thr3ads.net - Secure testing commits - [Secure-testing-commits] r6232

If this information is useful, please help other people find it:
Share via:
fw at alioth.debian.org
2007-Aug-04 11:53 UTC
[Secure-testing-commits] r6232 - data/CVE

Author: fw
Date: 2007-08-04 11:53:37 +0000 (Sat, 04 Aug 2007)
New Revision: 6232

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-08-04 11:25:26 UTC (rev 6231)
+++ data/CVE/list	2007-08-04 11:53:37 UTC (rev 6232)
@@ -1047,135 +1047,135 @@
 	NOTE: Moodle contains a copy of the files, but not the string
 	NOTE: "homedir", so it is not affected.
 CVE-2007-3631 (SQL injection vulnerability in index.php in GameSiteScript (gss)
3.1 ...)
-	TODO: check
+	NOT-FOR-US: GameSiteScript
 CVE-2007-3630 (changePW.php in AV Tutorial Script (avtutorial) 1.0 does not
require ...)
-	TODO: check
+	NOT-FOR-US: AV Tutorial
 CVE-2007-3629 (SQL injection vulnerability in oku.asp in Levent Veysi Portal
1.0 ...)
-	TODO: check
+	NOT-FOR-US: Levent Veysi Portal
 CVE-2007-3628 (Unspecified vulnerability in the fetch function in MDB2.php in
PEAR ...)
-	TODO: check
+	NOT-FOR-US: Structures-DataGrid-DataSource-MDB2
 CVE-2007-3627 (Multiple SQL injection vulnerabilities in PHP Lite Calendar
Express ...)
-	TODO: check
+	NOT-FOR-US: PHP Lite Calender Express
 CVE-2007-3626 (Unspecified vulnerability in the ADM daemon in Hitachi TPBroker
before ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2007-3625 (The Program Neighborhood Agent in Citrix Presentation Server
Clients ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2007-3624 (Heap-based buffer overflow in the Message HTTP Server in SAP
Message ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2007-3623 (Cross-site scripting (XSS) vulnerability in the Hitachi
JP1/HiCommand ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2007-3622 (Unspecified vulnerability in DomainPOP in Alt-N Technologies
MDaemon ...)
-	TODO: check
+	NOT-FOR-US: MDaemon
 CVE-2007-3621 (Multiple CRLF injection vulnerabilities in callboth.php in
AsteriDex ...)
-	TODO: check
+	NOT-FOR-US: AsteriDex
 CVE-2007-3620 (Multiple directory traversal vulnerabilities in Maia Mailguard
1.0.2 ...)
 	TODO: check
 CVE-2007-3619 (Directory traversal vulnerability in login.php in Maia Mailguard
1.0.2 ...)
-	TODO: check
+	NOT-FOR-US: Maia Mailguard
 CVE-2007-3618
 	RESERVED
 CVE-2007-3617 (The report module in vtiger CRM before 5.0.3 does not properly
apply ...)
-	TODO: check
+	NOT-FOR-US: vtiger CRM
 CVE-2007-3616 (index.php in vtiger CRM before 5.0.3 allows remote authenticated
users ...)
-	TODO: check
+	NOT-FOR-US: vtiger CRM
 CVE-2007-3615 (Internet Communication Manager (aka ICMAN.exe or ICM) in SAP
NetWeaver ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2007-3614 (Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP
DB ...)
 	TODO: check
 CVE-2007-3613 (Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in
SAP ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2007-3612 (Stack-based buffer overflow in Visual IRC (ViRC) 2.0 allows
remote IRC ...)
-	TODO: check
+	NOT-FOR-US: Visual IRC
 CVE-2007-3611 (admin.php in VRNews 1.1.1, and possibly other 1.x versions, does
not ...)
-	TODO: check
+	NOT-FOR-US: VRNews
 CVE-2007-3610 (SQL injection vulnerability in categories_type.php in phpVID
0.9.9 ...)
