Author: joeyh Date: 2007-01-24 09:14:12 +0100 (Wed, 24 Jan 2007) New Revision: 5341 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-01-23 22:44:01 UTC (rev 5340) +++ data/CVE/list 2007-01-24 08:14:12 UTC (rev 5341) @@ -1,3 +1,77 @@ +CVE-2007-0471 (sre/params.php in Check Point Connectra NGX R62 and earlier allows ...) + TODO: check +CVE-2007-0470 (Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and ...) + TODO: check +CVE-2007-0469 (The extract_files function in installer.rb in RubyGems before 0.9.1 ...) + TODO: check +CVE-2007-0468 (Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ ...) + TODO: check +CVE-2007-0467 + RESERVED +CVE-2007-0466 + RESERVED +CVE-2007-0465 + RESERVED +CVE-2007-0464 + RESERVED +CVE-2007-0463 + RESERVED +CVE-2007-0462 + RESERVED +CVE-2007-0461 (Multiple memory leaks in the Dazuko anti-virus helper module before ...) + TODO: check +CVE-2007-0460 (Buffer overflow in ulogd for SUSE Linux 9.3 up to 10.1, and possibly ...) + TODO: check +CVE-2007-0459 + RESERVED +CVE-2007-0458 + RESERVED +CVE-2007-0457 + RESERVED +CVE-2007-0456 + RESERVED +CVE-2007-0455 + RESERVED +CVE-2007-0454 + RESERVED +CVE-2007-0453 + RESERVED +CVE-2007-0452 + RESERVED +CVE-2007-0451 + RESERVED +CVE-2007-0450 + RESERVED +CVE-2007-0449 (Multiple buffer overflows in CA BrightStor ARCserve Backup for Laptops ...) + TODO: check +CVE-2007-0448 + RESERVED +CVE-2007-0447 + RESERVED +CVE-2007-0446 + RESERVED +CVE-2007-0445 + RESERVED +CVE-2007-0444 + RESERVED +CVE-2007-0443 + RESERVED +CVE-2007-0442 (Unspecified vulnerability in IBM OS/400 R530 and R535 has unknown ...) + TODO: check +CVE-2007-0441 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...) + TODO: check +CVE-2007-0440 + RESERVED +CVE-2007-0439 + RESERVED +CVE-2007-0438 + RESERVED +CVE-2007-0437 + RESERVED +CVE-2007-0436 + RESERVED +CVE-2005-4824 (PHP remote file inclusion vulnerability in web/classes.php in ...) + TODO: check CVE-2007-0435 (T-Com Speedport 500V routers with firmware 1.31 allow remote attackers ...) NOT-FOR-US: T-Com Speedport CVE-2007-0434 (BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 ...) @@ -367,7 +441,7 @@ NOT-FOR-US: Oracle CVE-2007-0276 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and ...) NOT-FOR-US: Oracle -CVE-2007-0275 (Unspecified vulnerability in Oracle Workflow Cartridge, as used in ...) +CVE-2007-0275 (Cross-site scripting (XSS) vulnerability in Oracle Reports Web ...) NOT-FOR-US: Oracle CVE-2007-0274 (Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and ...) NOT-FOR-US: Oracle @@ -1107,14 +1181,14 @@ RESERVED CVE-2007-0024 (Integer overflow in the Vector Markup Language (VML) implementation ...) NOT-FOR-US: Microsoft IE -CVE-2007-0023 - RESERVED +CVE-2007-0023 (The CFUserNotificationSendRequest function in ...) + TODO: check CVE-2007-0022 (Untrusted search path vulnerability in writeconfig in Apple Mac OS X ...) TODO: check CVE-2007-0021 (Format string vulnerability in Apple iChat 3.1.6 allows remote ...) TODO: check -CVE-2007-0020 - RESERVED +CVE-2007-0020 (Heap-based buffer overflow in the SFTP protocol handler for Panic ...) + TODO: check CVE-2007-0019 (Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and ...) NOT-FOR-US: Maxum Rumpus CVE-2007-0018 @@ -1593,8 +1667,7 @@ RESERVED CVE-2007-0004 RESERVED -CVE-2007-0003 [pam missing len check] - RESERVED +CVE-2007-0003 (pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers ...) - pam <not-affected> (Only pam 0.99.7 affected) CVE-2007-0002 RESERVED @@ -7275,7 +7348,7 @@ NOT-FOR-US: Calendarix CVE-2006-4134 (Unspecified vulnerability related to a "design flaw" in SAP Internet ...) NOT-FOR-US: SAP -CVE-2006-4133 (Buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and ...) +CVE-2006-4133 (Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 ...) NOT-FOR-US: SAP CVE-2006-4132 (ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and ...) NOT-FOR-US: ArcSoft MMS Composer @@ -35644,7 +35717,7 @@ NOT-FOR-US: Xlight FTP server 1.52; CVE-2004-0286 (Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote ...) NOT-FOR-US: RobotFTP; -CVE-2004-0285 (PHP remote file inclusion vulnerabilities in (1) AllMyVisitors, (2) ...) +CVE-2004-0285 (PHP remote file inclusion vulnerabilities in include/footer.inc.php in ...) NOT-FOR-US: PHP scripts CVE-2004-0284 (Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow ...) NOT-FOR-US: MSIE bugs