Author: fw Date: 2007-06-16 09:50:54 +0000 (Sat, 16 Jun 2007) New Revision: 6005 Modified: data/CVE/list Log: CVE-2007-3209: mail-notification CVE-2007-3205: php4, php5 CVE-2007-3193: phpwiki CVE-2007-3165: tor fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-06-16 09:23:56 UTC (rev 6004) +++ data/CVE/list 2007-06-16 09:50:54 UTC (rev 6005) @@ -80,7 +80,7 @@ CVE-2007-3210 (Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens ...) TODO: check CVE-2007-3209 (Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses ...) - TODO: check + - mail-notification <unfixed> (low; bug #429200) CVE-2007-3208 (CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 ...) TODO: check CVE-2007-3207 @@ -88,7 +88,8 @@ CVE-2007-3206 RESERVED CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Subhosin, ...) - TODO: check + - php4 <unfixed> (low) + - php5 <unfixed> (low) CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network ...) TODO: check CVE-2007-3203 (Stack-based buffer overflow in smtpdll.dll in the SMTP service in ...) @@ -112,7 +113,7 @@ CVE-2007-3194 (** DISPUTED ** ...) TODO: check CVE-2007-3193 (lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the ...) - TODO: check + - phpwiki <unfixed> (low; bug #429201) CVE-2007-3192 (admin/setup.php in Just For Fun Network Management System (JFFNMS) ...) TODO: check CVE-2007-3191 (Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote ...) @@ -168,7 +169,7 @@ CVE-2007-3166 (Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, ...) TODO: check CVE-2007-3165 (Tor before 0.1.2.14 can construct circuits in which an entry guard is ...) - TODO: check + - tor 0.1.2.14-1 (medium) CVE-2007-3164 (Microsoft Internet Explorer 7, when prompting for HTTP Basic ...) TODO: check CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in Frederico ...)