Author: joeyh Date: 2007-04-27 21:14:15 +0000 (Fri, 27 Apr 2007) New Revision: 5746 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-04-27 19:10:58 UTC (rev 5745) +++ data/CVE/list 2007-04-27 21:14:15 UTC (rev 5746) @@ -1,3 +1,145 @@ +CVE-2007-2331 (PHP remote file inclusion vulnerability in cart.php in Shop-Script 2.0 ...) + TODO: check +CVE-2007-2330 (PHP remote file inclusion vulnerability in includes_handler.php in ...) + TODO: check +CVE-2007-2329 (PHP remote file inclusion vulnerability in searchbot.php in ...) + TODO: check +CVE-2007-2328 (PHP remote file inclusion vulnerability in addvip.php in phpMYTGP 1.4b ...) + TODO: check +CVE-2007-2327 (PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox ...) + TODO: check +CVE-2007-2326 (Multiple PHP remote file inclusion vulnerabilities in HYIP Manager Pro ...) + TODO: check +CVE-2007-2325 (PHP remote file inclusion vulnerability in include.php in MyNewsGroups :) ...) + TODO: check +CVE-2007-2324 (Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows ...) + TODO: check +CVE-2007-2323 (Multiple buffer overflows in the WinDVDX ActiveX control in InterVideo ...) + TODO: check +CVE-2007-2322 (NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows ...) + TODO: check +CVE-2007-2321 (Unspecified vulnerability in the search functionality in SilverStripe ...) + TODO: check +CVE-2007-2320 (SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier ...) + TODO: check +CVE-2007-2319 (PHP remote file inclusion vulnerability in the AutoStand 1.1 and ...) + TODO: check +CVE-2007-2318 (Multiple format string vulnerabilities in FileZilla before 2.2.32 ...) + TODO: check +CVE-2007-2317 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...) + TODO: check +CVE-2007-2316 (Unspecified vulnerability in the admin script in Open Business ...) + TODO: check +CVE-2007-2315 (MiniShare 1.5.4, and possibly earlier, allows remote attackers to ...) + TODO: check +CVE-2007-2314 (Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly ...) + TODO: check +CVE-2007-2313 (PHP remote file inclusion vulnerability in getinfo1.php in the ...) + TODO: check +CVE-2007-2312 (Multiple SQL injection vulnerabilities in the Virtual War (VWar) 1.5.0 ...) + TODO: check +CVE-2007-2311 (** DISPUTED ** ...) + TODO: check +CVE-2007-2310 (Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php ...) + TODO: check +CVE-2007-2309 (Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 ...) + TODO: check +CVE-2007-2308 (Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 ...) + TODO: check +CVE-2007-2307 (PHP remote file inclusion vulnerability in engine/engine.inc.php in ...) + TODO: check +CVE-2007-2306 (Multiple cross-site scripting (XSS) vulnerabilities in the Virtual War ...) + TODO: check +CVE-2007-2305 (Multiple SQL injection vulnerabilities in authenticate.php in Quick ...) + TODO: check +CVE-2007-2304 (Multiple directory traversal vulnerabilities in Quick and Dirty Blog ...) + TODO: check +CVE-2007-2303 (Directory traversal vulnerability in includes/footer.php in News ...) + TODO: check +CVE-2007-2302 (PHP remote file inclusion vulnerability in autoindex.php in Expow 0.8 ...) + TODO: check +CVE-2007-2301 (Multiple PHP remote file inclusion vulnerabilities in audioCMS arash ...) + TODO: check +CVE-2007-2300 (Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto ...) + TODO: check +CVE-2007-2299 (Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier ...) + TODO: check +CVE-2007-2298 (Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 ...) + TODO: check +CVE-2007-2297 (The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x ...) + TODO: check +CVE-2007-2296 (Integer overflow in the FlipFileTypeAtom_BtoN function in Apple ...) + TODO: check +CVE-2007-2295 (Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple ...) + TODO: check +CVE-2007-2294 (The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 ...) + TODO: check +CVE-2007-2293 (Multiple stack-based buffer overflows in the process_sdp function in ...) + TODO: check +CVE-2007-2292 (CRLF injection vulnerability in the Digest Authentication in Mozilla ...) + TODO: check +CVE-2007-2291 (CRLF injection vulnerability in the Digest Authentication in Microsoft ...) + TODO: check +CVE-2007-2290 (Multiple PHP remote file inclusion vulnerabilities in B2 Weblog and ...) + TODO: check +CVE-2007-2289 (PHP remote file inclusion vulnerability in ...) + TODO: check +CVE-2007-2288 (PHP remote file inclusion vulnerability in info.php in Doruk100.net ...) + TODO: check +CVE-2007-2287 (PHP remote