djoume-guest at alioth.debian.org
2007-May-25 20:36 UTC
[Secure-testing-commits] r5921 - data/CVE
Author: djoume-guest Date: 2007-05-25 20:36:41 +0000 (Fri, 25 May 2007) New Revision: 5921 Modified: data/CVE/list Log: - sun-java Image parser vulnerabilities - NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-25 09:41:46 UTC (rev 5920) +++ data/CVE/list 2007-05-25 20:36:41 UTC (rev 5921) @@ -16,55 +16,58 @@ CVE-2007-2794 RESERVED CVE-2007-2793 (PHP remote file inclusion vulnerability in ImageImageMagick.php in ...) - TODO: check + - geeklog <itp> (bug #203818) CVE-2007-2792 (SQL injection vulnerability in index.php in the com_yanc 1.4 beta ...) - TODO: check + NOT-FOR-US: com_yanc + NOTE: com_yanc component not in Mambo Debian package CVE-2007-2791 (Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX ...) - TODO: check + NOT-FOR-US: HP Tru64 CVE-2007-2790 (Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP ...) - TODO: check + NOT-FOR-US: VP-ASP Shopping Cart CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before ...) - TODO: check + - sun-java5 1.5.0-11-1 (medium) + - sun-java6 <unfixed> (bug #422403) CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun Java ...) - TODO: check + - sun-java5 1.5.0-11-1 (medium) + - sun-java6 <unfixed> (bug #422403) CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the (1) ...) - TODO: check + NOT-FOR-US: LeadTools Raster Thumbnail Object Library CVE-2007-2786 (Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows remote ...) - TODO: check + NOT-FOR-US: ircd-ratbox CVE-2007-2785 (manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to ...) - TODO: check + NOT-FOR-US: eSyndiCat Pro CVE-2007-2784 (Unspecified vulnerability in globus-job-manager in Globus Toolkit ...) - TODO: check + - globus <itp> (bug #142932) CVE-2007-2783 (Unspecified vulnerability in Rational Soft Hidden Administrator 1.7 ...) - TODO: check + NOT-FOR-US: Rational Soft Hidden Administrator CVE-2007-2782 (Packeteer PacketShaper uses fixed increments in TCP initial sequence ...) - TODO: check + NOT-FOR-US: Packeteer PacketShaper CVE-2007-2781 (Cross-site scripting (XSS) vulnerability in ...) - TODO: check + NOT-FOR-US: WikyBlog CVE-2007-2780 (PsychoStats 3.0.6b and earlier allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: PsychoStats CVE-2007-2779 (PHP remote file inclusion vulnerability in template_csv.php in ...) - TODO: check + NOT-FOR-US: Libstats CVE-2007-2778 (Multiple directory traversal vulnerabilities in MolyX BOARD 2.5.0 ...) - TODO: check + NOT-FOR-US: MolyX BOARD CVE-2007-2777 (Unrestricted file upload vulnerability in admin/addsptemplate.php in ...) - TODO: check + NOT-FOR-US: AlstraSoft Template Seller Pro CVE-2007-2776 (AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to ...) - TODO: check + NOT-FOR-US: AlstraSoft Template Seller Pro CVE-2007-2775 (AlstraSoft Live Support 1.21 sends a redirect to the web browser but ...) - TODO: check + NOT-FOR-US: AlstraSoft Live Support CVE-2007-2774 (Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 ...) - TODO: check + NOT-FOR-US: SunLight CMS CVE-2007-2773 (SQL injection vulnerability in plugins/mp3playlist/mp3playlist.php in ...) - TODO: check + NOT-FOR-US: Zomplog CVE-2007-2772 ((1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe (catirpc.dll and ...) - TODO: check + NOT-FOR-US: CA BrightStor Backup CVE-2007-2771 (Stack-based buffer overflow in the LEAD Technologies LeadTools JPEG ...) - TODO: check + NOT-FOR-US: LeadTools JPEG 2000 CVE-2007-2770 (Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote ...) - TODO: check + NOT-FOR-US: Eudora CVE-2007-2769 (BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 does not properly ...) - TODO: check + NOT-FOR-US: OPeNDAP CVE-2007-2768 (OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, ...) TODO: check CVE-2007-2767 (Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) ...)