thr3ads.net - Secure testing commits - [Secure-testing-commits] r5493

If this information is useful, please help other people find it:
Share via:
Joey Hess
2007-Feb-28 09:14 UTC
[Secure-testing-commits] r5493 - data/CVE

Author: joeyh
Date: 2007-02-28 09:14:13 +0100 (Wed, 28 Feb 2007)
New Revision: 5493

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-02-27 23:03:05 UTC (rev 5492)
+++ data/CVE/list	2007-02-28 08:14:13 UTC (rev 5493)
@@ -1,3 +1,403 @@
+CVE-2007-1160 (webSPELL 4.0, and possibly later versions, allows remote
attackers to ...)
+	TODO: check
+CVE-2007-1159 (Cross-site scripting (XSS) vulnerability in modules/out.php in
...)
+	TODO: check
+CVE-2007-1158 (Directory traversal vulnerability in index.php in the Pagesetter
6.2.0 ...)
+	TODO: check
+CVE-2007-1157 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
+CVE-2007-1156 (JBrowser allows remote attackers to bypass authentication and
access ...)
+	TODO: check
+CVE-2007-1155 (Unrestricted file upload vulnerability in webSPELL allows remote
...)
+	TODO: check
+CVE-2007-1154 (SQL injection vulnerability in webSPELL allows remote attackers
to ...)
+	TODO: check
+CVE-2007-1153 (Multiple PHP remote file inclusion vulnerabilities in CutePHP
CuteNews ...)
+	TODO: check
+CVE-2007-1152 (Multiple directory traversal vulnerabilities in Pyrophobia
2.1.3.1 ...)
+	TODO: check
+CVE-2007-1151 (Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows
remote ...)
+	TODO: check
+CVE-2007-1150 (Unrestricted file upload vulnerability in LoveCMS 1.4 allows
remote ...)
+	TODO: check
+CVE-2007-1149 (Multiple directory traversal vulnerabilities in LoveCMS 1.4
allow ...)
+	TODO: check
+CVE-2007-1148 (PHP remote file inclusion vulnerability in install/index.php in
...)
+	TODO: check
+CVE-2007-1147 (PHP remote file inclusion vulnerability in view.php in hbm
allows ...)
+	TODO: check
+CVE-2007-1146 (PHP remote file inclusion vulnerability in function.php in
arabhost ...)
+	TODO: check
+CVE-2007-1145 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako
...)
+	TODO: check
+CVE-2007-1144 (Directory traversal vulnerability in jwpn-photos.php in J-Web
Pics ...)
+	TODO: check
+CVE-2007-1143 (Directory traversal vulnerability in pn-menu.php in J-Web Pics
...)
+	TODO: check
+CVE-2007-1142 (Cross-site scripting (XSS) vulnerability in Magic News Plus
1.0.2 ...)
+	TODO: check
+CVE-2007-1141 (PHP remote file inclusion vulnerability in preview.php in Magic
News ...)
+	TODO: check
+CVE-2007-1140 (Directory traversal vulnerability in edit.php in pheap allows
remote ...)
+	TODO: check
+CVE-2007-1139 (Unrestricted file upload vulnerability in Cromosoft Simple
Plantilla ...)
+	TODO: check
+CVE-2007-1138 (Absolute path traversal vulnerability in list_main_pages.php in
...)
+	TODO: check
+CVE-2007-1137 (putmail.py in Putmail before 1.4 does not detect when a user
attempts ...)
+	TODO: check
+CVE-2007-1136 (index.php in WebMplayer before 0.6.1-Alpha allows remote
attackers to ...)
+	TODO: check
+CVE-2007-1135 (Multiple SQL injection vulnerabilities in WebMplayer before ...)
+	TODO: check
+CVE-2007-1134 (Unspecified vulnerability in Watchtower (WT) before 0.12 has
unknown ...)
+	TODO: check
+CVE-2007-1133 (PHP remote file inclusion vulnerability in fcring.php in FCRing
1.3 ...)
+	TODO: check
+CVE-2007-1132 (Multiple cross-site scripting (XSS) vulnerabilities in MTCMS 2.2
allow ...)
+	TODO: check
+CVE-2007-1131 (PHP remote file inclusion vulnerability in sinapis.php in
Sinapis ...)
+	TODO: check
+CVE-2007-1130 (PHP remote file inclusion vulnerability in sinagb.php in Sinapis
...)
+	TODO: check
+CVE-2007-1129 (Multiple unrestricted file upload vulnerabilities in MTCMS 3.2
allow ...)
+	TODO: check
+CVE-2007-1128 (shopkitplus allows remote attackers to obtain sensitive
information ...)
+	TODO: check
+CVE-2007-1127 (Directory traversal vulnerability in enc/stylecss.php in
shopkitplus ...)
+	TODO: check
+CVE-2007-1126 (Directory traversal vulnerability in index.php in xtcommerce
allows ...)
+	TODO: check
+CVE-2007-1125 (Cross-site scripting (XSS) vulnerability in gallery.php in
XeroXer ...)
+	TODO: check
+CVE-2007-1124 (Directory traversal vulnerability in gallery.php in XeroXer
Simple ...)
+	TODO: check
+CVE-2007-1123 (Multiple PHP remote file inclusion vulnerabilities in ZPanel 2.0
allow ...)
+	TODO: check
+CVE-2007-1122 (Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens
...)
+	TODO: check
+CVE-2007-1121 (Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens
...)
+	TODO: check
+CVE-2007-1120 (The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile
functions ...)
+	TODO: check
+CVE-2007-1119 (Unspecified vulnerability in Novell ZENworks 7 Desktop
Management ...)
+	TODO: check
+CVE-2007-1118 (Multiple PHP remote file inclusion vulnerabilities in eFiction
3.1.1 ...)
+	TODO: check
+CVE-2007-1117 (Unspecified vulnerability in Publisher 2007 in Microsoft Office
2007 ...)
+	TODO: check
+CVE-2007-1116 (The CheckLoadURI function in Mozilla Firefox 1.8 lists the
about: URI ...)