-	TODO: check
+	NOT-FOR-US: phpVID
 CVE-2007-3609 (Multiple SQL injection vulnerabilities in eMeeting Online Dating
...)
-	TODO: check
+	NOT-FOR-US: eMeeting
 CVE-2007-3608 (Multiple unspecified vulnerabilities in ActiveX controls in the
...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2007-3607 (Multiple unspecified vulnerabilities in ActiveX controls in the
...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2007-3606 (Heap-based buffer overflow in the rfcguisink.rfcguisink.1
ActiveX ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2007-3605 (Stack-based buffer overflow in the kweditcontrol.kwedit.1
ActiveX ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2007-3604 (vtiger CRM before 5.0.3 allows remote authenticated users with
access ...)
-	TODO: check
+	NOT-FOR-US: vtiger CRM
 CVE-2007-3603 (SQL injection vulnerability in the dashboard ...)
-	TODO: check
+	NOT-FOR-US: vtiger CRM
 CVE-2007-3602 (The SOAP webservice in vtiger CRM before 5.0.3 does not ensure
that ...)
-	TODO: check
+	NOT-FOR-US: vtiger CRM
 CVE-2007-3601 (vtiger CRM before 5.0.3, when a migrated build is used, allows
remote ...)
-	TODO: check
+	NOT-FOR-US: vtiger CRM
 CVE-2007-3600 (WordPlugin in the wordintegration component in vtiger CRM before
5.0.3 ...)
-	TODO: check
+	NOT-FOR-US: vtiger CRM
 CVE-2007-3599 (vtiger CRM before 5.0.3 allows remote authenticated users to
import ...)
-	TODO: check
+	NOT-FOR-US: vtiger CRM
 CVE-2007-3598 (index.php in vtiger CRM before 5.0.3 allows remote authenticated
users ...)
-	TODO: check
+	NOT-FOR-US: vtiger CRM
 CVE-2007-3597 (Session fixation vulnerability in Zen Cart 1.3.7 and earlier
allows ...)
-	TODO: check
+	NOT-FOR-US: Zen Cart
 CVE-2007-3596 (inc/vul_check.inc in phpVideoPro before 0.8.8 permits
non-alphanumeric ...)
-	TODO: check
+	NOT-FOR-US: phpVideoPro
 CVE-2007-3595 (SQL injection vulnerability in include/get_userdata.php in ...)
-	TODO: check
+	NOT-FOR-US: PowerPhlogger
 CVE-2007-3594 (Multiple cross-site scripting (XSS) vulnerabilities in AdventNet
...)
-	TODO: check
+	NOT-FOR-US: ManageEngine OpManager
 CVE-2007-3593 (Multiple cross-site scripting (XSS) vulnerabilities in
ManageEngine ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine NetflowAnalyzer
 CVE-2007-3592 (PM.php in Elite Bulletin Board before 1.0.10 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Elite Bulletin Board
 CVE-2007-3591 (Unspecified vulnerability in Profile.php in Elite Bulletin Board
...)
-	TODO: check
+	NOT-FOR-US: Elite Bulletin Board
 CVE-2007-3590 (Cross-site scripting (XSS) vulnerability in visitenkarte.php in
b1gBB ...)
-	TODO: check
+	NOT-FOR-US: b1gBB
 CVE-2007-3589 (Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow
remote ...)
 	TODO: check
 CVE-2007-3588 (SQL injection vulnerability in reply.php in VBZooM 1.12 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: VBZooM
 CVE-2007-3587 (MyCMS 0.9.8 and earlier allows remote attackers to gain
privileges via ...)
-	TODO: check
+	NOT-FOR-US: MyCMS
 CVE-2007-3586 (Multiple direct static code injection vulnerabilities in MyCMS
0.9.8 ...)
-	TODO: check
+	NOT-FOR-US: MyCMS
 CVE-2007-3585 (PHP remote file inclusion vulnerability in games.php in MyCMS
0.9.8 ...)
-	TODO: check
+	NOT-FOR-US: MyCMS
 CVE-2007-3584 (SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i
and ...)
