stef-guest at alioth.debian.org
2007-Aug-02 19:10 UTC
[Secure-testing-commits] r6215 - data/CVE
Author: stef-guest Date: 2007-08-02 19:10:40 +0000 (Thu, 02 Aug 2007) New Revision: 6215 Modified: data/CVE/list Log: new: teamspeak-server, bandersnatch, zoph already fixed: sun-java[56] NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-02 18:21:36 UTC (rev 6214) +++ data/CVE/list 2007-08-02 19:10:40 UTC (rev 6215) @@ -1,3 +1,5 @@ +CVE-2007-XXXX [teamspeak-server arbitrary file disclosure] + - teamspeak-server <unfixed> (bug #435707; medium) CVE-2007-XXXX [tor insufficient authentication on control port] - tor 0.1.2.16-1 CVE-2007-4116 (SQL injection vulnerability in philboard_forum.asp in Metyus Forum ...) @@ -333,7 +335,7 @@ CVE-2007-3957 (Buffer overflow in Nipun Jain xserver 0.1 alpha allows remote ...) NOT-FOR-US: Nipun Jain xserver CVE-2007-3956 (TeamSpeak WebServer 2.0 for Windows does not validate parameter value ...) - TODO: check + - teamspeak-server <unfixed> (bug #435707) CVE-2007-3955 (Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in ...) NOT-FOR-US: LinkedIn Toolbar CVE-2007-3954 (Argument injection vulnerability in Microsoft Internet Explorer, when ...) @@ -381,27 +383,29 @@ CVE-2007-3933 (SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and ...) NOT-FOR-US: QuickEStore CVE-2007-3932 (uploadimg.php in the Expose RC35 and earlier (com_expose) component ...) - TODO: check + NOT-FOR-US: Expose RC35 for Joomla CVE-2007-3931 (The wrap_setuid_third_party_application function in the installation ...) - TODO: check + NOT-FOR-US: Samsung SCX-4200 Driver installation script CVE-2007-3930 (Interpretation conflict between Microsoft Internet Explorer and ...) NOT-FOR-US: Microsoft CVE-2007-3929 (Use-after-free vulnerability in the BitTorrent support in Opera before ...) - TODO: check + NOT-FOR-US: Opera CVE-2007-3928 (Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote ...) - TODO: check + NOT-FOR-US: Yahoo! Messenger CVE-2007-3927 (Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 ...) NOT-FOR-US: Ipswitch IMail Server CVE-2007-3926 (Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to ...) NOT-FOR-US: Ipswitch IMail Server CVE-2007-3925 (Multiple buffer overflows in the IMAP service (imapd32.exe) in ...) - TODO: check + NOT-FOR-US: Ipswitch IMail Server CVE-2007-3924 (Argument injection vulnerability in Microsoft Internet Explorer, when ...) NOT-FOR-US: Microsoft CVE-2007-3923 (The Common Internet File System (CIFS) optimization in Cisco Wide Area ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-3922 (Unspecified vulnerability in the Java Runtime Environment (JRE) Applet ...) - TODO: check + - sun-java5 1.5.0-12-2 + [etch] - sun-java5 <no-dsa> (non-free not supported) + - sun-java6 6-02-1 CVE-2007-3921 RESERVED CVE-2007-3920 @@ -423,19 +427,19 @@ CVE-2007-3912 RESERVED CVE-2007-3911 (Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka ...) - TODO: check + NOT-FOR-US: BakBone NetVault Reporter CVE-2007-3910 (Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows ...) - TODO: check + - bandersnatch <unfixed> (low; bug #435709) CVE-2007-3909 (Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow ...) - TODO: check + - bandersnatch <unfixed> (low; bug #435709) CVE-2007-3908 (Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat ...) - TODO: check + NOT-FOR-US: HP ServiceGuard CVE-2007-3907 (Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 ...) - TODO: check + NOT-FOR-US: LedgerSMB CVE-2007-3906 (Unspecified vulnerability in Kaspersky Anti-Virus for Check Point ...) NOT-FOR-US: Kaspersky Anti-Virus CVE-2007-3905 (SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote ...) - TODO: check + - zoph <unfixed> (bug filed) CVE-2007-3904 RESERVED CVE-2007-3903 @@ -467,23 +471,23 @@ CVE-2007-3890 RESERVED CVE-2007-3889 (Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and ...) - TODO: check + NOT-FOR-US: Insanely Simple Blog CVE-2007-3888 (Multiple cross-site scripting (XSS) vulnerabilities in Insanely Simple ...) - TODO: check + NOT-FOR-US: Insanely Simple Blog CVE-2007-3887 (Multiple cross-site scripting (XSS) vulnerabilities in mesaj_formu.asp ...) - TODO: check + NOT-FOR-US: ASP Ziyaretci Defteri CVE-2007-3886 (Cross-site scripting (XSS) vulnerability in default.asp in Element CMS ...) - TODO: check + NOT-FOR-US: Element CMS CVE-2007-3885 (Cross-site scripting (XSS) vulnerability in philboard_search.asp in ...) - TODO: check + NOT-FOR-US: husrevforum CVE-2007-3884 (SQL injection vulnerability in philboard_forum.asp in husrevforum ...) - TODO: check + NOT-FOR-US: husrevforum CVE-2007-3883 (The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.1 and ...) - TODO: check + NOT-FOR-US: Data Dynamics ActiveBar ActiveX control CVE-2007-3882 (SQL injection vulnerability in index.php in Expert Advisor allows ...) - TODO: check + NOT-FOR-US: Expert Advisor CVE-2007-3881 (SQL injection vulnerability in index.php in Pictures Rating (Picture ...) - TODO: check + NOT-FOR-US: Pictures Rating CVE-2007-3880 RESERVED CVE-2007-3879 @@ -495,7 +499,7 @@ CVE-2007-3876 RESERVED CVE-2007-3875 (arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) ...) - TODO: check + NOT-FOR-US: CA Anti-Virus CVE-2007-3874 RESERVED CVE-2007-3873 @@ -510,41 +514,41 @@ - dokuwiki 0.0.20070626b-1 (unimportant; bug #434134) NOTE: IE browser bug are not treated as security issues in packages applications CVE-2007-3870 (Multiple unspecified vulnerabilities in the Human Capital Management ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3869 (Multiple unspecified vulnerabilities in the Customer Relationship ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3868 (Multiple unspecified vulnerabilities in PeopleTools in Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3867 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3866 (Multiple unspecified vulnerabilities in Oracle E-Business Suite ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3865 (Unspecified vulnerability in the Oracle Customer Intelligence ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3864 (Multiple unspecified vulnerabilities in Oracle Collaboration Suite ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3863 (Unspecified vulnerability in Oracle JDeveloper for Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3862 (Unspecified vulnerability in Oracle Application Server 9.0.4.3 and ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3861 (Unspecified vulnerability in Oracle Jdeveloper in Oracle Application ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3860 (Unspecified vulnerability in Oracle Application Express (formerly ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3859 (Unspecified vulnerability in the Oracle Internet Directory component ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3858 (Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3857 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3856 (Unspecified vulnerability in the Oracle Data Mining component for ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3855 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3854 (Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3853 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and ...) - TODO: check + NOT-FOR-US: Oracle CVE-2007-3852 RESERVED CVE-2007-3851 @@ -574,7 +578,7 @@ CVE-2007-3843 RESERVED CVE-2007-3842 (Cross-site scripting (XSS) vulnerability in the 8e6 R3000 Enterprise ...) - TODO: check + NOT-FOR-US: 8e6 R3000 Enterprise Filter CVE-2007-3841 (Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux ...) TODO: check CVE-2007-3840 (SQL injection vulnerability in referralUrl.php in Traffic Stats allows ...)