Author: fw Date: 2007-06-02 07:41:37 +0000 (Sat, 02 Jun 2007) New Revision: 5965 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-06-02 07:41:09 UTC (rev 5964) +++ data/CVE/list 2007-06-02 07:41:37 UTC (rev 5965) @@ -216,7 +216,7 @@ - firefox <removed> (medium) - mozilla <removed> (medium) CVE-2007-2866 (Multiple SQL injection vulnerabilities in ...) - TODO: check + NOT-FOR-US: PHPEcho CMS CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin ...) - phppgadmin <unfixed> (low; bug #427151) CVE-2007-2864 @@ -224,46 +224,46 @@ CVE-2007-2863 RESERVED CVE-2007-2862 (Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow ...) - TODO: check + NOT-FOR-US: CubeCart CVE-2007-2861 (Multiple PHP remote file inclusion vulnerabilities in Simple ...) - TODO: check + NOT-FOR-US: SAXON CVE-2007-2860 (user.php in BoastMachine 3.0 platinum allows remote authenticated ...) - TODO: check + NOT-FOR-US: BoastMachine CVE-2007-2859 (Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 ...) - TODO: check + NOT-FOR-US: SimpGB CVE-2007-2858 (SQL injection vulnerability in the IP-Search functionality in the ...) - TODO: check + NOT-FOR-US: IP-Tracking Mod for phpBB CVE-2007-2857 (PHP remote file inclusion vulnerability in sample/xls2mysql in ABC ...) - TODO: check + NOT-FOR-US: ABC Excel Parser Pro CVE-2007-2856 (Buffer overflow in the Dart Communications PowerTCP ZIP Compression ...) - TODO: check + NOT-FOR-US: Dart Communications PowerTCP CVE-2007-2855 (Buffer overflow in a certain ActiveX control in DartZipLite.dll ...) - TODO: check + NOT-FOR-US: Dart ZipLite CVE-2007-2854 (Multiple SQL injection vulnerabilities in account_change.php in ...) - TODO: check + NOT-FOR-US: BtiTracker CVE-2007-2853 (The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in Virtual CD ...) - TODO: check + NOT-FOR-US: Virtual CD CVE-2007-2852 (Multiple stack-based buffer overflows in ESET NOD32 Antivirus before ...) - TODO: check + NOT-FOR-US: ESET NOD32 Antivirus CVE-2007-2851 (A certain ActiveX control in LeadTools Raster Variant Object Library ...) - TODO: check + NOT-FOR-US: LeadTools CVE-2007-2850 (The Session Reliability Service (XTE) in Citrix MetaFrame Presentation ...) - TODO: check + NOT-FOR-US: Citrix CVE-2007-2849 (KnowledgeTree Document Management (aka KnowledgeTree Open Source) ...) - TODO: check + NOT-FOR-US: KnowledgeTree CVE-2007-2848 (Stack-based buffer overflow in the SetPath function in the shComboBox ...) - TODO: check + NOT-FOR-US: Sky Software CVE-2007-2847 (Multiple cross-site scripting (XSS) vulnerabilities in hlstats.php in ...) - TODO: check + NOT-FOR-US: HLstats CVE-2007-2846 (Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus ...) - TODO: check + NOT-FOR-US: Avast CVE-2007-2845 (Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus ...) - TODO: check + NOT-FOR-US: Avast CVE-2007-2844 (PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, ...) - php5 5.2.2-1 (low) - php4 <unfixed> (low) CVE-2007-2843 (Cross-domain vulnerability in Apple Safari 2.0.4 allows remote ...) - TODO: check + NOT-FOR-US: Apple Safari NOTE: Does not seem to work with Konqueror. CVE-2007-2842 RESERVED @@ -286,7 +286,7 @@ CVE-2007-2833 RESERVED CVE-2007-2832 (Cross-site scripting (XSS) vulnerability in the web application ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-2831 (Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ...) - madwifi-source <unfixed> (high) CVE-2007-2830 (The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 ...) @@ -294,19 +294,19 @@ CVE-2007-2829 (The 802.11 network stack in net80211/ieee80211_input.c in MadWifi ...) - madwifi-source <unfixed> (medium) CVE-2007-2828 (Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php ...) - TODO: check + NOT-FOR-US: AdSense-Deluxe CVE-2007-2827 (Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX ...) - TODO: check + NOT-FOR-US: LeadTools CVE-2007-2826 (PHP remote file inclusion vulnerability in lib/addressbook.php in ...) - TODO: check + NOT-FOR-US: Madirish Webmail CVE-2007-2825 (Multiple cross-site scripting (XSS) vulnerabilities in ReadMsg.php in ...) - TODO: check + NOT-FOR-US: @Mail CVE-2007-2824 (SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 ...) - TODO: check + NOT-FOR-US: AlstraSoft E-Friends CVE-2007-2823 (Multiple buffer overflows in HT Editor before 2.0.6 might allow remote ...) - TODO: check + NOT-FOR-US: HT Editor CVE-2007-2822 (TutorialCMS 1.01 and earlier, when register_globals is enabled, allows ...) - TODO: check + NOT-FOR-US: TutorialCMS CVE-2007-2821 (SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress ...) - wordpress 2.2-1 (high) CVE-2007-2820 (Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX ...)