+	TODO: check
+CVE-2007-1115 (The child frames in Opera 9 inherit the default charset from the
...)
+	TODO: check
+CVE-2007-1114 (The child frames in Microsoft Internet Explorer 7 inherit the
default ...)
+	TODO: check
+CVE-2007-1113
+	RESERVED
+CVE-2007-1112
+	RESERVED
+CVE-2007-1111 (Multiple cross-site scripting (XSS) vulnerabilities in
ActiveCalendar ...)
+	TODO: check
+CVE-2007-1110 (Directory traversal vulnerability in data/showcode.php in ...)
+	TODO: check
+CVE-2007-1109 (Multiple cross-site scripting (XSS) vulnerabilities in
Phpwebgallery ...)
+	TODO: check
+CVE-2007-1108 (PHP remote file inclusion vulnerability in index.php in
Christian ...)
+	TODO: check
+CVE-2007-1107 (SQL injection vulnerability in thumbnails.php in Coppermine
Photo ...)
+	TODO: check
+CVE-2007-1106 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2007-1105 (PHP remote file inclusion vulnerability in functions.php in
Extreme ...)
+	TODO: check
+CVE-2007-1104 (PHP remote file inclusion vulnerability in top.php in PHP Module
...)
+	TODO: check
+CVE-2007-1103 (Tor does not verify a node''s uptime and bandwidth
advertisements, ...)
+	TODO: check
+CVE-2007-1102 (Photostand 1.2.0 allows remote attackers to obtain sensitive
...)
+	TODO: check
+CVE-2007-1101 (Multiple cross-site scripting (XSS) vulnerabilities in
Photostand ...)
+	TODO: check
+CVE-2007-1100 (Directory traversal vulnerability in download.php in Pickle
allows ...)
+	TODO: check
+CVE-2007-1099 (dbclient in Dropbear SSH client before 0.49 does not
sufficiently warn ...)
+	TODO: check
+CVE-2007-1098 (Multiple unspecified vulnerabilities in ScryMUD before 2.1.11
have ...)
+	TODO: check
+CVE-2007-1097 (Unspecified vulnerability in the upload tool in Wiclear before
0.11.1 ...)
+	TODO: check
+CVE-2007-1096 (Cross-site scripting (XSS) vulnerability in ps_cart.php in
VirtueMart ...)
+	TODO: check
+CVE-2007-1095 (Mozilla Firefox does not properly implement JavaScript onUnload
...)
+	TODO: check
+CVE-2007-1094 (Microsoft Internet Explorer 7 allows remote attackers to cause a
...)
+	TODO: check
+CVE-2007-1093 (Multiple unspecified vulnerabilities in JP1/Cm2/Network Node
Manager ...)
+	TODO: check
+CVE-2007-1092 (Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8
allow ...)
+	TODO: check
+CVE-2007-1091 (Microsoft Internet Explorer 7 allows remote attackers to prevent
users ...)
+	TODO: check
+CVE-2007-1090 (Microsoft Windows Explorer on Windows XP and 2003 allows remote
...)
+	TODO: check
+CVE-2007-1089 (IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows
local ...)
+	TODO: check
+CVE-2007-1088 (Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15
and ...)
+	TODO: check
+CVE-2007-1087 (IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does
not ...)
+	TODO: check
+CVE-2007-1086 (Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1
...)
+	TODO: check
+CVE-2007-1085 (Cross-site scripting (XSS) vulnerability in Google Desktop
allows ...)
+	TODO: check
+CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before
...)
+	TODO: check
+CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk) ActiveX
...)
+	TODO: check
+CVE-2007-1082 (FTP Explorer 1.0.1 Build 047 allows remote servers to cause a
denial ...)
+	TODO: check
+CVE-2007-1081 (The start function in class.t3lib_formmail.php in TYPO3 before
4.0.5, ...)
+	TODO: check
+CVE-2007-1080 (Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572
allow ...)
+	TODO: check
+CVE-2007-1079 (Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager
...)
+	TODO: check
+CVE-2007-1078 (PHP remote file inclusion vulnerability in index.php in ...)
+	TODO: check
+CVE-2007-1077 (SQL injection vulnerability in page.asp in Design4Online
UserPages2 ...)
+	TODO: check
+CVE-2007-1076 (Multiple directory traversal vulnerabilities in phpTrafficA
1.4.1, and ...)
+	TODO: check
+CVE-2007-1075 (TurboFTP 5.30 Build 572 allows remote servers to cause a denial
of ...)
+	TODO: check
+CVE-2007-1074 (Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro
4.x ...)
+	TODO: check
+CVE-2007-1073 (Static code injection vulnerability in install.php in mcRefer
allows ...)
+	TODO: check
+CVE-2007-1072 (The command line interface (CLI) in Cisco Unified IP Phone
7906G, ...)
+	TODO: check
+CVE-2007-1071 (Integer overflow in the gifGetBandProc function in ImageIO in
Apple ...)
+	TODO: check
+CVE-2007-1069
+	RESERVED
+CVE-2007-1068 (The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS
PAP, ...)
+	TODO: check
+CVE-2007-1067 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and
2.x, ...)
+	TODO: check
+CVE-2007-1066 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and
2.x, ...)
+	TODO: check
+CVE-2007-1065 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and
2.x, ...)
+	TODO: check
+CVE-2007-1064 (Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and
2.x, ...)
+	TODO: check
+CVE-2007-1063 (The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G,
7961G, ...)
+	TODO: check
+CVE-2007-1062 (The Cisco Unified IP Conference Station 7935 3.2(15) and
earlier, and ...)
+	TODO: check
+CVE-2007-1061 (SQL injection vulnerability in index.php in Francisco Burzi
PHP-Nuke ...)
+	TODO: check
+CVE-2007-1060 (Multiple PHP remote file inclusion vulnerabilities in Interspire
...)
+	TODO: check
+CVE-2007-1059 (PHP remote file inclusion vulnerability in function.php in
Ultimate ...)
+	TODO: check
+CVE-2007-1058 (SQL injection vulnerability in user_pages/page.asp in Online Web
...)
