joeyh at alioth.debian.org
2007-Jul-13 09:14 UTC
[Secure-testing-commits] r6140 - data/CVE
Author: joeyh Date: 2007-07-13 09:14:07 +0000 (Fri, 13 Jul 2007) New Revision: 6140 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-13 05:55:06 UTC (rev 6139) +++ data/CVE/list 2007-07-13 09:14:07 UTC (rev 6140) @@ -1,3 +1,175 @@ +CVE-2007-3761 + RESERVED +CVE-2007-3760 + RESERVED +CVE-2007-3759 + RESERVED +CVE-2007-3758 + RESERVED +CVE-2007-3757 + RESERVED +CVE-2007-3756 + RESERVED +CVE-2007-3755 + RESERVED +CVE-2007-3754 + RESERVED +CVE-2007-3753 + RESERVED +CVE-2007-3752 + RESERVED +CVE-2007-3751 + RESERVED +CVE-2007-3750 + RESERVED +CVE-2007-3749 + RESERVED +CVE-2007-3748 + RESERVED +CVE-2007-3747 + RESERVED +CVE-2007-3746 + RESERVED +CVE-2007-3745 + RESERVED +CVE-2007-3744 + RESERVED +CVE-2007-3743 + RESERVED +CVE-2007-3742 + RESERVED +CVE-2007-3741 + RESERVED +CVE-2007-3740 + RESERVED +CVE-2007-3739 + RESERVED +CVE-2007-3738 + RESERVED +CVE-2007-3737 + RESERVED +CVE-2007-3736 + RESERVED +CVE-2007-3735 + RESERVED +CVE-2007-3734 + RESERVED +CVE-2007-3733 + RESERVED +CVE-2007-3732 + RESERVED +CVE-2007-3731 + RESERVED +CVE-2007-3730 (The default configuration of the POP server in TCP/IP Services 5.6 for ...) + TODO: check +CVE-2007-3729 (The default configuration of the POP server in TCP/IP Services 5.6 for ...) + TODO: check +CVE-2007-3728 (Buffer overflow in lib/silcclient/client_notify.c of SILC Client and ...) + TODO: check +CVE-2007-3727 (Multiple unspecified vulnerabilities in Webmatic before 2.7 have ...) + TODO: check +CVE-2007-3726 (Integer signedness error in the SET_VALUE function in rarvm.cpp in ...) + TODO: check +CVE-2007-3725 (The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows ...) + TODO: check +CVE-2007-3724 (The process scheduler in the Microsoft Windows XP kernel does not make ...) + TODO: check +CVE-2007-3723 (The process scheduler in the Sun Solaris kernel does not make use of ...) + TODO: check +CVE-2007-3722 (The 4BSD process scheduler in the FreeBSD kernel performs scheduling ...) + TODO: check +CVE-2007-3721 (The ULE process scheduler in the FreeBSD kernel gives preference to ...) + TODO: check +CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs scheduling ...) + TODO: check +CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to ...) + TODO: check +CVE-2007-3718 (Multiple unspecified vulnerabilities in the SVG parsing engine in ...) + TODO: check +CVE-2007-3717 (rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call ...) + TODO: check +CVE-2007-3716 (The Java XML Digital Signature implementation in Sun JDK and JRE 6 ...) + TODO: check +CVE-2007-3715 (Sun Java System Application Server and Web Server 7.0 through 9.0 ...) + TODO: check +CVE-2007-3714 (Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 ...) + TODO: check +CVE-2007-3713 (Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow ...) + TODO: check +CVE-2007-3712 (Multiple cross-site scripting (XSS) vulnerabilities in HiddenChest "is ...) + TODO: check +CVE-2007-3711 (Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x ...) + TODO: check +CVE-2007-3710 (PHP remote file inclusion vulnerability in ...) + TODO: check +CVE-2007-3709 (CRLF injection vulnerability in the redirect function in ...) + TODO: check +CVE-2007-3708 (Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before ...) + TODO: check +CVE-2007-3707 (Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 ...) + TODO: check +CVE-2007-3706 (The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 ...) + TODO: check +CVE-2007-3705 (SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to ...) + TODO: check +CVE-2007-3704 (Entertainment CMS allows remote attackers to bypass authentication and ...) + TODO: check +CVE-2007-3703 (Stack-based buffer overflow in a certain ActiveX control in sasatl.dll ...) + TODO: check +CVE-2007-3702 (Directory traversal vulnerability in the load function in ...) + TODO: check +CVE-2007-3701 (TippingPoint IPS before 20070710 does not properly handle a ...) + TODO: check +CVE-2007-3700 (Sun Java System Access Manager (formerly Java System Identity Server) ...) + TODO: check +CVE-2007-3699 + RESERVED +CVE-2007-3698 (The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 ...) + TODO: check +CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in ...) + TODO: check +CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model ...) + TODO: check +CVE-2007-3695 (Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly ...) + TODO: check +CVE-2007-3694 + RESERVED +CVE-2007-3693 (Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built ...) + TODO: check +CVE-2007-3692 (Directory traversal vulnerability in download.cgi in EZFactory KDDI ...) + TODO: check +CVE-2007-3691 (Multiple SQL injection vulnerabilities in changePW.php in AV Tutorial ...) + TODO: check +CVE-2007-3690 (The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal ...) + TODO: check +CVE-2007-3689 (The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal ...) + TODO: check +CVE-2007-3688 (Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear ...) + TODO: check +CVE-2007-3687 (SQL injection vulnerability in inferno.php in the Inferno Technologies ...) + TODO: check +CVE-2007-3686 (CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating ...) + TODO: check +CVE-2007-3685 (Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive ...) + TODO: check +CVE-2007-3684 (Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating ...) + TODO: check +CVE-2007-3683 (SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and ...) + TODO: check +CVE-2007-3682 (SQL injection vulnerability in index.php in OpenLD 1.2.2 and earlier ...) + TODO: check +CVE-2007-3681 (The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in ...) + TODO: check +CVE-2007-3680 (Stack-based buffer overflow in the odm_searchpath function in libodm ...) + TODO: check +CVE-2007-3679 + RESERVED +CVE-2007-3678 (Stack-based buffer overflow in the MSWord text-import extension (Word ...) + TODO: check +CVE-2007-3677 (Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow ...) + TODO: check +CVE-1999-1592 (Multiple unspecified vulnerabilities in sendmail 5, as installed on ...) + TODO: check CVE-2007-3676 RESERVED CVE-2007-3675 @@ -68,7 +240,7 @@ - libarchive <unfixed> (bug #432924; low) CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative privileges ...) TODO: check -CVE-2007-3642 (The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c ...) +CVE-2007-3642 (The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c ...) TODO: check CVE-2007-3641 RESERVED @@ -382,8 +554,8 @@ TODO: check CVE-2007-3510 RESERVED -CVE-2007-3509 - RESERVED +CVE-2007-3509 (Heap-based buffer overflow in the RPC subsystem in Symantec Backup ...) + TODO: check CVE-2007-3508 (** DISPUTED ** ...) - glibc 2.6-2 (unimportant; bug #431858) NOTE: Not security-relevant @@ -395,7 +567,7 @@ [etch] - freetype <not-affected> (Vulnerable code introduced in 2.3.x) CVE-2007-3505 (Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 ...) NOT-FOR-US: QuickTalk forum -CVE-2007-3504 (Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java ...) +CVE-2007-3504 (Directory traversal vulnerability in the PersistenceService in Sun ...) - sun-java5 <not-affected> NOTE: Sun Alert ID 102957 says issue is Windows only CVE-2007-3503 (The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML ...) @@ -502,10 +674,10 @@ NOT-FOR-US: Civitech Avax Vector CVE-2007-3458 (The libsldap library in Sun Solaris 8, 9, and 10 allows local users to ...) NOT-FOR-US: Sun Solaris libsldap -CVE-2007-3457 - RESERVED -CVE-2007-3456 - RESERVED +CVE-2007-3457 (Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP ...) + TODO: check +CVE-2007-3456 (Unspecified vulnerability in Adobe Flash Player 9.0.45.0 and earlier ...) + TODO: check CVE-2006-7214 (Multiple unspecified vulnerabilities in Firebird 1.5 allow remote ...) - firebird1.5 <unfixed> (bug filed) - firebird2 <removed> @@ -4412,7 +4584,7 @@ TODO: check CVE-2007-1755 RESERVED -CVE-2007-1754 (Microsoft Office Publisher 2007 does not properly clear memory when ...) +CVE-2007-1754 (PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear ...) TODO: check CVE-2007-1753 RESERVED @@ -12760,14 +12932,14 @@ - snort <not-affected> (snort versions 2.3.x do not contain the DCE RPC preprocessor) CVE-2006-5275 RESERVED -CVE-2006-5274 - RESERVED -CVE-2006-5273 - RESERVED -CVE-2006-5272 - RESERVED -CVE-2006-5271 - RESERVED +CVE-2006-5274 (Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...) + TODO: check +CVE-2006-5273 (Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...) + TODO: check +CVE-2006-5272 (Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...) + TODO: check +CVE-2006-5271 (Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...) + TODO: check CVE-2006-5270 (Integer overflow in the Microsoft Malware Protection Engine ...) NOT-FOR-US: Microsoft CVE-2006-5269 @@ -27940,7 +28112,8 @@ REJECTED CVE-2005-3562 REJECTED -CVE-2005-3561 ( ...) +CVE-2005-3561 + REJECTED NOT-FOR-US: ATutor CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite ...) NOT-FOR-US: Zone Labs