Secure testing commits - May 2007 - r5777 - data/CVE

Author: fw
Date: 2007-05-04 16:07:04 +0000 (Fri, 04 May 2007)
New Revision: 5777

Modified:
   data/CVE/list
Log:
NFUs
CVE-2007-2459: libimager-perl


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-05-03 21:14:33 UTC (rev 5776)
+++ data/CVE/list	2007-05-04 16:07:04 UTC (rev 5777)
@@ -1,45 +1,46 @@
 CVE-2007-2479 (Cerulean Studios Trillian Pro before 3.1.5.1 allows remote
attackers ...)
-	TODO: check
+	NOT-FOR-US: Cerulean Trillian
 CVE-2007-2478 (Multiple heap-based buffer overflows in the IRC component in
Cerulean ...)
-	TODO: check
+	NOT-FOR-US: Cerulean Trillian
 CVE-2007-2477 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: phpMyChat
 CVE-2007-2476 (Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1
before ...)
-	TODO: check
+	NOT-FOR-US: Novell
 CVE-2007-2475 (Unspecified vulnerability in the ADSCHEMA utility in Novell ...)
-	TODO: check
+	NOT-FOR-US: Novell
 CVE-2007-2474 (Multiple PHP remote file inclusion vulnerabilities in Turnkey
Web ...)
-	TODO: check
+	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart
 CVE-2007-2473 (SQL injection vulnerability in stylesheet.php in CMS Made Simple
1.0.5 ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2007-2472 (Cross-site scripting (XSS) vulnerability in sendcard.php in
Sendcard ...)
-	TODO: check
+	NOT-FOR-US: Sendcard
 CVE-2007-2471 (Directory traversal vulnerability in sendcard.php in Sendcard
3.4.1 ...)
-	TODO: check
+	NOT-FOR-US: Sendcard
 CVE-2007-2470 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
-	TODO: check
+	NOT-FOR-US: FileRun
 CVE-2007-2469 (SQL injection vulnerability in index.php in FileRun 1.0 and
earlier ...)
-	TODO: check
+	NOT-FOR-US: FileRun
 CVE-2007-2468 (Unspecified vulnerability in HP OpenVMS for Integrity Servers
8.2-1 ...)
-	TODO: check
+	NOT-FOR-US: HP OpenVMS
 CVE-2007-2467 (ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier
versions ...)
-	TODO: check
+	NOT-FOR-US: Check Point Zone Labs ZoneAlarm Internet Security Suite
 CVE-2007-2466 (Unspecified vulnerability in the LDAP Software Development Kit
(SDK) ...)
-	TODO: check
+	NOT-FOR-US: Sun Java System Directory Server
 CVE-2007-2465 (Unspecified vulnerability in Sun Solaris 9, when Solaris
Auditing ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris
 CVE-2007-2464 (Race condition in Cisco Adaptive Security Appliance (ASA) and
PIX 7.1 ...)
-	TODO: check
+	NOT-FOR-US: CIsco
 CVE-2007-2463 (Unspecified vulnerability in Cisco Adaptive Security Appliance
(ASA) ...)
-	TODO: check
+	NOT-FOR-US: CIsco
 CVE-2007-2462 (Unspecified vulnerability in Cisco Adaptive Security Appliance
(ASA) ...)
-	TODO: check
+	NOT-FOR-US: CIsco
 CVE-2007-2461 (The DHCP relay agent in Cisco Adaptive Security Appliance (ASA)
and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-2460 (PHP remote file inclusion vulnerability in ...)
 	TODO: check
 CVE-2007-2459 (Buffer overflow in the read_4bit_bmp function in bmp.c in Imager
0.56 ...)
-	TODO: check
+	- libimager-perl <unfixed> (medium; bug #421582)
+	NOTE: http://rt.cpan.org/Ticket/Display.html?id=26811
 CVE-2007-2458 (Multiple PHP remote file inclusion vulnerabilities in Pixaria
Gallery ...)
 	TODO: check
 CVE-2007-2457 (PHP remote file inclusion vulnerability in ...)