+	TODO: check
+CVE-2007-1057 (The Net Direct client for Linux before 6.0.5 in Nortel
Application ...)
+	TODO: check
+CVE-2007-1056 (VMware Workstation 5.5.3 build 34685 does not provide per-user
...)
+	TODO: check
+CVE-2007-1055 (Cross-site scripting (XSS) vulnerability in the AJAX features in
...)
+	TODO: check
+CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features in
...)
+	TODO: check
+CVE-2007-1053 (** DISPUTED ** ...)
+	TODO: check
+CVE-2007-1052 (** DISPUTED ** ...)
+	TODO: check
+CVE-2007-1051 (Comodo Firewall Pro (formerly Comodo Personal Firewall)
2.4.17.183 and ...)
+	TODO: check
+CVE-2007-1050 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+	TODO: check
+CVE-2007-1048 (PHP remote file inclusion vulnerability in
admin_rebuild_search.php in ...)
+	TODO: check
+CVE-2007-1047 (Unspecified vulnerability in Distributed Checksum Clearinghouse
(DCC) ...)
+	TODO: check
+CVE-2007-1046 (Dem_trac allows remote attackers to read log file contents via a
...)
+	TODO: check
+CVE-2007-1045 (mAlbum 0.3 has default accunts (1)
&quot;login&quot;/&quot;pass&quot; for its ...)
+	TODO: check
+CVE-2007-1044 (Pearson Education PowerSchool 4.3.6 allows remote attackers to
list ...)
+	TODO: check
+CVE-2007-1043 (Ezboo webstats, possibly 3.0.3, allows remote attackers to
bypass ...)
+	TODO: check
+CVE-2007-1042 (Directory traversal vulnerability in news.php in Xpression News
...)
+	TODO: check
+CVE-2007-1041 (Multiple stack-based buffer overflows in S&amp;H Computer
Systems News ...)
+	TODO: check
+CVE-2007-1040 (Directory traversal vulnerability in archives.php in Xpression
News ...)
+	TODO: check
+CVE-2007-1039 (Unspecified vulnerability in Peanut Knowledge Base (PeanutKB)
0.0.3 ...)
+	TODO: check
+CVE-2007-1038 (Shemes.com Grabit 1.5.3, and possibly earlier, allows remote
attackers ...)
+	TODO: check
+CVE-2007-1037 (Stack-based buffer overflow in News File Grabber 4.1.0.1 and
earlier ...)
+	TODO: check
+CVE-2006-7093 (Cross-site scripting (XSS) vulnerability in Mambo LaiThai 4.5.4
...)
+	TODO: check
+CVE-2006-7092 (SQL injection vulnerability in includes/mambo.php in Mambo
LaiThai ...)
+	TODO: check
+CVE-2006-7091 (PHP remote file inclusion vulnerability in config.php in phpht
...)
+	TODO: check
+CVE-2006-7090 (PHP remote file inclusion vulnerability in phpbb_security.php in
phpBB ...)
+	TODO: check
+CVE-2006-7089 (SQL injection vulnerability in connexion.php in Ban 0.1 allows
remote ...)
+	TODO: check
+CVE-2006-7088 (Multiple SQL injection vulnerabilities in Simple PHP Forum
before 0.4 ...)
+	TODO: check
+CVE-2006-7087 (CRLF injection vulnerability in the mail function in Dotdeb PHP
before ...)
+	TODO: check
+CVE-2006-7086 (The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow
...)
+	TODO: check
+CVE-2006-7085 (Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote
attackers ...)
+	TODO: check
+CVE-2006-7084 (Directory traversal vulnerability in index.php in Rigter Portal
System ...)
+	TODO: check
+CVE-2006-7083 (Directory traversal vulnerability in index.php in Rigter Portal
System ...)
+	TODO: check
+CVE-2006-7082 (Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote
attackers ...)
+	TODO: check
+CVE-2006-7081 (Multiple PHP remote file inclusion vulnerabilities in PhpNews
1.0 ...)
+	TODO: check
+CVE-2006-7080 (Directory traversal vulnerability in the avatar upload feature
in exV2 ...)
+	TODO: check
+CVE-2006-7079 (Variable extraction vulnerability in include/common.php in exV2
...)
+	TODO: check
+CVE-2006-7078 (Multiple cross-site scripting (XSS) vulnerabilities in
Professional ...)
+	TODO: check
+CVE-2006-7077 (SQL injection vulnerability in guestbook.php in Advanced
Guestbook 2.4 ...)
+	TODO: check
+CVE-2006-7076 (Cross-site scripting (XSS) vulnerability in guestbook.php in
Advanced ...)
+	TODO: check
+CVE-2006-7075 (Buffer overflow in the meta_read_flac function in meta_decoder.c
for ...)
+	TODO: check
+CVE-2006-7074 (admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass
...)
+	TODO: check
+CVE-2006-7073 (Cross-site scripting (XSS) vulnerability in Opentools Attachment
Mod ...)
+	TODO: check
+CVE-2006-7072 (Cross-site scripting (XSS) vulnerability in GeoClassifieds
Enterprise ...)
+	TODO: check
+CVE-2006-7071 (SQL injection vulnerability in classes/class_session.php in
Invision ...)
+	TODO: check
+CVE-2006-7070 (Unrestricted file upload vulnerability in ...)
+	TODO: check
+CVE-2006-7069 (PHP remote file inclusion vulnerability in smarty_config.php in
...)
+	TODO: check
+CVE-2006-7068 (PHP remote file inclusion vulnerability in CliServ Web Community
0.65 ...)
+	TODO: check
+CVE-2006-7067 (Oracle 10g R2 and possibly other versions allows remote
attackers to ...)
+	TODO: check
+CVE-2006-7066 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote
...)
+	TODO: check
+CVE-2006-7065 (Microsoft Internet Explorer allows remote attackers to cause a
denial ...)
+	TODO: check
+CVE-2006-7064 (Cross-site scripting (XSS) vulnerability in forum/admin.php for
...)
+	TODO: check
+CVE-2006-7063 (Directory traversal vulnerability in profile.php in TinyPHPforum
3.6 ...)
