stef-guest at alioth.debian.org
2007-Jul-31 20:07 UTC
[Secure-testing-commits] r6200 - data/CVE
Author: stef-guest Date: 2007-07-31 20:07:36 +0000 (Tue, 31 Jul 2007) New Revision: 6200 Modified: data/CVE/list Log: nessus not-affected apache issue unimportant NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-07-31 19:50:33 UTC (rev 6199) +++ data/CVE/list 2007-07-31 20:07:36 UTC (rev 6200) @@ -85,19 +85,19 @@ CVE-2007-4074 (The default configuration of Centre for Speech Technology Research ...) - festival <unfixed> (bug #435445; low) CVE-2007-4073 (Webbler CMS before 3.1.6 does not properly restrict use of "mail a ...) - TODO: check + NOT-FOR-US: Webbler CMS CVE-2007-4072 (Webbler CMS before 3.1.6 provides the full installation path within ...) - TODO: check + NOT-FOR-US: Webbler CMS CVE-2007-4071 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + NOT-FOR-US: Webbler CMS CVE-2007-4070 (Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun ...) TODO: check CVE-2007-4069 (SQL injection vulnerability in show_cat.php in IndexScript 2.8 and ...) - TODO: check + NOT-FOR-US: IndexScript CVE-2007-4068 (Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote ...) - TODO: check + NOT-FOR-US: Webyapar CVE-2007-4067 (Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ...) - TODO: check + NOT-FOR-US: Clever Internet ActiveX Suite CVE-2007-4066 RESERVED CVE-2007-4065 @@ -110,33 +110,34 @@ - drupal5 5.2-1 (low) NOTE: DRUPAL-SA-2007-017 CVE-2007-4062 (The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus ...) - TODO: check + - nessus <not-affected> (Windows only) CVE-2007-4061 (Directory traversal vulnerability in a certain ActiveX control in ...) - TODO: check + - nessus <not-affected> (Windows only) CVE-2007-4060 (Multiple buffer overflows in the HttpSprockMake function in http.c in ...) - TODO: check + NOT-FOR-US: corehttp CVE-2007-4059 (Absolute path traversal vulnerability in a certain ActiveX control in ...) - TODO: check + NOT-FOR-US: EMC VMware CVE-2007-4058 (Absolute path traversal vulnerability in a certain ActiveX control in ...) - TODO: check + NOT-FOR-US: EMC VMware CVE-2007-4057 (Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio ...) - TODO: check + NOT-FOR-US: Neocrome Seditio CVE-2007-4056 (SQL injection vulnerability in directory.php in Adult Directory allows ...) - TODO: check + NOT-FOR-US: Adult Directory CVE-2007-4055 (SQL injection vulnerability in comments_get.asp in SimpleBlog 3.0 ...) - TODO: check + NOT-FOR-US: SimpleBlog CVE-2007-4054 (SQL injection vulnerability in category.php in PHP123 Top Sites allows ...) - TODO: check + NOT-FOR-US: PHP123 Top Sites CVE-2007-4053 (SQL injection vulnerability in include/img_view.class.php in LinPHA ...) - TODO: check + NOT-FOR-US: LinPHA CVE-2007-4052 (Cross-site scripting (XSS) vulnerability in utilities/login.asp in ...) - TODO: check + NOT-FOR-US: nukedit CVE-2007-4051 (Heap-based buffer overflow in the FindFiles function in UltraDefrag ...) - TODO: check + NOT-FOR-US: UltraDefrag CVE-2007-4050 (Unspecified vulnerability in WebUI in ADempiere Bazaar before 3.3 beta ...) - TODO: check + NOT-FOR-US: ADempiere Bazaar CVE-2007-4049 (Cross-site scripting (XSS) vulnerability in the printenv.pl test CGI ...) - TODO: check + - apache <unfixed> (unimportant) + NOTE: only an example script /usr/share/doc/apache-common/examples/ CVE-2007-4048 (Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo ...) TODO: check CVE-2007-4047 (geoBlog (aka BitDamaged) 1 does not require authentication for (1) ...)