stef-guest at alioth.debian.org
2007-Aug-02 21:39 UTC
[Secure-testing-commits] r6217 - data/CVE
Author: stef-guest Date: 2007-08-02 21:39:37 +0000 (Thu, 02 Aug 2007) New Revision: 6217 Modified: data/CVE/list Log: new postfix-policyd issue; NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-02 19:13:19 UTC (rev 6216) +++ data/CVE/list 2007-08-02 21:39:37 UTC (rev 6217) @@ -594,75 +594,75 @@ CVE-2007-3835 (Cross-site scripting (XSS) vulnerability in Ex Libris MetaLib 3.13 and ...) NOT-FOR-US: Ex Libris MetaLib CVE-2007-3834 (Multiple cross-site scripting (XSS) vulnerabilities in Ex Libris ALEPH ...) - TODO: check + NOT-FOR-US: Ex Libris ALEPH CVE-2007-3833 (The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios ...) - TODO: check + NOT-FOR-US: Trillian CVE-2007-3832 (Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in ...) - TODO: check + NOT-FOR-US: Trillian CVE-2007-3831 (PHP remote file inclusion in main.php in ISS Proventia Network IPS ...) - TODO: check + NOT-FOR-US: ISS Proventia Network IPS CVE-2007-3830 (Cross-site scripting (XSS) vulnerability in alert.php in ISS Proventia ...) - TODO: check + NOT-FOR-US: ISS Proventia Network IPS CVE-2007-3829 (Multiple stack-based buffer overflows in (a) InterActual Player ...) - TODO: check + NOT-FOR-US: InterActual Player CVE-2007-3828 (Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows ...) TODO: check CVE-2007-3827 (Mozilla Firefox allows for cookies to be set with a null domain (aka ...) TODO: check CVE-2007-3826 (Microsoft Internet Explorer 7 on Windows XP SP2 allows remote ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation in ...) - TODO: check + NOT-FOR-US: CA Alert Notification Server CVE-2007-3824 (SQL injection vulnerability in katgoster.asp in MzK Blog (tr) allows ...) - TODO: check + NOT-FOR-US: MzK Blog CVE-2007-3823 (The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows ...) - TODO: check + NOT-FOR-US: IPSwitch WS_FTP CVE-2007-3822 (Multiple cross-site scripting (XSS) vulnerabilities in Webcit before ...) - TODO: check + NOT-FOR-US: Webcit CVE-2007-3821 (Cross-site request forgery (CSRF) vulnerability in Webcit before 7.11 ...) - TODO: check + NOT-FOR-US: Webcit CVE-2007-3820 (konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to ...) TODO: check CVE-2007-3819 (Opera 9.21 allows remote attackers to spoof the data: URI scheme in ...) - TODO: check + NOT-FOR-US: Opera CVE-2007-3818 (Cross-site scripting (XSS) vulnerability in the LoginToboggan module ...) - TODO: check + NOT-FOR-US: LoginToboggan CVE-2007-3817 (Cross-site scripting (XSS) vulnerability in the LoginToboggan module ...) - TODO: check + NOT-FOR-US: LoginToboggan CVE-2007-3816 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: JWIG CVE-2007-3815 (Buffer overflow in pirs32.exe in Poslovni informator Republike ...) - TODO: check + NOT-FOR-US: Poslovni informator Republike Slovenije CVE-2007-3814 (Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote ...) - TODO: check + NOT-FOR-US: MKPortal CVE-2007-3813 (PHP remote file inclusion vulnerability in include/user.php in the ...) - TODO: check + NOT-FOR-US: NoBoard BETA module for MKPortal CVE-2007-3812 (SQL injection vulnerability in forums.php in CMScout 1.23 and earlier ...) - TODO: check + NOT-FOR-US: CMScout CVE-2007-3811 (Multiple SQL injection vulnerabilities in eSyndiCat allow remote ...) - TODO: check + NOT-FOR-US: eSyndiCat CVE-2007-3810 (SQL injection vulnerability in index.php in Realtor 747 allows remote ...) - TODO: check + NOT-FOR-US: Realtor 747 CVE-2007-3809 (Multiple SQL injection vulnerabilities in Prozilla Directory Script ...) - TODO: check + NOT-FOR-US: Prozilla Directory Script CVE-2007-3808 (SQL injection vulnerability in includes/search.php in paFileDB 3.6 ...) - TODO: check + NOT-FOR-US: paFileDB CVE-2007-3807 (Multiple