file inclusion vulnerability in accept.php in comus 2.0 ...) + TODO: check +CVE-2007-2286 (PHP remote file inclusion vulnerability in config.php in Built2Go PHP ...) + TODO: check +CVE-2007-2285 (Directory traversal vulnerability in examples/layout/feed-proxy.php in ...) + TODO: check +CVE-2007-2284 (Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote ...) + TODO: check +CVE-2007-2283 (Buffer overflow in Fresh View 7.15 allows user-assisted remote ...) + TODO: check +CVE-2007-2282 (Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before ...) + TODO: check +CVE-2007-2281 + RESERVED +CVE-2007-2280 + RESERVED +CVE-2007-2279 + RESERVED +CVE-2007-2278 (Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 ...) + TODO: check +CVE-2007-2277 (Session fixation vulnerability in Plogger allows remote attackers to ...) + TODO: check +CVE-2007-2276 (3Com TippingPoint IPS allows remote attackers to cause a denial of ...) + TODO: check +CVE-2007-2275 (Unspecified vulnerability in HP StorageWorks Command View Advanced ...) + TODO: check +CVE-2007-2274 (The BitTorrent implementation in Opera 9.2 allows remote attackers to ...) + TODO: check +CVE-2007-2273 (PHP remote file inclusion vulnerability in include/loading.php in ...) + TODO: check +CVE-2007-2272 (PHP remote file inclusion vulnerability in ...) + TODO: check +CVE-2007-2271 (Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS ...) + TODO: check +CVE-2007-2270 (The Linksys SPA941 VoIP Phone allows remote attackers to cause a ...) + TODO: check +CVE-2007-2269 (Directory traversal vulnerability in top.php3 in SWsoft Plesk for ...) + TODO: check +CVE-2007-2268 (Multiple directory traversal vulnerabilities in SWsoft Plesk for ...) + TODO: check +CVE-2007-2267 (Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 ...) + TODO: check +CVE-2007-2266 (Progress Webspeed Messenger allows remote attackers to read, create, ...) + TODO: check +CVE-2007-2265 (Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows ...) + TODO: check +CVE-2007-2264 + RESERVED +CVE-2007-2263 + RESERVED +CVE-2006-7197 (The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for ...) + TODO: check +CVE-2005-4838 (Multiple cross-site scripting (XSS) vulnerabilities in the example web ...) + TODO: check CVE-2007-2262 (Multiple PHP remote file inclusion vulnerabilities in ...) TODO: check CVE-2007-2261 (PHP remote file inclusion vulnerability in ...) @@ -108,7 +250,7 @@ TODO: check CVE-2007-2210 (A certain ActiveX control in askPopStp.dll in Netsprint Ask IE Toolbar ...) TODO: check -CVE-2007-2209 (Buffer overflow in Corel Paint Shop Pro Photo 11.20 allows ...) +CVE-2007-2209 (Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ...) TODO: check CVE-2007-2208 (Multiple PHP remote file inclusion vulnerabilities in Extreme PHPBB2 ...) TODO: check @@ -176,7 +318,7 @@ NOT-FOR-US: Microgaming Download Helper CVE-2007-2176 (Unspecified vulnerability in Mozilla Firefox allows remote attackers ...) TODO: check -CVE-2007-2175 (Unspecified vulnerability in Apple Safari allows remote attackers to ...) +CVE-2007-2175 (Unspecified vulnerability in Apple QuickTime, as used in Safari and ...) TODO: check CVE-2007-2174 (The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal ...) TODO: check @@ -248,8 +390,8 @@ TODO: check CVE-2007-2140 (PHP remote file inclusion vulnerability in everything.php in Franklin ...) TODO: check -CVE-2007-2139 - RESERVED +CVE-2007-2139 (Multiple stack-based buffer overflows in the SUN RPC service in CA ...) + TODO: check CVE-2007-2137 (Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express ...) TODO: check CVE-2007-2136 (Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol ...) @@ -1272,8 +1414,8 @@ RESERVED CVE-2007-1684 (The Run function in SolidWorks sldimdownload ActiveX control in ...) NOT-FOR-US: sldimdownload ActiveX control -CVE-2007-1683 - RESERVED +CVE-2007-1683 (Stack-based buffer overflow in the DoWebMenuAction function in the ...) + TODO: check CVE-2007-1682 RESERVED CVE-2007-1681 (Format string vulnerability in libwebconsole_services.so in Sun Java ...) @@ -5018,7 +5160,7 @@ NOT-FOR-US: Ezboxx Portal CVE-2007-0265 (Multiple cross-site scripting (XSS) vulnerabilities in Ezboxx Portal ...) NOT-FOR-US: Ezboxx Portal -CVE-2007-0264 (Buffer overflow in Winzip32.exe in WinZip 9.0 SR-1 allows local users ...) +CVE-2007-0264 (Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to ...) NOT-FOR-US: Winzip CVE-2007-0263 (Unspecified vulnerability in Total Commander before 6.5.6 allows ...) NOT-FOR-US: Total Commander