-	TODO: check
+	NOT-FOR-US: PNphpBB2
 CVE-2007-3583 (SQL injection vulnerability in details_news.php in Girlserv ads
1.5 ...)
-	TODO: check
+	NOT-FOR-US: Girlserv ads
 CVE-2007-3582 (SQL injection vulnerability in index.php in SuperCali PHP Event
...)
-	TODO: check
+	NOT-FOR-US: SuperCali PHP Event Calendar
 CVE-2007-3581 (The Jedox Palo 1.5 client transmits the password in cleartext,
which ...)
-	TODO: check
+	NOT-FOR-US: Jedox
 CVE-2007-3580 (PHPIDS does not properly handle certain code containing
newlines, as ...)
 	TODO: check
 CVE-2007-3579 (PHPIDS before 20070703 does not properly handle setting the
.text ...)
-	TODO: check
+	NOT-FOR-US: PHPIDS
 CVE-2007-3578 (PHPIDS before 20070703 does not properly handle (1) arithmetic
...)
-	TODO: check
+	NOT-FOR-US: PHPIDS
 CVE-2007-3577 (PHPIDS before 20070703 does not properly handle use of the
substr ...)
-	TODO: check
+	NOT-FOR-US: PHPIDS
 CVE-2007-3576 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2007-3575 (SQL injection vulnerability in includes/functions in
FreeDomain.co.nr ...)
-	TODO: check
+	NOT-FOR-US: FreeDomain.co.nr Clone
 CVE-2007-3574 (Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi
on ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2007-3573 (Multiple SQL injection vulnerabilities in akocomment allow
remote ...)
-	TODO: check
+	NOT-FOR-US: AkoComment
 CVE-2007-3572 (Incomplete blacklist vulnerability in cgi-bin/runDiagnostics.cgi
in ...)
-	TODO: check
+	NOT-FOR-US: Yoggie
 CVE-2007-3571 (The Apache Web Server as used in Novell NetWare 6.5 and
GroupWise ...)
-	TODO: check
+	NOT-FOR-US: Novell
 CVE-2007-3570 (The Linux Access Gateway in Novell Access Manager before 3.0 SP1
...)
-	TODO: check
+	NOT-FOR-US: Novell
 CVE-2007-3569 (Multiple cross-site scripting (XSS) vulnerabilities in Oliver
Library ...)
-	TODO: check
+	NOT-FOR-US: Oliver Library Management System
 CVE-2007-3568 (The _LoadBMP function in imlib 1.9.15 and earlier allows ...)
 	TODO: check
 CVE-2007-3567 (MySQLDumper 1.21b through 1.23 REV227 uses a &quot;Limit
GET&quot; statement in ...)
-	TODO: check
+	NOT-FOR-US: MysqlDumper
 CVE-2007-3566 (Stack-based buffer overflow in the database service
(ibserver.exe) in ...)
 	TODO: check
 CVE-2007-3565
@@ -1184,103 +1184,103 @@
 	{DSA-1333-1}
 	- curl <unfixed> (low)
 CVE-2007-3563 (SQL injection vulnerability in includes/view_page.php in AV
Arcade ...)
-	TODO: check
+	NOT-FOR-US: AV Arcade
 CVE-2007-3562 (SQL injection vulnerability in videos.php in PHP Director 0.21
and ...)
-	TODO: check
+	NOT-FOR-US: PHP Director
 CVE-2007-3561 (Cross-site scripting (XSS) vulnerability in ara.asp in Efendy
Blog 1.0 ...)
-	TODO: check
+	NOT-FOR-US: Efendy Blog
 CVE-2007-3560 (Multiple unspecified vulnerabilities in Esqlanelapse before 2.6
have ...)
-	TODO: check
+	NOT-FOR-US: Esqlanelapse
 CVE-2007-3559 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2007-3558 (SQL injection vulnerability in Coppermine Photo Gallery (CPG)
before ...)
