thr3ads.net - Secure testing commits - [Secure-testing-commits] r6449

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2007-Aug-31 09:14 UTC
[Secure-testing-commits] r6449 - data/CVE

Author: joeyh
Date: 2007-08-31 09:14:08 +0000 (Fri, 31 Aug 2007)
New Revision: 6449

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-08-30 21:58:57 UTC (rev 6448)
+++ data/CVE/list	2007-08-31 09:14:08 UTC (rev 6449)
@@ -1,4 +1,102 @@
-CVE-2007-4601 (A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11
does ...)
+CVE-2007-4630 (Cross-site scripting (XSS) vulnerability in xlaapmview.asp in
Absolute ...)
+	TODO: check
+CVE-2007-4629 (Buffer overflow in the processLine funtion in maptemplate.c in
...)
+	TODO: check
+CVE-2007-4628 (SQL injection vulnerability in shownews.php in phpns 1.1 allows
remote ...)
+	TODO: check
+CVE-2007-4627 (SQL injection vulnerability in index.php in ABC eStore 3.0
allows ...)
+	TODO: check
+CVE-2007-4626 (Unspecified vulnerability in Polipo before 1.0.2 allows remote
...)
+	TODO: check
+CVE-2007-4625 (Polipo before 1.0.2 allows remote HTTP servers to cause a denial
of ...)
+	TODO: check
+CVE-2007-4624 (Cross-site scripting (XSS) vulnerability in pframe.php in
AbleDesign ...)
+	TODO: check
+CVE-2007-4623
+	RESERVED
+CVE-2007-4622
+	RESERVED
+CVE-2007-4621
+	RESERVED
+CVE-2007-4620
+	RESERVED
+CVE-2007-4619
+	RESERVED
+CVE-2007-4618 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold
through SP7 ...)
+	TODO: check
+CVE-2007-4617 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold
through SP7, ...)
+	TODO: check
+CVE-2007-4616 (The SSL server implementation in BEA WebLogic Server 7.0 Gold
through ...)
+	TODO: check
+CVE-2007-4615 (The SSL client implementation in BEA WebLogic Server 7.0 SP7,
8.1 SP2 ...)
+	TODO: check
+CVE-2007-4614 (BEA WebLogic Server 9.1 does not properly handle propagation of
an ...)
+	TODO: check
+CVE-2007-4613 (SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0
Gold ...)
+	TODO: check
+CVE-2007-4612 (CRLF injection vulnerability in contact.php in Moonware (aka
Dale ...)
+	TODO: check
+CVE-2007-4611 (SQL injection vulnerability in viewevent.php in Moonware (aka
Dale ...)
+	TODO: check
+CVE-2007-4610 (Unrestricted file upload vulnerability in config/upload.php in
...)
+	TODO: check
+CVE-2007-4609 (eyeOS uses predictable checksum values in the checknum parameter
for ...)
+	TODO: check
+CVE-2007-4608 (PHP remote file inclusion vulnerability in protection.php in
...)
+	TODO: check
+CVE-2007-4607 (Buffer overflow in the EasyMailSMTPObj ActiveX control in
emsmtp.dll ...)
+	TODO: check
+CVE-2007-4606 (PHP remote file inclusion vulnerability in
convert/mvcw_conver.php in ...)
+	TODO: check
+CVE-2007-4605 (PHP remote file inclusion vulnerability in convert/mvcw.php in
Virtual ...)
+	TODO: check
+CVE-2007-4604 (SQL injection vulnerability in viewitem.php in DL PayCart 1.01
allows ...)
+	TODO: check
+CVE-2007-4603 (Multiple SQL injection vulnerabilities in index.php in ACG News
1.0 ...)
+	TODO: check
+CVE-2007-4602 (SQL injection vulnerability in cms/revert-content.php in Implied
by ...)
+	TODO: check
+CVE-2007-4600
+	RESERVED
+CVE-2007-4599
+	RESERVED
+CVE-2007-4598 (IBM SurePOS 500 has (1) a default password of
&quot;12345&quot; for the manager ...)
+	TODO: check
+CVE-2007-4597 (SQL injection vulnerability in index.php in TurnkeyWebTools
SunShop ...)
+	TODO: check
+CVE-2007-4596 (The perl extension in PHP does not follow safe_mode
restrictions, ...)
+	TODO: check
+CVE-2007-4595 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12
allows ...)
+	TODO: check
+CVE-2007-4594 (Entrust Entelligence Security Provider (ESP) 8 does not properly
...)
+	TODO: check
+CVE-2007-4593 (Unspecified vulnerability in vstor2-ws60.sys in VMWare