+	TODO: check
+CVE-2006-7062 (calendar.php in Kamgaing Email System (kmail) 2.3 and earlier
allows ...)
+	TODO: check
+CVE-2006-7061 (Scriptsez.net E-Dating System stores data files with predictable
names ...)
+	TODO: check
+CVE-2006-7060 (cindex.php in Scriptsez.net E-Dating System allows remote
attackers to ...)
+	TODO: check
+CVE-2006-7059 (Multiple cross-site scripting (XSS) vulnerabilities in
Scriptsez.net ...)
+	TODO: check
+CVE-2006-7058 (Multiple cross-site scripting (XSS) vulnerabilities in Sphider
before ...)
+	TODO: check
+CVE-2006-7057 (SQL injection vulnerability in search.php in Sphider before
1.3.1c ...)
+	TODO: check
+CVE-2006-7056 (Multiple PHP remote file inclusion vulnerabilities in DreamCost
...)
+	TODO: check
+CVE-2006-7055 (PHP remote file inclusion vulnerability in index.php in
TotalCalendar ...)
+	TODO: check
+CVE-2006-7054 (The DNS module in Arkoon FAST360 UTM appliances 3.0 up to
3.0/29, 3.1 ...)
+	TODO: check
+CVE-2006-7053 (Unspecified vulnerability in Arkoon FAST360 UTM appliances 3.0
through ...)
+	TODO: check
+CVE-2006-7052 (Multiple PHP remote file inclusion vulnerabilities in DotWidget
For ...)
+	TODO: check
+CVE-2006-7051 (The sys_timer_create function in posix-timers.c for Linux kernel
2.6.x ...)
+	TODO: check
+CVE-2006-7050 (Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka
Wiki) ...)
+	TODO: check
+CVE-2006-7049 (The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls
the ...)
+	TODO: check
+CVE-2006-7048 (Multiple PHP remote file inclusion vulnerabilities in Claroline
1.7.5 ...)
+	TODO: check
+CVE-2006-7047 (include.php in Shoutpro 1.0 might allow remote attackers to
bypass IP ...)
+	TODO: check
+CVE-2006-7046 (PHP remote file inclusion vulnerability in
cmpro.intern/login.inc.php ...)
+	TODO: check
+CVE-2006-7045 (PHP remote file inclusion vulnerability in Clan Manager Pro
(CMPRO) ...)
+	TODO: check
+CVE-2006-7044 (PHP remote file inclusion vulnerability in comment.core.inc.php
in ...)
+	TODO: check
+CVE-2006-7043 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk
...)
+	TODO: check
+CVE-2006-7042 (Cross-site scripting (XSS) vulnerability in directory/index.php
in ...)
+	TODO: check
+CVE-2006-7041 (The SMTP service in MERCUR Messaging 2005 before Service Pack 4
allows ...)
+	TODO: check
+CVE-2006-7040 (Unspecified vulnerability in MERCUR Messaging 2005 before
Service Pack ...)
+	TODO: check
+CVE-2006-7039 (The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4
...)
+	TODO: check
+CVE-2006-7038 (Multiple buffer overflows in MERCUR Messaging 2005 before
Service Pack ...)
+	TODO: check
+CVE-2006-7037 (Mathcad 12 through 13.1 allows local users to bypass the
security ...)
+	TODO: check
+CVE-2006-7036 (PHP remote file inclusion vulnerability in register.php for
Andys Chat ...)
+	TODO: check
+CVE-2006-7035 (Directory traversal vulnerability in make_thumbnail.php in Super
Link ...)
+	TODO: check
+CVE-2006-7034 (SQL injection vulnerability in directory.php in Super Link
Exchange ...)
+	TODO: check
+CVE-2006-7033 (Cross-site scripting (XSS) vulnerability in Super Link Exchange
Script ...)
+	TODO: check
+CVE-2006-7032 (PHP remote file inclusion vulnerability in phpbb/getmsg.php in
FlashBB ...)
+	TODO: check
+CVE-2006-7031 (Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows
remote ...)
+	TODO: check
+CVE-2006-7030 (Microsoft Internet Explorer 6 SP2 and earlier allows remote
attackers ...)
+	TODO: check
+CVE-2006-7029 (Microsoft Internet Explorer 6 SP2 and earlier allows remote
attackers ...)
+	TODO: check
+CVE-2006-7028 (Single CPU Sun systems running Solaris 7, 8, or 9, such as
Netra, ...)
+	TODO: check
+CVE-2006-7027 (Microsoft Internet Security and Acceleration (ISA) Server 2004
logs ...)
+	TODO: check
+CVE-2006-7026 (PHP remote file inclusion vulnerability in sources/join.php in
...)
+	TODO: check
+CVE-2006-7025 (SQL injection vulnerability in admin/config.php in Bookmark4U
2.0 and ...)
+	TODO: check
+CVE-2005-4829 (VirtueMart before 1.0.1 does not properly handle errors when a
user is ...)
+	TODO: check
+CVE-2004-2679 (Check Point Firewall-1 4.1 up to NG AI R55 allows remote
attackers to ...)
+	TODO: check
+CVE-2004-2678 (Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and
...)
+	TODO: check
+CVE-2004-2677 (Format string vulnerability in qwik-smtpd.c in QwikMail SMTP
...)
+	TODO: check
+CVE-2003-1320 (SonicWALL firmware before 6.4.0.1 allows remote attackers to
cause a ...)
+	TODO: check
+CVE-2002-2225 (SafeNet VPN client allows remote attackers to cause a denial of
...)
+	TODO: check
+CVE-2002-2224 (Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0
SP6 ...)
+	TODO: check
+CVE-2002-2223 (Buffer overflow in NetScreen-Remote 8.0 allows remote attackers
to ...)
+	TODO: check
+CVE-2002-2222 (isakmpd/message.c in isakmpd in FreeBSD before
isakmpd-20020403_1, and ...)
