Author: stef-guest Date: 2007-02-11 22:06:19 +0100 (Sun, 11 Feb 2007) New Revision: 5439 Modified: data/CVE/list Log: CVE-2007-0855: new rar/unrar issue (high, because they are called by amavisd-new in default configuration) Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-02-11 20:14:09 UTC (rev 5438) +++ data/CVE/list 2007-02-11 21:06:19 UTC (rev 5439) @@ -4,7 +4,7 @@ NOTE: might not affect Debian version because HTML mode is disabled. sf: pinged maintainer CVE-2007-XXXX [php: multiple issues fixed in php 5.2.1] - php4 <unfixed> - - php5 <unfixed> (bug filed) + - php5 <unfixed> (bug #410561) CVE-2007-XXXX [ikiwiki allows web user to edit images and other non-page format files in the wiki] - ikiwiki 1.42 CVE-2007-0858 @@ -14,7 +14,12 @@ CVE-2007-0856 (TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module ...) NOT-FOR-US: Trend Micro Anti-Rootkit Common Module CVE-2007-0855 (Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR ...) - TODO: check + - rar <unfixed> (high) + - unrar-nonfree <unfixed> (high) (bug filed) + NOTE: amavid-new automatically uses "rar -p-" or "unrar -p-", + NOTE: which probably turns this into remote code execution + NOTE: clamav can also call unrar -p-, but AFAICS not in default configuration + TODO: unrar-free and clamav (which embeds unrar-free code) need to be checked CVE-2007-0854 (Remote file inclusion vulnerability in objcache in cPanel WebHost ...) NOT-FOR-US: cPanel WebHost Manager CVE-2007-0853 (SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers ...) @@ -1638,7 +1643,7 @@ - gforge 4.5.14-20 (low; bug #406244) [sarge] - gforge <not-affected> (Vulnerable code not present) CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in ...) - - b2evolution <unfixed> (bug filed; low) + - b2evolution <unfixed> (bug #410568; low) CVE-2007-0174 (Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ...) NOT-FOR-US: Sina UC2006 CVE-2007-0173 (Directory traversal vulnerability in index.php in L2J Statistik Script ...)