cross-site scripting (XSS) vulnerabilities in SiteScape Forum ...) - TODO: check + NOT-FOR-US: SiteScape Forum CVE-2007-3806 (The glob function in PHP 5.2.3 allows context-dependent attackers to ...) TODO: check CVE-2007-3805 (The IKE implementation in Clavister CorePlus before 8.80.03, and ...) - TODO: check + NOT-FOR-US: Clavister CorePlus CVE-2007-3804 (The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before ...) - TODO: check + NOT-FOR-US: Clavister CorePlus CVE-2007-3803 (The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does ...) - TODO: check + NOT-FOR-US: Clavister CorePlus CVE-2007-3802 (The Decomposer component in multiple Symantec products may allow ...) - TODO: check + NOT-FOR-US: Symantec CVE-2007-3801 (The Decomposer component in multiple Symantec products allows remote ...) - TODO: check + NOT-FOR-US: Symantec CVE-2007-3800 (Unspecified vulnerability in the Real-time scanner (RTVScan) component ...) - TODO: check + NOT-FOR-US: Symantec CVE-2007-3799 (The session_start function in ext/session in PHP 4.x up to 4.4.7 and ...) TODO: check CVE-2007-3798 (Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 ...) @@ -670,33 +670,33 @@ CVE-2007-3797 RESERVED CVE-2007-3796 (The password reset feature in the Spam Quarantine HTTP interface for ...) - TODO: check + NOT-FOR-US: Spam Quarantine HTTP interface for MailMarshal SMTP CVE-2007-3795 (Unspecified vulnerability in Hitachi TP1/Server Base before 03-05-/P, ...) - TODO: check + NOT-FOR-US: Hitachi CVE-2007-3794 (Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit ...) - TODO: check + NOT-FOR-US: Hitachi CVE-2007-3793 (SQL injection vulnerability in Job Management Partner 1/NETM/DM ...) - TODO: check + NOT-FOR-US: Job Management Partner CVE-2007-3792 (Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold ...) - TODO: check + NOT-FOR-US: AzDG Dating Gold CVE-2007-3791 (Buffer overflow in the w_read function in sockets.c in Cami Sardinha ...) - TODO: check + - postfix-policyd <unfixed> (bug #435735) CVE-2007-3790 (The com_print_typeinfo function in the bz2 extension in PHP 5.2.3 ...) TODO: check CVE-2007-3789 (SQL injection vulnerability in admin/index.php in Inmostore 4.0 allows ...) - TODO: check + NOT-FOR-US: Inmostore CVE-2007-3788 (The eSoft InstaGate EX2 UTM device stores the admin password within ...) - TODO: check + NOT-FOR-US: eSoft InstaGate CVE-2007-3787 (The eSoft InstaGate EX2 UTM device does not require entry of the old ...) - TODO: check + NOT-FOR-US: eSoft InstaGate CVE-2007-3786 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: eSoft InstaGate CVE-2007-3785 (Absolute path traversal vulnerability in a certain ActiveX control in ...) - TODO: check + NOT-FOR-US: EldoS SecureBlackbox CVE-2007-3784 (Cross-site scripting (XSS) vulnerability in the Belkin G Plus Router ...) - TODO: check + NOT-FOR-US: Belkin CVE-2007-3783 (SQL injection vulnerability in default.asp in enVivo!CMS allows remote ...) - TODO: check + NOT-FOR-US: enVivo!CMS CVE-2007-3782 (MySQL Community Server before 5.0.45 allows remote authenticated users ...) TODO: check CVE-2007-3781 (MySQL Community Server before 5.0.45 does not require privileges such ...) @@ -710,11 +710,11 @@ CVE-2007-3777 (avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and Free ...) TODO: check CVE-2007-3776 (Cisco Unified Communications Manager (CUCM, formerly CallManager) and ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-3775 (Unspecified vulnerability in Cisco Unified Communications Manager ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-3774 (Dvbbs 7.1.0 SP1 stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: Dvbbs CVE-2007-3773 (Cross-site request forgery (CSRF) vulnerability in the Email-Template ...) TODO: check CVE-2007-3772 (Directory traversal vulnerability in news/show.php in PsNews 1.1 ...)