Author: joeyh Date: 2007-01-22 21:14:11 +0100 (Mon, 22 Jan 2007) New Revision: 5326 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-01-22 19:29:20 UTC (rev 5325) +++ data/CVE/list 2007-01-22 20:14:11 UTC (rev 5326) @@ -1,3 +1,73 @@ +CVE-2007-0397 (The Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...) + TODO: check +CVE-2007-0396 (Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in ...) + TODO: check +CVE-2007-0395 (PHP remote file inclusion vulnerability in ...) + TODO: check +CVE-2007-0394 (HP HP-UX B11.11 does not properly verify the status of file ...) + TODO: check +CVE-2007-0393 (Sun Solaris 9 does not properly verify the status of file descriptors ...) + TODO: check +CVE-2007-0392 (IBM AIX 5.3 does not properly verify the status of file descriptors ...) + TODO: check +CVE-2007-0391 (Format string vulnerability in the log creation functionality of ...) + TODO: check +CVE-2007-0390 (Cross-site scripting (XSS) vulnerability in index.php in sabros.us 1.7 ...) + TODO: check +CVE-2007-0389 (Directory traversal vulnerability in ArsDigita Community System (ACS) ...) + TODO: check +CVE-2007-0388 (SQL injection vulnerability in search.php in Woltlab Burning Board ...) + TODO: check +CVE-2007-0387 (SQL injection vulnerability in models/category.php in the Weblinks ...) + TODO: check +CVE-2007-0386 (Unspecified vulnerability in the rating section in PostNuke 0.764 has ...) + TODO: check +CVE-2007-0385 (The faq section in PostNuke 0.764 allows remote attackers to obtain ...) + TODO: check +CVE-2007-0384 (Cross-site scripting (XSS) vulnerability in preview in the reviews ...) + TODO: check +CVE-2007-0383 (** DISPUTED ** ...) + TODO: check +CVE-2007-0382 (Multiple SQL injection vulnerabilities in letterman.class.php in the ...) + TODO: check +CVE-2007-0381 (Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote ...) + TODO: check +CVE-2007-0380 (DocMan 1.3 RC2 allows remote attackers to obtain sensitive information ...) + TODO: check +CVE-2007-0379 (Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows ...) + TODO: check +CVE-2007-0378 (Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow ...) + TODO: check +CVE-2007-0377 (Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote ...) + TODO: check +CVE-2007-0376 (Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows ...) + TODO: check +CVE-2007-0375 (Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2007-0374 (SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and ...) + TODO: check +CVE-2007-0373 (Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow ...) + TODO: check +CVE-2007-0372 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 ...) + TODO: check +CVE-2007-0371 (A certain ActiveX control in the Common Controls Replacement Project ...) + TODO: check +CVE-2007-0370 (Unrestricted file upload vulnerability in index.php in phpBP RC3 ...) + TODO: check +CVE-2007-0369 (SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows ...) + TODO: check +CVE-2007-0368 (Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local ...) + TODO: check +CVE-2007-0367 (Rumpus 5.1 and earlier has weak permissions for certain files and ...) + TODO: check +CVE-2007-0366 (Untrusted search path vulnerability in Rumpus 5.1 and earlier allows ...) + TODO: check +CVE-2007-0365 (Multiple cross-site scripting (XSS) vulnerabilities in All In One ...) + TODO: check +CVE-2007-0364 (Multiple cross-site scripting (XSS) vulnerabilities in nicecoder.com ...) + TODO: check +CVE-2006-6945 (SQL injection vulnerability in Virtuemart 1.0.7 allows remote ...) + TODO: check CVE-2007-XXXX [libjabber DoS] - centericq 4.21.0-18 (bug #406982) CVE-2007-XXXX [python-django several issues] @@ -146,7 +216,7 @@ TODO: check CVE-2006-6944 (phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny ...) - phpmyadmin 4:2.9.1.1-2 (medium) -CVE-2006-6943 (hpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full ...) +CVE-2006-6943 (PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full ...) - phpmyadmin 4:2.9.1.1-2 (medium) NOTE: Fixed name in CVE. CVE-2006-6942 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin ...) @@ -814,7 +884,7 @@ TODO: check CVE-2006-6884 (Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka ...) TODO: check -CVE-2006-6883 (** DISPUTED ** PHP remote file inclusion vulnerability in php4you.php ...) +CVE-2006-6883 (** DISPUTED ** ...) TODO: check CVE-2006-6882 (Cross-site scripting (XSS) vulnerability in golden book allows remote ...) TODO: check @@ -948,8 +1018,8 @@ RESERVED CVE-2007-0020 RESERVED -CVE-2007-0019 - RESERVED +CVE-2007-0019 (Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and ...) + TODO: check CVE-2007-0018 RESERVED CVE-2007-0017 (Multiple format string vulnerabilities in (1) the cdio_log_handler ...)