-	TODO: check
+	NOT-FOR-US: Coppermine Photo Gallery
 CVE-2007-3557 (SQL injection vulnerability in admin/login.php in Wheatblog (wB)
1.1, ...)
 	TODO: check
 CVE-2007-3556 (Liesbeth base CMS stores sensitive information under the web
root with ...)
-	TODO: check
+	NOT-FOR-US: Liesbeth
 CVE-2007-3555 (Cross-site scripting (XSS) vulnerability in index.php in Moodle
1.7.1 ...)
 	TODO: check
 CVE-2007-3554 (Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX
control ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2007-3553 (Cross-site scripting (XSS) vulnerability in Rapid Install Web
Server ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2007-3552 (Multiple unspecified vulnerabilities in bbs100 before 3.2 allow
remote ...)
-	TODO: check
+	NOT-FOR-US: bbs100
 CVE-2007-3551 (Buffer overflow in bbs100 before 3.2 allows remote attackers to
cause ...)
-	TODO: check
+	NOT-FOR-US: bbs100
 CVE-2007-3550 (Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers
to ...)
 	TODO: check
 CVE-2007-3549 (SQL injection vulnerability in view_sub_cat.php in Buddy Zone
1.5 ...)
-	TODO: check
+	NOT-FOR-US: Buddy Zone
 CVE-2007-3548 (Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP
servers ...)
-	TODO: check
+	NOT-FOR-US: W3Filer
 CVE-2007-3547 (Directory traversal vulnerability in qti_checkname.php in
QuickTicket ...)
-	TODO: check
+	NOT-FOR-US: QuickTicket
 CVE-2007-3546 (Cross-site scripting (XSS) vulnerability in the Windows GUI in
Nessus ...)
-	TODO: check
+	NOT-FOR-US: Nessus Windows GUI
 CVE-2007-3545 (Buffer overflow in Warzone 2100 Resurrection before 2.0.7 allows
...)
-	TODO: check
+	NOT-FOR-US: Warzone
 CVE-2007-3544 (Unrestricted file upload vulnerability in (1) wp-app.php and (2)
...)
 	TODO: check
 CVE-2007-3543 (Unrestricted file upload vulnerability in WordPress before 2.2.1
and ...)
 	TODO: check
 CVE-2007-3542 (Cross-site scripting (XSS) vulnerability in admin/auth.php in
Pluxml ...)
-	TODO: check
+	NOT-FOR-US: Pluxml
 CVE-2007-3541 (Cross-site scripting (XSS) vulnerability in Kurinton sHTTPd
20070408 ...)
-	TODO: check
+	NOT-FOR-US: Kurinton sHTTPd
 CVE-2007-3540 (Multiple cross-site scripting (XSS) vulnerabilities in
search.asp in ...)
-	TODO: check
+	NOT-FOR-US: rwAuction
 CVE-2007-3539 (Multiple SQL injection vulnerabilities in QuickTicket 1.2 ...)
-	TODO: check
+	NOT-FOR-US: QuickTicket
 CVE-2007-3538 (SQL injection vulnerability in qtg_msg_view.php in QuickTalk
guestbook ...)
-	TODO: check
+	NOT-FOR-US: QuickTalk
 CVE-2007-3537 (IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines
sends ...)
-	TODO: check
+	NOT-FOR-US: IBM OS/400
 CVE-2007-3536 (Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc)
ActiveX ...)
-	TODO: check
+	NOT-FOR-US: AMX NetLinx VNC
 CVE-2007-3535 (Multiple directory traversal vulnerabilities in GL-SH Deaf Forum
6.4.4 ...)
-	TODO: check
+	NOT-FOR-US: GL-SH Deaf Forum
 CVE-2007-3534 (SQL injection vulnerability in login.php in WebChat 0.78 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: WebChat
 CVE-2007-3533 (The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote
...)
-	TODO: check
+	NOT-FOR-US: 3Com
 CVE-2007-3532 (nvidia-drivers before 1.0.7185, 1.0.9639, and 100.14.11, as used
in ...)
