Author: fw Date: 2007-05-01 11:04:07 +0000 (Tue, 01 May 2007) New Revision: 5757 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-01 10:18:48 UTC (rev 5756) +++ data/CVE/list 2007-05-01 11:04:07 UTC (rev 5757) @@ -27,17 +27,17 @@ CVE-2007-2318 (Multiple format string vulnerabilities in FileZilla before 2.2.32 ...) TODO: check CVE-2007-2317 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...) - TODO: check + NOT-FOR-US: MiniBB CVE-2007-2316 (Unspecified vulnerability in the admin script in Open Business ...) TODO: check CVE-2007-2315 (MiniShare 1.5.4, and possibly earlier, allows remote attackers to ...) TODO: check CVE-2007-2314 (Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly ...) - TODO: check + NOT-FOR-US: Crea-Book CVE-2007-2313 (PHP remote file inclusion vulnerability in getinfo1.php in the ...) TODO: check CVE-2007-2312 (Multiple SQL injection vulnerabilities in the Virtual War (VWar) 1.5.0 ...) - TODO: check + NOT-FOR-US: Virtual War (VWar) CVE-2007-2311 (** DISPUTED ** ...) TODO: check CVE-2007-2310 (Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php ...) @@ -49,13 +49,13 @@ CVE-2007-2307 (PHP remote file inclusion vulnerability in engine/engine.inc.php in ...) TODO: check CVE-2007-2306 (Multiple cross-site scripting (XSS) vulnerabilities in the Virtual War ...) - TODO: check + NOT-FOR-US: Virtual War (VWar) CVE-2007-2305 (Multiple SQL injection vulnerabilities in authenticate.php in Quick ...) TODO: check CVE-2007-2304 (Multiple directory traversal vulnerabilities in Quick and Dirty Blog ...) TODO: check CVE-2007-2303 (Directory traversal vulnerability in includes/footer.php in News ...) - TODO: check + NOT-FOR-US: NMDeluxe CVE-2007-2302 (PHP remote file inclusion vulnerability in autoindex.php in Expow 0.8 ...) TODO: check CVE-2007-2301 (Multiple PHP remote file inclusion vulnerabilities in audioCMS arash ...) @@ -63,15 +63,15 @@ CVE-2007-2300 (Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto ...) TODO: check CVE-2007-2299 (Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier ...) - TODO: check + NOT-FOR-US: CMS Frogss CVE-2007-2298 (Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 ...) TODO: check CVE-2007-2297 (The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x ...) TODO: check CVE-2007-2296 (Integer overflow in the FlipFileTypeAtom_BtoN function in Apple ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-2295 (Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple ...) - TODO: check + NOT-FOR-US: Apple QuickTime CVE-2007-2294 (The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 ...) TODO: check CVE-2007-2293 (Multiple stack-based buffer overflows in the process_sdp function in ...) @@ -79,25 +79,25 @@ CVE-2007-2292 (CRLF injection vulnerability in the Digest Authentication in Mozilla ...) TODO: check CVE-2007-2291 (CRLF injection vulnerability in the Digest Authentication in Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2007-2290 (Multiple PHP remote file inclusion vulnerabilities in B2 Weblog and ...) TODO: check CVE-2007-2289 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Download-Engine CVE-2007-2288 (PHP remote file inclusion vulnerability in info.php in Doruk100.net ...) TODO: check CVE-2007-2287 (PHP remote file inclusion vulnerability in accept.php in comus 2.0 ...) TODO: check CVE-2007-2286 (PHP remote file inclusion vulnerability in config.php in Built2Go PHP ...) - TODO: check + NOT-FOR-US: Built2Go CVE-2007-2285 (Directory traversal vulnerability in examples/layout/feed-proxy.php in ...) TODO: check CVE-2007-2284 (Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote ...) - TODO: check + NOT-FOR-US: ABC-View Manager CVE-2007-2283 (Buffer overflow in Fresh View 7.15 allows user-assisted remote ...) - TODO: check + NOT-FOR-US: Fresh View CVE-2007-2282 (Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-2281 RESERVED CVE-2007-2280 @@ -105,31 +105,31 @@ CVE-2007-2279 RESERVED CVE-2007-2278 (Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 ...) - TODO: check + NOT-FOR-US: DCP-Portal CVE-2007-2277 (Session fixation vulnerability in Plogger allows remote attackers to ...) - TODO: check + NOT-FOR-US: Plogger CVE-2007-2276 (3Com TippingPoint IPS allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: TippingPoint IPS CVE-2007-2275 (Unspecified vulnerability in HP StorageWorks Command View Advanced ...) - TODO: check + NOT-FOR-US: HP StorageWorks CVE-2007-2274 (The BitTorrent implementation in Opera 9.2 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Opera CVE-2007-2273 (PHP remote file inclusion vulnerability in include/loading.php in ...) TODO: check CVE-2007-2272 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Advanced Webhost Billing System CVE-2007-2271 (Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS ...) TODO: check CVE-2007-2270 (The Linksys SPA941 VoIP Phone allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Linksys CVE-2007-2269 (Directory traversal vulnerability in top.php3 in SWsoft Plesk for ...) - TODO: check + NOT-FOR-US: Plesk CVE-2007-2268 (Multiple directory traversal vulnerabilities in SWsoft Plesk for ...) - TODO: check + NOT-FOR-US: Plesk CVE-2007-2267 (Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 ...) - TODO: check + NOT-FOR-US: Sun Cluster CVE-2007-2266 (Progress Webspeed Messenger allows remote attackers to read, create, ...) - TODO: check + NOT-FOR-US: Progress Webspeed Messenger CVE-2007-2265 (Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows ...) TODO: check CVE-2007-2264 @@ -143,7 +143,7 @@ CVE-2007-2262 (Multiple PHP remote file inclusion vulnerabilities in ...) TODO: check CVE-2007-2261 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: C-Arbre CVE-2007-2260 (Multiple PHP remote file inclusion vulnerabilities in bibtex mase beta ...) TODO: check CVE-2007-2259 (SQL injection vulnerability in forum.php in EsForum 3.0 allows remote ...) @@ -155,25 +155,25 @@ CVE-2007-2256 (Cross-site scripting (XSS) vulnerability in you.php in TJSChat 0.95 ...) TODO: check CVE-2007-2255 (Multiple PHP remote file inclusion vulnerabilities in Download-Engine ...) - TODO: check + NOT-FOR-US: Download-Engine CVE-2007-2254 (PHP remote file inclusion vulnerability in admin/setup/level2.php in ...) - TODO: check + NOT-FOR-US: PHP Classifieds CVE-2007-2253 (Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2007-2252 (Directory traversal vulnerability in iconspopup.php in Exponent CMS ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2007-2251 (Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and ...) - TODO: check + NOT-FOR-US: Xaraya CVE-2007-2250 (admin.php in Phorum before 5.1.22 allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: Phorum CVE-2007-2249 (include/controlcenter/users.php in Phorum before 5.1.22 allows remote ...) - TODO: check + NOT-FOR-US: Phorum CVE-2007-2248 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ...) - TODO: check + NOT-FOR-US: Phorum CVE-2007-2247 (SQL injection vulnerability in modules/news/article.php in phpMySpace ...) TODO: check CVE-2007-2246 (Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running ...) - TODO: check + NOT-FOR-US: HP-UX CVE-2007-2245 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...) TODO: check CVE-2007-2244 (Multiple buffer overflows in Adobe Photoshop CS2 and CS3 allow ...) @@ -197,11 +197,11 @@ CVE-2007-2237 RESERVED CVE-2007-2236 (footer.php in PunBB 1.2.14 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: PunBB CVE-2007-2235 (Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 ...) - TODO: check + NOT-FOR-US: PunBB CVE-2007-2234 (include/common.php in PunBB 1.2.14 and earlier does not properly ...) - TODO: check + NOT-FOR-US: PunBB CVE-2007-2233 (cosign-bin/cosign.cgi in Cosign 2.0.2 and earlier allows remote ...) NOT-FOR-US: CoSign CVE-2007-2232 (The CHECK command in Cosign 2.0.1 and earlier allows remote attackers ...) @@ -244,9 +244,9 @@ CVE-2007-2214 (Unrestricted file upload vulnerability in includes/upload_file.php in ...) TODO: check CVE-2007-2213 (Unspecified vulnerability in the Initialize function in ...) - TODO: check + NOT-FOR-US: WS_FTP CVE-2007-2212 (Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka ...) - TODO: check + NOT-FOR-US: MyBB (aka MyBulletinBoard) CVE-2007-2211 (SQL injection vulnerability in calendar.php in MyBB (aka ...) TODO: check CVE-2007-2210 (A certain ActiveX control in askPopStp.dll in Netsprint Ask IE Toolbar ...)