+	TODO: check
 CVE-2007-XXXX [apache does not use setsid() to detach from controlling tty ]
 	- apache <unfixed> (bug #357561)
 CVE-2007-XXXX [vserver patch allows renice of processes in different context]
@@ -3,5 +403,5 @@
 	- linux-2.6 <unfixed> (bug #412143)
 CVE-2007-XXXX [apg generates insecure passwords on 64-bit architectures]
-        - apg <unfixed> (bug #412618)
+	- apg <unfixed> (bug #412618)
 	NOTE: This is not reproducible after a recompile on amd64.
 CVE-2007-XXXX [TYPO3 Security Bulletin TYPO3-20070221-1: Email header
injection]
@@ -18,7 +418,7 @@
 	- pure-ftpd <unfixed> (bug #350889)
 CVE-2007-XXXX [MediaWiki XSS based on Microsoft Internet Explorer''s
UTF-7 charset autodetection]
 	- mediawiki1.7 1.7.1-9 (low)
-CVE-2007-1049 [wordpress security issue related to code used to prevent XSS]
+CVE-2007-1049 (Cross-site scripting (XSS) vulnerability in the wp_explain_nonce
...)
 	- wordpress 2.1.1-1 (low)
 CVE-2007-1070 (Multiple stack-based buffer overflows in Trend Micro
ServerProtect for ...)
 	NOT-FOR-US: Trend Micro ServerProtect
@@ -27,7 +427,7 @@
 CVE-2007-1035 (Unspecified vulnerability in certain demonstration scripts in
getID3 ...)
 	NOT-FOR-US: Mediafield and Audio modules for Drupal
 	NOTE: this is not a php-getid3 problem, but related to the way these modules
embed getid3
-CVE-2007-1034 (SQL injection vulnerability in modules.php in the Emporium 2.3.0
and ...)
+CVE-2007-1034 (SQL injection vulnerability in the category file in modules.php
in the ...)
 	NOT-FOR-US: Emporium for PHP-Nuke
 CVE-2007-1033 (Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and
...)
 	NOT-FOR-US: Secure site for Drupal
@@ -104,10 +504,9 @@
 	RESERVED
 CVE-2007-0997
 	RESERVED
-CVE-2007-0996
-	RESERVED
-CVE-2007-0995 [mozilla Child frame character set inheritance]
-	RESERVED
+CVE-2007-0996 (The child frames in Mozilla Firefox before 1.5.0.10 and 2.x
before ...)
+	TODO: check
+CVE-2007-0995 (Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and
SeaMonkey ...)
 	NOTE: MFSA-2007-02
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape <unfixed> (low)
@@ -147,7 +546,7 @@
 	- asterisk-chan-capi <unfixed> (bug #411293)
 	- linux-2.6 <unfixed> (bug #411294)
 	NOTE: Not exploitable over ISDN network, only through a CAPI server
-CVE-2007-0981 (Mozilla based browsers, including Firefox, allow remote
attackers to ...)
+CVE-2007-0981 (Mozilla based browsers, including Firefox before 1.5.0.10 and
2.x ...)
 	NOTE: MFSA-2007-07
 	- iceweasel 2.0.0.1+dfsg-3 (bug #411192; high)
 	- xulrunner <unfixed> (high)
@@ -385,7 +784,7 @@
 	- clamav 0.90-1 (bug #411118)
 CVE-2007-0896 (Cross-site scripting (XSS) vulnerability in the (1) Sage before
...)
 	- firefox-sage 1.3.10-1
-CVE-2007-0451 (Unspecified vulnerability in Apache SpamAssassin before 3.1.8
allows remote ...)
+CVE-2007-0451 (Apache SpamAssassin before 3.1.8 allows remote attackers to
cause a ...)
 	- spamassassin 3.1.7-2 (bug #410843)
 	NOTE: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5318
 CVE-2007-0895 (Race condition in recursive directory deletion with the (1) -r
or (2) ...)
@@ -429,7 +828,7 @@
 	NOT-FOR-US: March Networks DVR
 CVE-2007-0876 (Cross-site scripting (XSS) vulnerability in Quick Digital Image
...)
 	NOT-FOR-US: Quick Digital Image Gallery
-CVE-2007-0875 (SQL injection vulnerability in install.php in mcRefer allows
remote ...)
+CVE-2007-0875 (** DISPUTED ** ...)
 	NOT-FOR-US: mcRefer
 CVE-2007-0874 (Allons_voter 1.0 allows remote attackers to bypass
authentication and ...)
 	NOT-FOR-US: Allons_voter
@@ -570,8 +969,8 @@
 	NOT-FOR-US: Open Tibia Server CMS
 CVE-2007-0845 (admin/index.php in Advanced Poll 2.0.0 through 2.0.5-dev allows
remote ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2007-0843
-	RESERVED
+CVE-2007-0843 (The ReadDirectoryChangesW API function on Microsoft Windows
2000, XP, ...)
+	TODO: check
 CVE-2007-0842 (The 64-bit versions of Microsoft Visual C++ 8.0 standard library
...)
 	NOT-FOR-US: Microsoft
 CVE-2007-0841 (Multiple unspecified vulnerabilities in vbDrupal before 4.7.6.0
have ...)
@@ -706,32 +1105,28 @@
 	RESERVED
 CVE-2007-0781
 	RESERVED
-CVE-2007-0780 [mozilla XSS and local file access by opening blocked popups]
-	RESERVED
+CVE-2007-0780 (browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x
before ...)
 	NOTE: MFSA-2007-05
 	- iceweasel 2.0.0.2+dfsg-1 (medium)
 	- iceape <unfixed> (medium)
 	- xulrunner <unfixed> (medium)
 	[sarge] - mozilla-firefox <unfixed> (medium)
 	[sarge] - mozilla <unfixed> (medium)
-CVE-2007-0779 [mozilla  Spoofing using custom cursor and CSS3 hotspot]
-	RESERVED
+CVE-2007-0779 (GUI overlay vulnerability in Mozilla Firefox 1.5.x before
1.5.0.10 and ...)