 	TODO: check
 CVE-2007-3531 (The set_default_speeds function in backend/backend.c in NVidia
NVClock ...)
 	TODO: check
 CVE-2007-3530 (PHPDirector 0.21 and earlier stores the admin account name and
...)
-	TODO: check
+	NOT-FOR-US: PHPDirector
 CVE-2007-3529 (videos.php in PHPDirector 0.21 and earlier allows remote
attackers to ...)
-	TODO: check
+	NOT-FOR-US: PHPDirector
 CVE-2007-3528 (The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC
...)
 	TODO: check
 CVE-2007-3527 (Integer overflow in Firebird 2.0.0 allows remote authenticated
users ...)
 	TODO: check
 CVE-2007-3526 (Multiple SQL injection vulnerabilities in Buddy Zone 1.5 and
earlier ...)
-	TODO: check
+	NOT-FOR-US: Buddy Zone
 CVE-2007-3525 (Ripe Website Manager 0.8.9 and earlier allows remote attackers
to ...)
 	TODO: check
 CVE-2007-3524 (Multiple PHP remote file inclusion vulnerabilities in Ripe
Website ...)
-	TODO: check
+	NOT-FOR-US: Ripe Website Manager
 CVE-2007-3523 (Multiple directory traversal vulnerabilities in
Module/Galerie.php in ...)
-	TODO: check
+	NOT-FOR-US: XCMS
 CVE-2007-3522 (Multiple PHP remote file inclusion vulnerabilities in sPHPell
1.01 ...)
-	TODO: check
+	NOT-FOR-US: sPHPell
 CVE-2007-3521 (SQL injection vulnerability in ArcadeBuilder Game Portal Manager
1.7 ...)
-	TODO: check
+	NOT-FOR-US: ArcadeBuilder Game Portal Manager
 CVE-2007-3520 (SQL injection vulnerability in process.php in Easybe 1-2-3 Music
Store ...)
-	TODO: check
+	NOT-FOR-US: Easybe
 CVE-2007-3519 (SQL injection vulnerability in eventdisplay.php in
phpEventCalendar ...)
-	TODO: check
+	NOT-FOR-US: phpEventCalendar
 CVE-2007-3518 (SQL injection vulnerability in msg.php in HispaH YouTube Clone
Script ...)
-	TODO: check
+	NOT-FOR-US: HispaH YouTube Clone Script
 CVE-2007-3517 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline
1.8.3 ...)
-	TODO: check
+	NOT-FOR-US: Claroline
 CVE-2007-3516 (Multiple cross-site scripting (XSS) vulnerabilities in kayit.asp
in ...)
 	TODO: check
 CVE-2007-3515 (SQL injection vulnerability in view_event.php in TotalCalendar
2.402 ...)
-	TODO: check
+	NOT-FOR-US: TotalCalendar
 CVE-2006-7220 (Unspecified vulnerability in SAP SAPLPD and SAPSPRINT allows
remote ...)
 	TODO: check
 CVE-2006-7219 (eZ publish before 3.8.5 does not properly enforce permissions
for ...)
@@ -1334,7 +1334,7 @@
 CVE-2007-3510
 	RESERVED
 CVE-2007-3509 (Heap-based buffer overflow in the RPC subsystem in Symantec
Backup ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2007-3508 (** DISPUTED ** ...)
 	- glibc 2.6-2 (unimportant; bug #431858)
 	NOTE: Not security-relevant
@@ -1770,7 +1770,7 @@
 CVE-2007-3334 (Multiple heap-based buffer overflows in the (1) Communications
Server ...)
 	NOT-FOR-US: Ingres
 CVE-2007-3333 (Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and
5.2.0 ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-3332 (Directory traversal vulnerability in Satellite.php in Satel Lite
for ...)
 	NOT-FOR-US: Satel Lite for PhpNuke
 CVE-2007-3331 (Cross-site request forgery (CSRF) vulnerability in STphp
EasyNews PRO ...)
