Author: fw Date: 2007-03-24 10:11:37 +0000 (Sat, 24 Mar 2007) New Revision: 5579 Modified: data/CVE/list Log: CVE-2007-1540, CVE-2007-1541: sql-ledger CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546, CVE-2007-1547: nas NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-03-24 09:52:27 UTC (rev 5578) +++ data/CVE/list 2007-03-24 10:11:37 UTC (rev 5579) @@ -65,7 +65,7 @@ CVE-2007-1558 RESERVED CVE-2007-1557 (Format string vulnerability in F-Secure Anti-Virus Client Security ...) - TODO: check + NOT-FOR-US: F-Secure CVE-2007-1556 (SQL injection vulnerability in kommentare.php in Creative Files 1.2 ...) TODO: check CVE-2007-1555 (SQL injection vulnerability in forum.php in the Minerva mod 2.0.21 ...) @@ -85,49 +85,49 @@ CVE-2007-1548 (SQL injection vulnerability in functions/functions_filters.asp in Web ...) TODO: check CVE-2007-1547 (The ReadRequestFromClient function in server/os/io.c in Network Audio ...) - TODO: check + - nas <unfixed> (low) CVE-2007-1546 (Array index error in Network Audio System (NAS) before 1.8a SVN 237 ...) - TODO: check + - nas <unfixed> (low) CVE-2007-1545 (The AddResource function in server/dia/resource.c in Network Audio ...) - TODO: check + - nas <unfixed> (low) CVE-2007-1544 (Integer overflow in the ProcAuWriteElement function in ...) - TODO: check + - nas <unfixed> (low) CVE-2007-1543 (Stack-based buffer overflow in the accept_att_local function in ...) - TODO: check + - nas <unfixed> (medium) CVE-2007-1542 (Unspecified vulnerability in the Cisco IP Phone 7940 and 7960 running ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-1541 (Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only ...) - TODO: check + - sql-ledger <unfixed> (bug #409703) CVE-2007-1540 (Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 and ...) - TODO: check + - sql-ledger <unfixed> (bug #409703) CVE-2007-1539 (Directory traversal vulnerability in inc/map.func.php in pragmaMX ...) TODO: check CVE-2007-1538 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: McAfee CVE-2007-1537 (\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1536 (Integer underflow in the file_printf function in the "file" program ...) - file 4.20-1 (bug #415362; high) NOTE: Has got lots of reverse dependencies. NOTE: Some of them process remotely supplied untrusted input. CVE-2007-1535 (Microsoft Windows Vista establishes a Teredo address without user ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1534 (DFSR.exe in Windows Meeting Space in Microsoft Windows Vista remains ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1533 (The Teredo implementation in Microsoft Windows Vista uses the same ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1532 (The neighbor discovery implementation in Microsoft Windows Vista ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1531 (Microsoft Windows Vista overwrites ARP table entries included in ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1530 (The LLTD Mapper in Microsoft Windows Vista does not properly gather ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1529 (The LLTD Responder in Microsoft Windows Vista does not send the Mapper ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1528 (The LLTD Mapper in Microsoft Windows Vista allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1527 (The LLTD Mapper in Microsoft Windows Vista does not verify that an IP ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-1526 (Sun Java System Web Server 6.1 before 20070314 allows remote ...) TODO: check CVE-2007-1525 (Direct static code injection vulnerability in postpost.php in Dayfox ...)