 	NOTE: MFSA-2007-04
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape <unfixed> (low)
 	- xulrunner <unfixed> (low)
 	[sarge] - mozilla-firefox <not-affected> (introduced in firefox 1.5)
 	[sarge] - mozilla <not-affected> (introduced in firefox 1.5)
-CVE-2007-0778 [mozilla Information disclosure through cache collisions]
-	RESERVED
+CVE-2007-0778 (The page cache feature in Mozilla Firefox before 1.5.0.10 and
2.x ...)
 	NOTE: MFSA-2007-03
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape <unfixed> (low)
 	- xulrunner <unfixed> (low)
 	[sarge] - mozilla-firefox <unfixed> (low)
 	[sarge] - mozilla <unfixed> (low)
-CVE-2007-0777 [mozilla Crashes with evidence of memory corruption]
-	RESERVED
+CVE-2007-0777 (The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x
...)
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
 	- iceape <unfixed> (high)
@@ -740,8 +1135,7 @@
 	[sarge] - mozilla-firefox <unfixed> (high)
 	[sarge] - mozilla-thunderbird <unfixed> (low)
 	[sarge] - mozilla <unfixed> (high)
-CVE-2007-0776 [mozilla Crashes with evidence of memory corruption]
-	RESERVED
+CVE-2007-0776 (Heap-based buffer overflow in the _cairo_pen_init function in
Mozilla ...)
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
 	- iceape <unfixed> (high)
@@ -750,8 +1144,7 @@
 	[sarge] - mozilla-firefox <unfixed> (high)
 	[sarge] - mozilla-thunderbird <unfixed> (low)
 	[sarge] - mozilla <unfixed> (high)
-CVE-2007-0775 [mozilla Crashes with evidence of memory corruption]
-	RESERVED
+CVE-2007-0775 (Multiple unspecified vulnerabilities in the layout engine in
Mozilla Firefox ...)
 	NOTE: MFSA-2007-01
 	- iceweasel 2.0.0.2+dfsg-1 (high)
 	- iceape <unfixed> (high)
@@ -764,11 +1157,12 @@
 	RESERVED
 CVE-2007-0773
 	RESERVED
-CVE-2007-0772 (The Linux kernel before 2.6.20.1 allows remote attackers to
cause a ...)
+CVE-2007-0772 (The Linux kernel 2.6.13 and other versions before 2.6.20.1
allows ...)
 	- linux-2.6 2.6.18.dfsg.1-11
 CVE-2007-0771
 	RESERVED
 CVE-2007-0770 (Buffer overflow in GraphicsMagick and ImageMagick allows
user-assisted ...)
+	{DSA-1260}
 	- graphicsmagick 1.1.7-12
 	- imagemagick 7:6.2.4.5.dfsg1-0.14 (bug #410435)
 CVE-2006-6982 (3proxy 0.5 to 0.5.2 does not offer NTLM authentication before
basic ...)
@@ -1827,10 +2221,10 @@
 	RESERVED
 CVE-2007-0322
 	RESERVED
-CVE-2007-0321
-	RESERVED
-CVE-2007-0320
-	RESERVED
+CVE-2007-0321 (Buffer overflow in the Update Service Agent ActiveX Control in
...)
+	TODO: check
+CVE-2007-0320 (Multiple buffer overflows in (a) an ActiveX control (iftw.dll)
and (b) ...)
+	TODO: check
 CVE-2007-0319
 	RESERVED
 CVE-2007-0318 (The do_hfs_truncate function in Mac OS X 10.4.8 allows ...)
@@ -2387,7 +2781,7 @@
 	NOT-FOR-US: Novell Client
 CVE-2007-0105 (Stack-based buffer overflow in the CSAdmin service in Cisco
Secure ...)
 	NOT-FOR-US: Cisco
-CVE-2007-0104 (The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1
patch 2, ...)
+CVE-2007-0104 (The Adobe PDF specification 1.3, as implemented by (a) xpdf
3.0.1 ...)
 	- kdegraphics 4:3.5.5-3 (unimportant)
 	- koffice <unfixed> (unimportant)
 	- poppler 0.4.5-5.1 (unimportant)
@@ -3166,8 +3560,7 @@
 	{DSA-1256-1}
 	- gtk+2.0 2.8.20-5
 	TODO: check gdk-pixbuf
-CVE-2007-0009 [mozilla SSLv2 Server Stack Overflow Vulnerability]
-	RESERVED
+CVE-2007-0009 (Stack-based buffer overflow in the SSLv2 support in Mozilla
Network ...)
 	NOTE: MFSA-2007-06
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape <unfixed> (low)
@@ -3175,8 +3568,7 @@
 	[sarge] - mozilla-firefox <unfixed> (high)
 	[sarge] - mozilla <unfixed> (high)
 	- firefox <removed> (high)
-CVE-2007-0008 [SSLv2 Client Integer Underflow Vulnerability]
-	RESERVED
+CVE-2007-0008 (Integer underflow in the SSLv2 support in Mozilla Network
Security ...)
 	NOTE: MFSA-2007-06
 	- iceweasel 2.0.0.2+dfsg-1 (low)
 	- iceape <unfixed> (low)
@@ -3196,8 +3588,8 @@
 	- pam <not-affected> (Only pam 0.99.7 affected)
 CVE-2007-0002
 	RESERVED
-CVE-2007-0001
-	RESERVED
+CVE-2007-0001 (The file watch implementation in the audit subsystem (auditctl
-w) in ...)
+	TODO: check
 CVE-2006-6659 (The Microsoft Office Outlook Recipient ActiveX control
(ole32.dll) in ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-6658 (Inktomi Search 4.1.4 allows remote attackers to obtain sensitive
...)
@@ -3212,7 +3604,7 @@
 	NOT-FOR-US: NetBSD
 CVE-2006-6653 (The accept function in NetBSD-current before 20061023, NetBSD
3.0 and ...)
 	NOT-FOR-US: NetBSD
-CVE-2006-6652 (Buffer overflow in the glob implementation in libc in
NetBSD-current ...)
+CVE-2006-6652 (Buffer overflow in the glob implementation (glob.c) in libc in
...)