@@ -1845,7 +1845,7 @@
 	- apache2 <unfixed> (unimportant)
 	NOTE: If you can execute arbitrary code, a DoS is not a problem.
 CVE-2007-3302 (The CallCode ActiveX control in caller.dll 3.0 before 20070713,
and ...)
-	TODO: check
+	NOT-FOR-US: CA
 CVE-2007-3301 (SQL injection vulnerability in forum/include/error/autherror.cfm
in ...)
 	NOT-FOR-US: FuseTalk
 CVE-2007-3300 (Multiple F-Secure anti-virus products for Microsoft Windows and
Linux ...)
@@ -1917,7 +1917,7 @@
 CVE-2007-3269 (Multiple cross-site scripting (XSS) vulnerabilities in Papoo
Light 3.6 ...)
 	NOT-FOR-US: Papoo Light
 CVE-2007-3268 (The TFTP implementation in IBM Tivoli Provisioning Manager for
OS ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli Provisioning Manager
 CVE-2007-3267 (Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime
Forum ...)
 	NOT-FOR-US: Fuzzylime Forum
 CVE-2007-3266 (Directory traversal vulnerability in webif.cgi in ifnet WEBIF
allows ...)
@@ -2483,7 +2483,7 @@
 CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7
allows ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-3026 (Integer overflow in Panda Software AdminSecure allows remote
attackers ...)
-	TODO: check
+	NOT-FOR-US: Panda
 CVE-2007-3025 (Unspecified vulnerability in libclamav/phishcheck.c in ClamAV
before ...)
 	- clamav <not-affected> (Solaris-specific bug)
 CVE-2007-3024 (libclamav/others.c in ClamAV before 0.90.3 and 0.91 before
0.91rc1 ...)
@@ -2654,7 +2654,7 @@
 CVE-2007-2951 (The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in
KVIrc ...)
 	- kvirc <unfixed> (bug #434419; medium)
 CVE-2007-2950 (Centennial Discovery 2006 Feature Pack 1, which is used by (1)
Numara ...)
-	TODO: check
+	NOT-FOR-US: Centennial
 CVE-2007-2949 (Integer overflow in the seek_to_and_unpack_pixeldata function in
the ...)
 	{DSA-1335-1}
 	- gimp 2.2.16-1 (medium)
@@ -5419,11 +5419,11 @@
 CVE-2007-1757
 	RESERVED
 CVE-2007-1756 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and
Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2007-1755
 	RESERVED
 CVE-2007-1754 (PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly
clear ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2007-1753
 	RESERVED
 CVE-2007-1752
@@ -9965,7 +9965,7 @@
 CVE-2007-0061
 	RESERVED
 CVE-2007-0060 (Stack-based buffer overflow in the Message Queuing Server
(Cam.exe) in ...)
-	TODO: check
+	NOT-FOR-US: CA
 CVE-2007-0059 (Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3
...)
 	NOT-FOR-US: Apple Quicktime
 CVE-2007-0058 (Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through
3.6.1.1 ...)
@@ -10129,13 +10129,13 @@
 CVE-2007-0044 (Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox,
Internet ...)
 	NOT-FOR-US: Adobe Acrobat Reader Plugin
 CVE-2007-0043 (The Just In Time (JIT) Compiler service in Microsoft .NET
Framework ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET
 CVE-2007-0042 (ASP.NET in Microsoft .NET Framework 2.0 SP2 and earlier for
Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET
 CVE-2007-0041 (The PE Loader service in Microsoft .NET Framework 2.0 SP2 and
earlier ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET
 CVE-2007-0040 (The LDAP service in Windows Active Directory in Microsoft
Windows 2000 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2007-0039 (The Exchange Collaboration Data Objects (EXCDO) functionality in
...)
 	NOT-FOR-US: Microsoft
 CVE-2007-0038 (Stack-based buffer overflow in the animated cursor code in
Microsoft ...)
Secure testing commits - Aug 2007 - r6232 - data/CVE

[Secure-testing-commits] r6232 - data/CVE
