address Lookup ...) - TODO: check + NOT-FOR-US: Joomla component BSQ Sitestats CVE-2006-7121 (The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote ...) - TODO: check + NOT-FOR-US: Linksys SPA-921 CVE-2006-7120 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: OSL maintain CVE-2006-7119 (PHP remote file inclusion vulnerability in kernel/system/startup.php ...) - TODO: check + NOT-FOR-US: PHPGiggle CVE-2006-7118 (SQL injection vulnerability in index.asp in DMXReady Site Engine ...) - TODO: check + NOT-FOR-US: DMXReady Site Engine Manager CVE-2006-7117 (Multiple directory traversal vulnerabilities in Kubix 0.7 and earlier ...) - TODO: check + NOT-FOR-US: Kubix CVE-2006-7116 (SQL injection vulnerability in includes/functions.php in Kubix 0.7 and ...) - TODO: check + NOT-FOR-US: Kubix CVE-2006-7115 (SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote ...) - TODO: check + NOT-FOR-US: PHPKit CVE-2006-7114 (P-News 2.0 stores db/user.txt under the web document root with ...) - TODO: check + NOT-FOR-US: P-News CVE-2006-7113 (Unrestricted file upload vulnerability in P-News 2.0 allows remote ...) - TODO: check + NOT-FOR-US: P-News CVE-2006-7112 (Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and ...) - TODO: check + NOT-FOR-US: MD-Pro CVE-2006-7111 (Unspecified vulnerability in Futomi''s CGI Cafe KMail CGI 1.0.3 and ...) - TODO: check + NOT-FOR-US: KMail CGI CVE-2006-7110 (Directory traversal vulnerability in the delete function in IMCE ...) - TODO: check + NOT-FOR-US: Drupal module IMCE CVE-2006-7109 (Unrestricted file upload vulnerability in IMCE before 1.6, a Drupal ...) - TODO: check + NOT-FOR-US: Drupal module IMCE CVE-2007-XXXX [buffer overruns in GIT''s http-push.c, fixed in 1.5.0.3] - git-core <unfixed> (bug #413629; low) CVE-2007-1273 @@ -101,97 +102,98 @@ CVE-2007-1264 (Enigmail 0.94.2 and earlier does not properly use the --status-fd ...) TODO: check CVE-2007-1263 (GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the ...) - TODO: check + - gnupg <unfixed> (low) CVE-2007-1262 RESERVED CVE-2007-1261 (Unspecified vulnerability in the reports system in OpenBiblio before ...) - TODO: check + NOT-FOR-US: OpenBiblio CVE-2007-1260 (Stack-based buffer overflow in the connectHandle function in ...) - TODO: check + NOT-FOR-US: WebMod CVE-2007-1259 (Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1258 (Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and ...) - TODO: check + NOT-FOR-US: Cisco IOS CVE-2007-1257 (The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, ...) - TODO: check + NOT-FOR-US: Cisco Catalyst CVE-2007-1256 (Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address ...) - TODO: check + - iceweasel <unfixed> (medium) CVE-2007-1255 (Unrestricted file upload vulnerability in admin.bbcode.php in ...) - TODO: check + NOT-FOR-US: Connectix Boards CVE-2007-1254 (SQL injection vulnerability in part.userprofile.php in Connectix ...) - TODO: check + NOT-FOR-US: Connectix Boards CVE-2007-1253 (Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script ...) - TODO: check + - blender <unfixed> (medium) CVE-2007-1252 (Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch ...) - TODO: check + NOT-FOR-US: Symantec Mail Security CVE-2007-1251 (Format string vulnerability in the new_warning function in ...) - TODO: check + NOT-FOR-US: Netrek Vanilla Server CVE-2007-1250 (SQL injection vulnerability in section/default.asp in ANGEL Learning ...) - TODO: check + NOT-FOR-US: Learning Management Suite CVE-2007-1249 (MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 ...) - TODO: check + NOT-FOR-US: Contelligent CVE-2007-1248 (Multiple cross-site scripting (XSS) vulnerabilities in built2go News ...) - TODO: check + NOT-FOR-US: News Manager Blog CVE-2007-1247 (Multiple PHP remote file inclusion vulnerabilities in aWeb Labs ...) - TODO: check + NOT-FOR-US: aWebNews CVE-2007-1246 (The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in ...) TODO: check CVE-2007-1245 (IrfanView 3.99 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: IrfanView CVE-2007-1244 (Cross-site request forgery (CSRF) vulnerability in the AdminPanel in ...) - TODO: check + - wordpress 2.1.2-1 (medium) CVE-2007-1243 (Audins