 	NOT-FOR-US: NetBSD
 CVE-2006-6651 (Race condition in W29N51.SYS in the Intel 2200BG wireless driver
...)
 	NOT-FOR-US: Intel
@@ -3655,8 +4047,8 @@
 	REJECTED
 CVE-2006-6491
 	REJECTED
-CVE-2006-6490
-	RESERVED
+CVE-2006-6490 (Multiple buffer overflows in the SupportSoft (1) SmartIssue ...)
+	TODO: check
 CVE-2006-6489 (The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for
...)
 	NOT-FOR-US: SISCO OSI stack
 CVE-2006-6488 (Stack-based buffer overflow in the DoModal function in the
Dialog Wrapper ...)
@@ -4969,8 +5361,7 @@
 CVE-2006-5878 (Cross-site request forgery (CSRF) vulnerability in Edgewall Trac
0.10 ...)
 	{DSA-1209}
 	- trac 0.10.1-1 (bug #397683)
-CVE-2006-5877 [enigmail memory corruption]
-	RESERVED
+CVE-2006-5877 (The enigmail extension before 0.94.2 does not properly handle
large, ...)
 	- enigmail 2:0.94.2-1 (bug #406604)
 CVE-2006-5876 (The soup_headers_parse function in soup-headers.c for libsoup
HTTP ...)
 	{DSA-1248-1}
@@ -5001,10 +5392,11 @@
 	{DSA-1213}
 	- imagemagick 7:6.2.4.5.dfsg1-0.11
 CVE-2006-5867 (fetchmail before 6.3.6-rc4 does not properly enforce TLS and may
transmit ...)
+	{DSA-1259-1}
 	- fetchmail 6.3.6-1 (low)
 CVE-2006-5866 (Directory traversal vulnerability in Mdoc/view-sourcecode.php
for ...)
 	NOT-FOR-US: phpManta
-CVE-2006-5865 (PHP remote file inclusion vulnerability in language.inc.php for
Script ...)
+CVE-2006-5865 (PHP remote file inclusion vulnerability in language.inc.php in
MyAlbum ...)
 	NOT-FOR-US: Script Dowload
 CVE-2006-5863 (PHP remote file inclusion vulnerability in inc/session.php for
...)
 	NOT-FOR-US: LetterIt
@@ -6796,7 +7188,7 @@
 	[sarge] - busybox <not-affected> (Vulnerable code not present)
 CVE-2006-5049 (Unspecified vulnerability in Classifieds (com_classifieds)
component ...)
 	NOT-FOR-US: Classifieds (com_classifieds) component for Joomla!
-CVE-2006-5048 (Unspecified vulnerability in Security Images
(com_securityimages) ...)
+CVE-2006-5048 (Multiple PHP remote file inclusion vulnerabilities in Security
Images ...)
 	NOT-FOR-US: Security Images (com_securityimages) component for Joomla!
 CVE-2006-5047 (Unspecified vulnerability in rsgallery2.html.php in RS Gallery2
...)
 	NOT-FOR-US: RS Gallery2 component for Joomla! (com_rsgallery2)
@@ -9789,7 +10181,7 @@
 	NOT-FOR-US: FlushCMS
 CVE-2006-3754 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: FlushCMS
-CVE-2006-3753 (setcookie.php for tthe administration login in Professional Home
Page ...)
+CVE-2006-3753 (setcookie.php for the administration login in Professional Home
Page ...)
 	NOT-FOR-US: Professional Home Page Tools Guestbook
 CVE-2006-3752 (Multiple SQL injection vulnerabilities in class.php in
Professional ...)
 	NOT-FOR-US: Professional Home Page Tools Guestbook
@@ -10947,7 +11339,7 @@
 	NOT-FOR-US: IBM WebSphere
 CVE-2006-3230 (Cross-site scripting (XSS) vulnerability in index.tmpl in
Azureus ...)
 	NOT-FOR-US: Azureus plugin that isn''t distributed by default
-CVE-2006-3229 (Cross-site scripting (XSS) vulnerability in OpenWebMail (OWM)
2.52, ...)
+CVE-2006-3229 (Cross-site scripting (XSS) vulnerability in Open WebMail (OWM)
2.52, ...)
 	NOT-FOR-US: OpenWebMail
 CVE-2006-3228 (Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23,
including ...)
 	NOT-FOR-US: WinAmp
@@ -11304,7 +11696,7 @@
 	NOT-FOR-US: IBM DB2
 CVE-2006-3065 (SQL injection vulnerability in engine/shards/blog.php in blur6ex
...)
 	NOT-FOR-US: blur6ex
-CVE-2006-3064 (SQL injection vulnerability in include/function.inc.php in
Coppermine ...)
+CVE-2006-3064 (SQL injection vulnerability in the add_hit function in ...)
 	NOT-FOR-US: Coppermine Photo Gallery
 CVE-2006-3063 (Multiple cross-site scripting (XSS) vulnerabilities in myPHP
Guestbook ...)
 	NOT-FOR-US: myPHP Guestbook
@@ -14125,7 +14517,7 @@
 	NOT-FOR-US: Oracle
 CVE-2006-1866 (Multiple unspecified vulnerabilities in Oracle Database Server
...)
 	NOT-FOR-US: Oracle
-CVE-2006-1865 (Beagle before 0.2.5 can produce certain insecure command lines
to ...)
+CVE-2006-1865 (Argument injection vulnerability in Beagle before 0.2.5 allows
...)
 	- beagle 0.2.6-2 (bug #365371; medium)
 CVE-2006-1864 (Directory traversal vulnerability in smbfs in Linux 2.6.16 and
earlier ...)
 	{DSA-1103 DSA-1097-1}
@@ -15458,7 +15850,7 @@
 	NOT-FOR-US: Baby FTP Server
 CVE-2002-2209 (Unspecified &quot;security vulnerability&quot; in Baby
FTP Server versions ...)
 	NOT-FOR-US: Baby FTP Server
-CVE-2006-1378 (PasswordSafe 3.0, when running on Windows before XP, uses a weak
...)
+CVE-2006-1378 (PasswordSafe 3.0 beta, when running on Windows before XP, uses a
weak ...)
