Author: joeyh
Date: 2007-01-04 21:14:20 +0100 (Thu, 04 Jan 2007)
New Revision: 5208
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-01-03 17:40:30 UTC (rev 5207)
+++ data/CVE/list 2007-01-04 20:14:20 UTC (rev 5208)
@@ -1,3 +1,117 @@
+CVE-2007-0050 (** DISPUTED ** ...)
+ TODO: check
+CVE-2007-0049 (Geckovich TaskTracker Pro 1.5 and earlier allows remote
attackers to ...)
+ TODO: check
+CVE-2007-0048 (Adobe Acrobat Reader Plugin before 8.0.0, when used with
Internet ...)
+ TODO: check
+CVE-2007-0047 (CRLF injection vulnerability in Adobe Acrobat Reader Plugin
before ...)
+ TODO: check
+CVE-2007-0046 (Double free vulnerability in the Adobe Acrobat Reader Plugin
before ...)
+ TODO: check
+CVE-2007-0045 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe
Acrobat ...)
+ TODO: check
+CVE-2007-0044 (Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox,
Internet ...)
+ TODO: check
+CVE-2007-0043
+ RESERVED
+CVE-2007-0042
+ RESERVED
+CVE-2007-0041
+ RESERVED
+CVE-2007-0040
+ RESERVED
+CVE-2007-0039
+ RESERVED
+CVE-2007-0038
+ RESERVED
+CVE-2007-0037
+ RESERVED
+CVE-2007-0036
+ RESERVED
+CVE-2007-0035
+ RESERVED
+CVE-2007-0034
+ RESERVED
+CVE-2007-0033
+ RESERVED
+CVE-2007-0032
+ RESERVED
+CVE-2007-0031
+ RESERVED
+CVE-2007-0030
+ RESERVED
+CVE-2007-0029
+ RESERVED
+CVE-2007-0028
+ RESERVED
+CVE-2007-0027
+ RESERVED
+CVE-2007-0026
+ RESERVED
+CVE-2007-0025
+ RESERVED
+CVE-2007-0024
+ RESERVED
+CVE-2007-0023
+ RESERVED
+CVE-2007-0022
+ RESERVED
+CVE-2007-0021
+ RESERVED
+CVE-2007-0020
+ RESERVED
+CVE-2007-0019
+ RESERVED
+CVE-2007-0018
+ RESERVED
+CVE-2007-0017 (Format string vulnerability in VideoLAN VLC 0.8.6 allows
user-assisted ...)
+ TODO: check
+CVE-2007-0016 (Stack-based buffer overflow in MoviePlay 4.76 allows remote
attackers ...)
+ TODO: check
+CVE-2006-6858 (Miredo 0.9.8 through 1.0.5 does not properly authenticate a
Teredo ...)
+ TODO: check
+CVE-2006-6857 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2006-6856 (Direct static code injection vulnerability in WebText CMS
0.4.5.2 and ...)
+ TODO: check
+CVE-2006-6855 (AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers
to ...)
+ TODO: check
+CVE-2006-6854 (The qcamvc_video_init function in qcamvc.c in De Marchi Daniele
...)
+ TODO: check
+CVE-2006-6853 (Buffer overflow in Durian Web Application Server 3.02 freeware
on ...)
+ TODO: check
+CVE-2006-6852 (Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127
...)
+ TODO: check
+CVE-2006-6851 (Multiple cross-site scripting (XSS) vulnerabilities in
contact_us.php ...)
+ TODO: check
+CVE-2006-6850 (PHP remote file inclusion vulnerability in include.php in the
Roster ...)
+ TODO: check
+CVE-2006-6849 (administration/index.php in Cahier de texte (CDT) 2.2 does not
...)
+ TODO: check
+CVE-2006-6848 (SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows
...)
+ TODO: check
+CVE-2006-6847 (An ActiveX control in ierpplug.dll for RealNetworks RealPlayer
10.5 ...)
+ TODO: check
+CVE-2006-6846 (Multiple SQL injection vulnerabilities in WYWO - InOut Board 1.0
allow ...)
+ TODO: check
+CVE-2006-6845 (Cross-site scripting (XSS) vulnerability in index.php in CMS
Made ...)
+ TODO: check
+CVE-2006-6844 (Cross-site scripting (XSS) vulnerability in the optional user
comment ...)
+ TODO: check
+CVE-2006-6843 (PHP remote file inclusion vulnerability in the BE IT EasyPartner
0.0.9 ...)
+ TODO: check
+CVE-2006-6842 (SQL injection vulnerability in admin/admin_acronyms.php in the
Acronym ...)
+ TODO: check
+CVE-2006-6841 (Certain forms in phpBB before 2.0.22 lack session checks, which
has ...)