Workstation 6.0 ...)
+	TODO: check
+CVE-2007-4592
+	RESERVED
+CVE-2007-4591 (vstor-ws60.sys in VMWare Workstation 6.0 allows local users to
cause a ...)
+	TODO: check
+CVE-2007-4590 (The get_system_info command in Ignite-UX C.7.0 through C.7.3,
and ...)
+	TODO: check
+CVE-2007-4589 (Multiple cross-site scripting (XSS) vulnerabilities in InterWorx
...)
+	TODO: check
+CVE-2007-4588 (Multiple cross-site scripting (XSS) vulnerabilities in InterWorx
...)
+	TODO: check
+CVE-2007-4587 (Cross-site scripting (XSS) vulnerability in Easy Software
Cafeteria ...)
+	TODO: check
+CVE-2007-4586 (Multiple buffer overflows in php_iisfunc.dll in the iisfunc
extension ...)
+	TODO: check
+CVE-2007-4585 (Directory traversal vulnerability in activateuser.php in
2532|Gigs ...)
+	TODO: check
+CVE-2007-4584 (Stack-based buffer overflow in BitchX 1.1 Final allows remote
IRC ...)
+	TODO: check
+CVE-2007-4583 (Multiple absolute path traversal vulnerabilities in the ...)
+	TODO: check
+CVE-2007-4582 (Buffer overflow in the nvUnifiedControl.AUnifiedControl.1
ActiveX ...)
+	TODO: check
+CVE-2007-4581 (SQL injection vulnerability in acrotxt.php in WBB2-Addon:
Acrotxt 1 ...)
+	TODO: check
+CVE-2007-4601 (A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11
does not ...)
 	- tcp-wrappers 7.6.dbs-12 (bug #405342; medium)
 CVE-2007-4580 (Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5
allows ...)
 	NOT-FOR-US: BufferZone (Windows)
@@ -46,7 +144,8 @@
 	- python2.3 <removed>
 	- python2.4 <unfixed> (bug #440097)
 	- python2.5 <unfixed> (bug #440099)
-CVE-2007-4558 (Directory traversal vulnerability in extract.c in star before
1.5a84 ...)
+CVE-2007-4558
+	REJECTED
 	- star <unfixed> (bug #440100)
 CVE-2007-4557 (Cross-site scripting (XSS) vulnerability in the webacc servlet
in ...)
 	NOT-FOR-US: Novell
@@ -242,8 +341,8 @@
 	RESERVED
 CVE-2007-4468
 	RESERVED
-CVE-2007-4467
-	RESERVED
+CVE-2007-4467 (Multiple stack-based buffer overflows in the Oracle JInitiator
ActiveX ...)
+	TODO: check
 CVE-2007-4466
 	RESERVED
 CVE-2006-7222 (Buffer overflow in the CFLICStream::_deltachunk function in ...)
@@ -306,7 +405,7 @@
 	NOT-FOR-US: Unreal on Windows
 CVE-2007-4441 (Buffer overflow in php_win32std.dll in the win32std extension
for PHP ...)
 	- php5 <not-affected> (Windows-specific)
-CVE-2007-4440 (Stack-based buffer overflow in the SMTP server in Mercury Mail
...)
+CVE-2007-4440 (Stack-based buffer overflow in the MercuryS SMTP server in
Mercury ...)
 	NOT-FOR-US: Mercury mail system
 CVE-2007-4439 (PHP remote file inclusion vulnerability in popup_window.php in
...)
 	NOT-FOR-US: Squirrelcart
@@ -790,10 +889,10 @@
 	RESERVED
 CVE-2007-4222
 	RESERVED
-CVE-2007-4221
-	RESERVED
-CVE-2007-4220
-	RESERVED
+CVE-2007-4221 (Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5
for ...)
+	TODO: check
+CVE-2007-4220 (Directory traversal vulnerability in Motorola Timbuktu Pro
before ...)
+	TODO: check
 CVE-2007-4219 (Integer overflow in the RPCFN_SYNC_TASK function in
StRpcSrv.dll, as ...)
 	TODO: check
 CVE-2007-4218 (Multiple buffer overflows in the ServerProtect service
(SpntSvc.exe) ...)
@@ -970,12 +1069,12 @@
 	RESERVED
 CVE-2007-4135
 	RESERVED
-CVE-2007-4134
-	RESERVED
+CVE-2007-4134 (Directory traversal vulnerability in extract.c in star before
1.5a84 ...)
+	TODO: check
 CVE-2007-4133
 	RESERVED
-CVE-2007-4132
-	RESERVED
+CVE-2007-4132 (Unspecified vulnerability in Red Hat Network Satellite Server
5.0.0 ...)
+	TODO: check
 CVE-2007-4131 (Directory traversal vulnerability in the contains_dot_dot
function in ...)
 	- tar <unfixed> (high; bug #439335)
 CVE-2007-4130
Secure testing commits - Aug 2007 - r6449 - data/CVE

[Secure-testing-commits] r6449 - data/CVE