 	NOT-FOR-US: PasswordSafe
 CVE-2006-1377 (Cross-site scripting (XSS) vulnerability in img.php in (1)
EasyMoblog ...)
 	NOT-FOR-US: EasyMoblog
@@ -15723,7 +16115,7 @@
 	NOT-FOR-US: glFTPd
 CVE-2006-1252 (Eval injection vulnerability in cal.php in Light Weight Calendar
(LWC) ...)
 	NOT-FOR-US: Light Weight Calendar
-CVE-2006-1251 (greylistclean.cron in sa-exim 4.2 allows remote attackers to
delete ...)
+CVE-2006-1251 (Argument injection vulnerability in greylistclean.cron in
sa-exim 4.2 ...)
 	- sa-exim 4.2.1-1 (bug #345071; bug #356301)
 CVE-2006-1250 (Unspecified vulnerability in the Webmail module in Winmail
before 4.3 ...)
 	NOT-FOR-US: Winmail
@@ -16885,7 +17277,7 @@
 	NOT-FOR-US: Network Object Oriented File System (NOOFS)
 CVE-2006-0750 (SQL injection vulnerability in army.php in supersmashbrothers
(SSB) ...)
 	NOT-FOR-US: supersmashbrothers
-CVE-2006-0749 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before
1.0.8, ...)
+CVE-2006-0749 (nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x
before ...)
 	{DSA-1051-1 DSA-1046-1 DSA-1044-1}
 	- firefox 1.5.dfsg+1.5.0.2 (low)
 	- mozilla-firefox 1.5.dfsg+1.5.0.2 (low)
@@ -16966,7 +17358,7 @@
 	NOT-FOR-US: Plume CMS
 CVE-2006-0724 (profile.php in Reamday Enterprises Magic News Lite 1.2.3, when
...)
 	NOT-FOR-US: Reamday Enterprises Magic News Lite
-CVE-2006-0723 (preview.php in Reamday Enterprises Magic News Lite 1.2.3, when
...)
+CVE-2006-0723 (PHP remote file inclusion vulnerability in preview.php in
Reamday ...)
 	NOT-FOR-US: Reamday Enterprises Magic News Lite
 CVE-2006-0722 (settings.php in Reamday Enterprises Magic Downloads 1.1.3, when
...)
 	NOT-FOR-US: Reamday Enterprises Magic News Lite
@@ -17797,7 +18189,7 @@
 	NOT-FOR-US: 123 Flash Chat Server
 CVE-2006-0417 (SQL injection vulnerability in login.php in miniBloggie 1.0 and
...)
 	NOT-FOR-US: miniBloggie
-CVE-2006-0416 (SleeperChat 0.3f an earlier allows remote attackers to bypass
...)
+CVE-2006-0416 (SleeperChat 0.3f and earlier allows remote attackers to bypass
...)
 	NOT-FOR-US: SleeperChat
 CVE-2006-0415 (Cross-site scripting (XSS) vulnerability in index.php in
SleeperChat ...)
 	NOT-FOR-US: SleeperChat
@@ -19812,7 +20204,7 @@
 	NOT-FOR-US: Captcha
 CVE-2005-4162 (Cross-site scripting (XSS) vulnerability in cal_make.pl in ACME
...)
 	NOT-FOR-US: ACME PerlCal
-CVE-2005-4161 (Multiple cross-site scripting (XSS) vulnerabilities in
MilliScripts ...)
+CVE-2005-4161 (** DISPUTED ** ...)
 	NOT-FOR-US: MilliScripts
 CVE-2005-4160 (Directory traversal vulnerability in getdox.php in Torrential
1.2 ...)
 	NOT-FOR-US: Torrential
@@ -21705,7 +22097,7 @@
 	NOT-FOR-US: Active PHP Bookmarks
 CVE-2003-1254 (Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to
execute ...)
 	NOT-FOR-US: Active PHP Bookmarks
-CVE-2003-1253 (Bookmark4U 1.8.3 allows remote attackers to execute arbitrary
PHP code ...)
+CVE-2003-1253 (PHP remote file inclusion vulnerability in Bookmark4U 1.8.3
allows ...)
 	NOT-FOR-US: Bookmark4U
 CVE-2003-1252 (register.php in S8Forum 3.0 allows remote attackers to execute
...)
 	NOT-FOR-US: S8Forum
@@ -32856,7 +33248,7 @@
 	NOT-FOR-US: Privateer''s Bounty: Age of Sail II
 CVE-2004-1618 (Vypress Tonecast 1.3 and earlier allows remote attackers to
cause a ...)
 	NOT-FOR-US: Tonecast
-CVE-2004-1617 (Lynx and lynx-ssl allow remote attackers to cause a denial of
service ...)
+CVE-2004-1617 (Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote
attackers ...)
 	{DSA-1077-1 DSA-1076-1}
 	- lynx 2.8.5-2sarge1.2 (bug #296340; bug #384725; low)
 	- lynx-cur 2.8.6-6 (low)
@@ -39268,9 +39660,9 @@
 	NOT-FOR-US: XMBforum aka Partagium)
 CVE-2003-0374 (Multiple unknown vulnerabilities in Nessus before 2.0.6, in
libnessus ...)
 	- nessus 2.0.6
-CVE-2003-0373 (Multiple buffer overflows in Nessus before 2.0.6 allow local
users ...)
+CVE-2003-0373 (Multiple buffer overflows in libnasl in Nessus before 2.0.6
allow ...)
 	- nessus 2.0.6
-CVE-2003-0372 (Signed integer vulnerability in libnsl in Nessus before 2.0.6
allows ...)
+CVE-2003-0372 (Signed integer vulnerability in libnasl in Nessus before 2.0.6
allows ...)
 	- nessus 2.0.6
 CVE-2003-0371 (Buffer overflow in Prishtina FTP client 1.x allows remote FTP
servers ...)
 	NOT-FOR-US: Prishtina FTP client
Secure testing commits - Feb 2007 - r5493 - data/CVE

[Secure-testing-commits] r5493 - data/CVE
