Author: micah Date: 2007-01-28 02:57:35 +0100 (Sun, 28 Jan 2007) New Revision: 5364 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-01-27 23:49:09 UTC (rev 5363) +++ data/CVE/list 2007-01-28 01:57:35 UTC (rev 5364) @@ -951,35 +951,35 @@ CVE-2007-0090 (WineGlass stores sensitive information under the web root with ...) NOT-FOR-US: WineGlass CVE-2007-0089 (jgbbs stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: jgbbs CVE-2007-0088 (Multiple directory traversal vulnerabilities in openmedia allow remote ...) - TODO: check + NOT-FOR-US: openmedia CVE-2007-0087 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Microsoft IIS CVE-2007-0086 (** DISPUTED ** ...) TODO: check CVE-2007-0085 (Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics ...) - TODO: check + NOT-FOR-US: OpenBSD VGA wscons driver CVE-2007-0084 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Windows NT CVE-2007-0083 (Cross-site scripting (XSS) vulnerability in Nuked Klan 1.7 and earlier ...) - TODO: check + NOT-FOR-US: Nuked Klan CVE-2007-0082 (users_adm/start1.php in IMGallery 2.5 and earlier does not properly ...) - TODO: check + NOT-FOR-US: IMGallery CVE-2007-0081 (Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and ...) - TODO: check + NOT-FOR-US: Sunbelt Kerio Personal Firewall CVE-2007-0080 (Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 ...) TODO: check CVE-2007-0079 (rblog stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: rblog CVE-2007-0078 (BattleBlog stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: BattleBlog CVE-2007-0077 (lblog stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: lblog CVE-2007-0076 (Openforum stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: Openforum CVE-2007-0075 (AspBB stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: AspBB CVE-2007-0074 RESERVED CVE-2007-0073 @@ -1017,33 +1017,33 @@ CVE-2007-0057 (Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through ...) NOT-FOR-US: Cisco CVE-2007-0056 (Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe ...) - TODO: check + NOT-FOR-US: AShop Deluxe CVE-2007-0055 (Directory traversal vulnerability in formbankcgi.exe/AbfrageForm in ...) - TODO: check + NOT-FOR-US: Formbankserver CVE-2007-0054 (Cross-site scripting (XSS) vulnerability in gbrowse.php in Belchior ...) - TODO: check + NOT-FOR-US: Belchior Foundry vCard PRO CVE-2007-0053 (SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer ...) - TODO: check + NOT-FOR-US: ASP SiteWare autoDealer CVE-2007-0052 (SQL injection vulnerability in haberdetay.asp in Vizayn Haber allows ...) - TODO: check + NOT-FOR-US: Vizayn Haber CVE-2007-0051 (Format string vulnerability in Apple iPhoto 6.0.5 (316), and possibly ...) NOT-FOR-US: Apple iPhoto CVE-2006-6910 (formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO ...) - TODO: check + NOT-FOR-US: Fersch Formbankserver CVE-2006-6909 (Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka ...) - TODO: check + NOT-FOR-US: Karl Dahlke Edbrowse CVE-2006-6908 (Buffer overflow in the Bluetooth Stack COM Server in the Widcomm ...) - TODO: check + NOT-FOR-US: Bluetooth Stack COM Server (Windows) CVE-2006-6907 (Unspecified vulnerability in the Bluesoil Bluetooth stack has unknown ...) - TODO: check + NOT-FOR-US: Bluesoil Bluetooth CVE-2006-6906 (Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and ...) - TODO: check + NOT-FOR-US: Bluetooth stack on Mac OS CVE-2006-6905 (Unspecified vulnerability in the Widcomm Bluetooth stack allows remote ...) - TODO: check + NOT-FOR-US: Widcomm Bluetooth CVE-2006-6904 (Unspecified vulnerability in the Broadcom Bluetooth stack allows ...) TODO: check CVE-2006-6903 (Unspecified vulnerability in the Toshiba Bluetooth stack allows remote ...) - TODO: check + NOT-FOR-US: Toshiba Bluetooth stack CVE-2006-6902 (Unspecified vulnerability in the Bluetooth stack in Microsoft Windows ...) NOT-FOR-US: Windows Mobile CVE-2006-6901 (Unspecified vulnerability in the Bluetooth stack in Microsoft Windows ...) @@ -1053,19 +1053,19 @@ CVE-2006-6899 (hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to ...) TODO: check CVE-2006-6898 (Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote ...) - TODO: check + NOT-FOR-US: Widcomm Bluetooth CVE-2006-6897 (Directory traversal vulnerability in Widcomm Bluetooth for Windows ...) - TODO: check + NOT-FOR-US: Widcomm Bluetooth CVE-2006-6896 (The Bluetooth stack in the Plantronic Headset does not properly ...) - TODO: check + NOT-FOR-US: Plantronic Headset CVE-2006-6895 (The Bluetooth stack in the Sony Ericsson T60 does not properly ...) - TODO: check + NOT-FOR-US: Sony Ericsson T60 CVE-2006-6894 (Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown ...) NOT-FOR-US: SPINE CVE-2006-6893 (Tor allows remote attackers to discover the IP address of a hidden ...) TODO: check CVE-2006-6892 (Cross-site scripting (XSS) vulnerability in the GetLocation function ...) - TODO: check + NOT-FOR-US: Jonathon J. Freeman OvBB CVE-2006-6891 (Vz (Adp) Forum 2.0.3 stores sensitive information under the web root ...) TODO: check CVE-2006-6890 (Voodoo chat 1.0RC1b stores sensitive information under the web root ...) @@ -1206,13 +1206,13 @@ CVE-2007-0024 (Integer overflow in the Vector Markup Language (VML) implementation ...) NOT-FOR-US: Microsoft IE CVE-2007-0023 (The CFUserNotificationSendRequest function in ...) - TODO: check + NOT-FOR-US: Apple Mac OS X CVE-2007-0022 (Untrusted search path vulnerability in writeconfig in Apple Mac OS X ...) - TODO: check + NOT-FOR-US: Apple Mac OS X CVE-2007-0021 (Format string vulnerability in Apple iChat 3.1.6 allows remote ...) - TODO: check + NOT-FOR-US: Apple iChat CVE-2007-0020 (Heap-based buffer overflow in the SFTP protocol handler for Panic ...) - TODO: check + NOT-FOR-US: Panic Transmit CVE-2007-0019 (Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and ...) NOT-FOR-US: Maxum Rumpus CVE-2007-0018 @@ -1270,7 +1270,7 @@ CVE-2007-0015 (Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to ...) NOT-FOR-US: Apple Quicktime CVE-2007-0014 (ChainKey Java Code Protection allows attackers to decompile Java class ...) - TODO: check + NOT-FOR-US: ChainKey Java Code Protection CVE-2007-0013 RESERVED CVE-2007-0012