Author: fw Date: 2007-05-26 09:46:45 +0000 (Sat, 26 May 2007) New Revision: 5929 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-05-26 09:37:41 UTC (rev 5928) +++ data/CVE/list 2007-05-26 09:46:45 UTC (rev 5929) @@ -74,60 +74,60 @@ CVE-2007-2768 (OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, ...) TODO: check CVE-2007-2767 (Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) ...) - TODO: check + NOT-FOR-US: OPeNDAP CVE-2007-2766 (Backup Manager before 0.7.6 provides the MySQL password as a plaintext ...) - backup-manager <unfixed> (low) [sarge] - backup-manager <no-dsa> (Minor issue) [etch] - backup-manager <no-dsa> (Minor issue) CVE-2007-2765 (blockhosts.py in BlockHosts before 2.0.3 does not properly parse ...) - TODO: check + NOT-FOR-US: BlockHosts CVE-2007-2764 (The embedded Linux kernel in certain Sun-Brocade SilkWorm switches ...) NOT-FOR-US: Sun switches CVE-2007-2763 (Buffer overflow in the UnlockSupport function in the LockModules ...) - TODO: check + NOT-FOR-US: Sienzo Digital Music Mentor ActiveX control CVE-2007-2762 (Multiple PHP remote file inclusion vulnerabilities in Build it Fast ...) - TODO: check + NOT-FOR-US: Build it Fast CVE-2007-2761 (Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier ...) - TODO: check + NOT-FOR-US: MagicISO CVE-2007-2760 (The canUpdate function in model/MRole.java in Adempiere before 3.1.6 ...) - TODO: check + NOT-FOR-US: Adempiere CVE-2007-2759 (Multiple SQL injection vulnerabilities in the insert function in the ...) - TODO: check + NOT-FOR-US: Adempiere CVE-2007-2758 (Multiple buffer overflows in WinImage 8.0.8000 allow user-assisted ...) - TODO: check + NOT-FOR-US: WinImage CVE-2007-2757 (Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 ...) - TODO: check + NOT-FOR-US: Redoable CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted ...) TODO: check CVE-2007-2755 (The PrecisionID Barcode 1.9 ActiveX control in ...) - TODO: check + NOT-FOR-US: PrecisionID CVE-2007-2754 (Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and ...) - freetype 2.2.1-6 (bug #425625) CVE-2007-2753 (RunawaySoft Haber portal 1.0 stores sensitive information under the ...) - TODO: check + NOT-FOR-US: RunawaySoft CVE-2007-2752 (SQL injection vulnerability in devami.asp in RunawaySoft Haber portal ...) - TODO: check + NOT-FOR-US: RunawaySoft CVE-2007-2751 (Multiple PHP remote file inclusion vulnerabilities in PHPGlossar 0.8 ...) - TODO: check + NOT-FOR-US: PHPGlossar CVE-2007-2750 (SQL injection vulnerability in print.php in SimpNews 2.40.01 and ...) - TODO: check + NOT-FOR-US: SimpNews CVE-2007-2749 (SQL injection vulnerability in question.php in FAQEngine 4.16.03 and ...) - TODO: check + NOT-FOR-US: FAQEngine CVE-2007-2748 (The substr_count function in PHP 5.2.1 and earlier allows ...) - php5 5.2.0-11 - php4 <unfixed> CVE-2007-2747 (Directory traversal vulnerability in rdw_helpers.py in rdiffWeb before ...) - TODO: check + NOT-FOR-US: rdiffWeb CVE-2007-2746 (The viewList function in lib/WebGUI/Asset/Wobject/DataForm.pm in Plain ...) - TODO: check + NOT-FOR-US: Plain Black WebGUI CVE-2007-2745 (Cross-site scripting (XSS) vulnerability in printcal.pl in vDesk ...) - TODO: check + NOT-FOR-US: vDesk CVE-2007-2744 (Stack-based buffer overflow in the PrecisionID Barcode 1.9 ActiveX ...) - TODO: check + NOT-FOR-US: PrecisionID CVE-2007-2743 (PHP remote file inclusion vulnerability in custom_vars.php in ...) - TODO: check + NOT-FOR-US: GlossWord CVE-2007-2742 (Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 ...) - TODO: check + NOT-FOR-US: w2box CVE-2007-2741 (Stack-based buffer overflow in Little CMS (lmcs) before 1.15 allows ...) TODO: check CVE-2007-2740 (Unspecified vulnerability in xajax before 0.2.5 has unknown impact and ...)