+ TODO: check
+CVE-2006-6840 (Unspecified vulnerability in phpBB before 2.0.22 has unknown
impact ...)
+ TODO: check
+CVE-2006-6839 (Unspecified vulnerability in phpBB before 2.0.22 has unknown
impact ...)
+ TODO: check
+CVE-2006-6838 (Rediff Bol Downloader ActiveX (OCX) control allows remote
attackers to ...)
+ TODO: check
+CVE-2006-6837 (Multiple stack-based buffer overflows in the (1) LoadTree, (2)
...)
+ TODO: check
CVE-2007-XXXX [webcam-server unspecified vulnerability]
- webcam-server 0.50-2
CVE-2007-XXXX [libsoup parse_headers_DoS]
@@ -118,7 +232,7 @@
TODO: check
CVE-2006-6784 (SQL injection vulnerability in Netbula Anyboard allows remote
...)
TODO: check
-CVE-2006-6783 (Unrestricted file upload vulnerability in logahead UNU 1.0
allows ...)
+CVE-2006-6783 (logahead UNU 1.0 before 20061226 allows remote attackers to
upload ...)
TODO: check
CVE-2006-6782 (Cross-site scripting (XSS) vulnerability in pnamazu 2006.02.28
and ...)
TODO: check
@@ -887,8 +1001,8 @@
RESERVED
CVE-2006-6489
RESERVED
-CVE-2006-6488
- RESERVED
+CVE-2006-6488 (Stack-based buffer overflow in the DoModal function in the
Dialog Wrapper ...)
+ TODO: check
CVE-2006-6487
RESERVED
CVE-2006-6486 (SQL injection vulnerability in EasyPage allows remote attackers
to ...)
@@ -2202,8 +2316,8 @@
CVE-2006-5871 (smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before
...)
{DSA-1237 DSA-1233}
- linux-2.6 <not-affected> (Current Linux versions already implement
intended behaviour)
-CVE-2006-5870
- RESERVED
+CVE-2006-5870 (Multiple integer overflows in OpenOffice.org 2.0.4 and earlier,
and ...)
+ TODO: check
CVE-2006-5869 (pstotext before 1.9 allows user-assisted attackers to execute
...)
{DSA-1220}
- pstotext 1.9-4 (bug #356988; medium)
@@ -2459,8 +2573,8 @@
- linux-2.6 2.6.18-8 (medium)
CVE-2006-5750 (Directory traversal vulnerability in the
DeploymentFileRepository ...)
NOT-FOR-US: JBoss
-CVE-2006-5749
- RESERVED
+CVE-2006-5749 (The isdn_ppp_ccp_reset_alloc_state function in
drivers/isdn/isdn_ppp.c ...)
+ TODO: check
CVE-2006-5748 (Multiple unspecified vulnerabilities in the JavaScript engine in
...)
{DSA-1227-1 DSA-1225-1 DSA-1224-1}
NOTE: MFSA-2006-65
@@ -5016,22 +5130,22 @@
NOT-FOR-US: Tr Forum
CVE-2006-4583 (Multiple PHP remote file inclusion vulnerabilities in FlashChat
before ...)
NOT-FOR-US: FlashChat
-CVE-2006-4582
- RESERVED
-CVE-2006-4581
- RESERVED
-CVE-2006-4580
- RESERVED
-CVE-2006-4579
- RESERVED
-CVE-2006-4578
- RESERVED
-CVE-2006-4577
- RESERVED
-CVE-2006-4576
- RESERVED
-CVE-2006-4575
- RESERVED
+CVE-2006-4582 (Cross-site request forgery (CSRF) vulnerability in The Address
Book 1.04e ...)
+ TODO: check
+CVE-2006-4581 (Unrestricted file upload vulnerability in The Address Book 1.04e
validates ...)
+ TODO: check
+CVE-2006-4580 (register.php in The Address Book 1.04e allows remote attackers
to ...)
+ TODO: check
+CVE-2006-4579 (Directory traversal vulnerability in users.php in The Address
Book ...)
+ TODO: check
+CVE-2006-4578 (export.php in The Address Book 1.04e writes username and
password hash ...)
+ TODO: check
+CVE-2006-4577 (Multiple cross-site scripting (XSS) vulnerabilities in The
Address Book 1.04e ...)
+ TODO: check
+CVE-2006-4576 (Cross-site scripting (XSS) vulnerability in The Address Book
1.04e allows ...)
+ TODO: check
+CVE-2006-4575 (Multiple SQL injection vulnerabilities in The Address Book 1.04e
allow remote ...)
+ TODO: check
CVE-2006-4574 (Off-by-one error in the MIME Multipart dissector in Wireshark
...)
- wireshark 0.99.4-1 (bug #396258; medium)
CVE-2006-4573 (Multiple unspecified vulnerabilities in the "utf8
combining characters ...)