Audiens 3.3 allows remote attackers to bypass authentication ...) - TODO: check + NOT-FOR-US: Audins Audiens CVE-2007-1242 (SQL injection vulnerability in system/index.php in Audins Audiens 3.3 ...) - TODO: check + NOT-FOR-US: Audins Audiens CVE-2007-1241 (Cross-site scripting (XSS) vulnerability in setup.php in Audins ...) - TODO: check + NOT-FOR-US: Audins Audiens CVE-2007-1240 (Multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS ...) - TODO: check + NOT-FOR-US: Docebo CMS CVE-2007-1239 (Microsoft Excel 2003 does not properly parse .XLS files, which allows ...) TODO: check CVE-2007-1238 (Microsoft Office 2003 allows user-assisted remote attackers to cause a ...) TODO: check CVE-2007-1237 (sitex allows remote attackers to obtain potentially sensitive ...) - TODO: check + NOT-FOR-US: sitex CVE-2007-1236 (sitex allows remote attackers to obtain sensitive information via a ...) - TODO: check + NOT-FOR-US: sitex CVE-2007-1235 (Unrestricted file upload vulnerability in sitex allows remote ...) - TODO: check + NOT-FOR-US: sitex CVE-2007-1234 (Multiple cross-site scripting (XSS) vulnerabilities in sitex allow ...) - TODO: check + NOT-FOR-US: sitex CVE-2007-1233 (PHP remote file inclusion vulnerability in downloadcounter.php in ...) - TODO: check + NOT-FOR-US: STWC-Counter CVE-2007-1232 (Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote ...) - TODO: check + NOT-FOR-US: SQLiteManager CVE-2007-1231 (Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager ...) - TODO: check + NOT-FOR-US: SQLiteManager CVE-2007-1230 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + - wordpress 2.1.2-1 (medium) CVE-2007-1229 (Cross-site scripting (XSS) vulnerability in the Nullsoft ...) - TODO: check + NOT-FOR-US: Nullsoft ShoutcastServer CVE-2007-1228 (IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2007-1227 (VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 ...) - TODO: check + NOT-FOR-US: McAfee VirusScan CVE-2007-1226 (McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak ...) - TODO: check + NOT-FOR-US: McAfee VirusScan CVE-2007-1225 (The connection log file implementation in Grok Developments NetProxy ...) - TODO: check + NOT-FOR-US: Grok Developments NetProxy CVE-2007-1224 (Grok Developments NetProxy 4.03 allows remote attackers to bypass URL ...) - TODO: check + NOT-FOR-US: Grok Developments NetProxy CVE-2007-1223 (Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows ...) - TODO: check + NOT-FOR-US: Hitachi OSAS/FT/W CVE-2007-1222 (Parallels Desktop for Mac before 20070216 implements Drag and Drop by ...) - TODO: check + NOT-FOR-US: Parallels Desktop CVE-2007-1221 (The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows ...) TODO: check CVE-2007-1220 (The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 does not ...) TODO: check CVE-2007-1219 (PHP remote file inclusion vulnerability in actions/del.php in Admin ...) - TODO: check + NOT-FOR-US: Phorum CVE-2007-1217 (Buffer overflow in the bufprint function in capiutil.c in libcapi, as ...) - TODO: check + - isdnutils <unfixed> (low) + - linux-2.6 <unfixed> (low) CVE-2007-1216 RESERVED CVE-2007-1215 @@ -229,117 +231,117 @@ CVE-2007-1199 (Adobe Reader and Acrobat Trial allow remote attackers to read ...) TODO: check CVE-2007-1198 (Cross-site scripting (XSS) vulnerability in TaskFreak! before 0.5.7 ...) - TODO: check + NOT-FOR-US: TaskFreak! CVE-2007-1197 (Multiple unspecified vulnerabilities in Epiware before 4.7.5 have ...) - TODO: check + NOT-FOR-US: Epiware CVE-2007-1196 (Unspecified vulnerability in Citrix Presentation Server Client for ...) - TODO: check + NOT-FOR-US: Citrix CVE-2007-1195 (Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow ...) - TODO: check + NOT-FOR-US: XM Easy Personal FTP Server CVE-2007-1194 (Norman SandBox Analyzer does not use the proper range for Interrupt ...) - TODO: check + NOT-FOR-US: SandBox Analyzer CVE-2007-1193 (Multiple unspecified vulnerabilities in the Login page in OrangeHRM ...) - TODO: check + NOT-FOR-US: OrangeHRM CVE-2007-1192 (Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive ...) - TODO: check + NOT-FOR-US: HyperBook Guestbook CVE-2007-1191 (The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes ...) - TODO: check + NOT-FOR-US: Quicksilver plugin Social Bookmarks CVE-2007-1190 (Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX ...) - TODO: check + NOT-FOR-US: EmbeddedWB ActiveX control CVE-2007-1189 (Integer overflow in the envwrite function in the Alcatel-Lucent Bell ...) - TODO: check + NOT-FOR-US: Alcatel-Lucent Bell Labs Plan 9 CVE-2007-1188 (WebAPP before 0.9.9.5 allows remote attackers to submit Search form ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1187 (WebAPP before 0.9.9.5 allows remote authenticated users, without admin ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1186 (WebAPP before 0.9.9.5 does not "censor" the Latest Member real name, ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1185 (The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1184 (The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1183 (WebAPP before 0.9.9.5 allows remote authenticated users to spoof ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1182 (WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1181 (WebAPP before 0.9.9.5 passes (1) Unused Informations and (2) the ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1180 (WebAPP before 0.9.9.5 does not check referrers in certain forms, which ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1179 (WebAPP before 0.9.9.5 does not properly manage e-mail addresses in ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1178 (WebAPP before 0.9.9.5 does not check access in certain contexts ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1177 (WebAPP before 0.9.9.5 does not properly filter certain characters in ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1176 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1175 (Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1174 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1173 RESERVED CVE-2007-1172 (SQL injection vulnerability in nukesentinel.php in NukeSentinel ...) - TODO: check + NOT-FOR-US: WebAPP CVE-2007-1171 (SQL injection vulnerability in includes/nsbypass.php in NukeSentinel ...) - TODO: check + NOT-FOR-US: NukeSentinel CVE-2007-1170 (SimBin GTR - FIA GT Racing Game 1.5.0.0 and earlier, GT Legends ...) - TODO: check + NOT-FOR-US: SimBin Racing CVE-2007-1169 (The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, ...) - TODO: check + NOT-FOR-US: Trend Micro ServerProtect CVE-2007-1168 (Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before ...) - TODO: check + NOT-FOR-US: Trend Micro ServerProtect CVE-2007-1167 (inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and ...) - TODO: check + NOT-FOR-US: Clanportal CVE-2007-1166 (SQL injection vulnerability in result.php in Nabopoll 1.2 allows ...) - TODO: check + NOT-FOR-US: Nabopoll CVE-2007-1165 (Multiple PHP remote file inclusion vulnerabilities in DBGuestbook 1.1 ...) - TODO: check + NOT-FOR-US: DBGuestbook CVE-2007-1164 (Multiple PHP remote file inclusion vulnerabilities in DBImageGallery ...) - TODO: check + NOT-FOR-US: DBImageGallery CVE-2007-1163 (SQL injection vulnerability in printview.php in webSPELL 4.01.02 and ...) - TODO: check + NOT-FOR-US: webSPELL CVE-2007-1162 (A certain ActiveX control in the Common Controls Replacement Project ...) TODO: check CVE-2007-1161 (Cross-site scripting (XSS) vulnerability in call_entry.php in Call ...) - TODO: check + NOT-FOR-US: Call Center Software CVE-2006-7108 (login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when ...) - TODO: check + - util-linux <unfixed> (low) CVE-2006-7107 (PHP remote file inclusion vulnerability in upgrade.php in Coalescent ...) - TODO: check + NOT-FOR-US: freePBX CVE-2006-7106 (PHP remote file inclusion vulnerability in config.inc.php3 in Power ...) - TODO: check + NOT-FOR-US: Power Phlogger CVE-2006-7105 (** DISPUTED ** ...) - TODO: check + - smarty <not-affected> (described vulnerability never existed) CVE-2006-7104 (PHP remote file inclusion vulnerability in htmltemplate.php in the ...) - TODO: check + NOT-FOR-US: MOStlyContent Editor CVE-2006-7103 (Multiple directory traversal vulnerabilities in EZOnlineGallery 1.3 ...) - TODO: check + NOT-FOR-US: EZOnlineGallery CVE-2006-7102 (Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal ...) - TODO: check + NOT-FOR-US: phpBurningPortal quiz-modul CVE-2006-7101 (SQL injection vulnerability in admin.php in PHPWind 5.0.1 and earlier ...) - TODO: check + NOT-FOR-US: PHPWind CVE-2006-7100 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: phpBB Insert User CVE-2006-7099 (Directory traversal vulnerability in index.php in SolarPay allows ...) - TODO: check + NOT-FOR-US: SolarPay CVE-2006-7098 (The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server ...) - apache 1.3.34-4.1 (low; bug #357561) CVE-2006-7097 (Multiple unspecified vulnerabilities in TaskFreak! before 0.1.4 have ...) - TODO: check + NOT-FOR-US: TaskFreak! CVE-2006-7096 (Buffer overflow in the network_host_handle_join function in host.c in ...) - TODO: check + NOT-FOR-US: dimension 3 engine CVE-2006-7095 (Integer signedness error in the network_receive_packet function in ...) - TODO: check + NOT-FOR-US: dimension 3 engine CVE-2006-7094 (ftpd, as used by Gentoo and Debian Linux, sets the gid to the ...) - TODO: check + - linux-ftpd 0.17-23 (bug #384454; low) CVE-2005-4832 (SQL injection vulnerability in the Oracle Database Server 10g allows ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2005-4831 (viewcvs in ViewCVS 0.9.2 allows remote attackers to set the ...) TODO: check CVE-2005-4830 (CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote ...) - TODO: check + - viewcvs <unfixed> (low) CVE-2004-2680 (mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly ...) TODO: check CVE-2007-1218 (Off-by-one buffer overflow in the parse_elements function in the ...) @@ -846,7 +848,7 @@ CVE-2007-1006 (Multiple format string vulnerabilities in the ...) - ekiga 2.0.3-2.1 (bug #411944; high) CVE-2007-1005 (Heap-based buffer overflow in SW3eng.exe in the eID Engine service in ...) - TODO: check + NOT-FOR-US: eTrust Intrusion Detection CVE-2007-1004 (Mozilla Firefox mmight allow remote attackers to condut spoofing and ...) - iceweasel <unfixed> (low) CVE-2007-1003 @@ -874,7 +876,7 @@ [sarge] - mozilla-firefox <unfixed> (low) [sarge] - mozilla <unfixed> (low) CVE-2007-0994 (A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x ...) - TODO: check + - iceweasel 2.0.0.2+dfsg-2 (medium) CVE-2007-0993 RESERVED CVE-2007-0992 @@ -1519,7 +1521,7 @@ [sarge] - mozilla-thunderbird <unfixed> (low) [sarge] - mozilla <unfixed> (high) CVE-2007-0774 (Stack-based buffer overflow in the map_uri_to_worker function ...) - TODO: check + - tomcat5.5 <unfixed> (medium) CVE-2007-0773 RESERVED CVE-2007-0772 (The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows ...) @@ -1668,21 +1670,21 @@ CVE-2007-0719 RESERVED CVE-2007-0718 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-0717 (Integer overflow in Apple QuickTime before 7.1.5 allows remote ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-0716 (Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-0715 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-0714 (Integer overflow in Apple QuickTime before 7.1.5 allows remote ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-0713 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-0712 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-0711 (Integer overflow in Apple QuickTime before 7.1.5, when installed on ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-0710 (The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote ...) NOT-FOR-US: Apple iChat CVE-2007-0709 (cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) ...) @@ -10191,7 +10193,7 @@ CVE-2006-3893 (Multiple buffer overflows in the ActiveX controls in Newtone ImageKit ...) NOT-FOR-US: Newtone ImageKit CVE-2006-3892 (The Management Console server in EMC NetWorker (formerly Legato ...) - TODO: check + NOT-FOR-US: EMC NetWorker CVE-2006-3891 RESERVED CVE-2006-3890 (Stack-based buffer overflow in the Sky Software FileView ActiveX ...) @@ -29273,7 +29275,7 @@ CVE-2005-1731 RESERVED CVE-2005-1730 (Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in ...) - TODO: check + NOT-FOR-US: Novell iManager CVE-2005-1729 (Novell eDirectory 8.7.3 allows remote attackers to cause a denial of ...) NOT-FOR-US: Novell CVE-2005-1728 (MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs ...)