thr3ads.net - Secure testing commits - [Secure-testing-commits] r6501

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2007-Sep-04 21:14 UTC
[Secure-testing-commits] r6501 - data/CVE

Author: joeyh
Date: 2007-09-04 21:14:07 +0000 (Tue, 04 Sep 2007)
New Revision: 6501

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-09-04 21:12:49 UTC (rev 6500)
+++ data/CVE/list	2007-09-04 21:14:07 UTC (rev 6501)
@@ -1,3 +1,41 @@
+CVE-2007-4649 (MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1,
and ...)
+	TODO: check
+CVE-2007-4648 (The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses
weak ...)
+	TODO: check
+CVE-2007-4647 (newswire/uploadmedia.cgi in 2coolcode Our Space (Ourspace) 2.0.9
...)
+	TODO: check
+CVE-2007-4646 (Buffer overflow in the pop3 service in Hexamail Server 3.0.0.001
Lite ...)
+	TODO: check
+CVE-2007-4645 (SQL injection vulnerability in index.php in NMDeluxe 2.0.0
allows ...)
+	TODO: check
+CVE-2007-4644 (Format string vulnerability in the Cl_GetPackets function in
cl_main.c ...)
+	TODO: check
+CVE-2007-4643 (Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and
earlier ...)
+	TODO: check
+CVE-2007-4642 (Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1
and ...)
+	TODO: check
+CVE-2007-4641 (Directory traversal vulnerability in index.php in Pakupaku CMS
0.4 and ...)
+	TODO: check
+CVE-2007-4640 (Unrestricted file upload vulnerability in index.php in Pakupaku
CMS ...)
+	TODO: check
+CVE-2007-4639 (EnterpriseDB Advanced Server 8.2 does not properly handle
certain ...)
+	TODO: check
+CVE-2007-4638 (Blizzard Entertainment StarCraft Brood War 1.15.1 and earlier
allows ...)
+	TODO: check
+CVE-2007-4637 (xGB.php in xGB 2.0 does not require authentication for an admin
edit ...)
+	TODO: check
+CVE-2007-4636 (Multiple PHP remote file inclusion vulnerabilities in phpBG
0.9.1 ...)
+	TODO: check
+CVE-2007-4635 (Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers
to ...)
+	TODO: check
+CVE-2007-4634 (Multiple SQL injection vulnerabilities in Cisco CallManager and
...)
+	TODO: check
+CVE-2007-4633 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco
...)
+	TODO: check
+CVE-2007-4632 (Cisco IOS 12.2E, 12.2F, and 12.2S places a &quot;no
login&quot; line into the ...)
+	TODO: check
+CVE-2007-4631 (The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6
and ...)
+	TODO: check
 CVE-2007-XXXX [maradns DoS]
 	- maradns 1.2.12.08-1
 	NOTE: http://marc.info/?l=maradns-list&m=118842373527534&w=2
@@ -111,7 +149,8 @@
 	[sarge] - tcp-wrappers <not-affected> (Vulnerability was introduced in
-10)
 CVE-2007-4580 (Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5
allows ...)
 	NOT-FOR-US: BufferZone (Windows)
-CVE-2007-4579 (Heap-based buffer overflow in Microsoft MSN Messenger 7.x and
Live ...)
+CVE-2007-4579
+	REJECTED
 	NOT-FOR-US: MSN
 CVE-2007-4578 (Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0
allows ...)
 	NOT-FOR-US: Sophos
@@ -256,8 +295,8 @@
 	RESERVED
 CVE-2007-4516
 	RESERVED
-CVE-2007-4515
-	RESERVED
+CVE-2007-4515 (Buffer overflow in a certain ActiveX control in YVerInfo.dll
before ...)
+	TODO: check
 CVE-2007-4514
 	RESERVED
 CVE-2007-4513
@@ -1381,6 +1420,7 @@
 	RESERVED
 CVE-2007-3999 [buffer overflow in RPC library]
 	RESERVED
+	{DSA-1368-1 DSA-1367-1}
 	- librpcsecgss <unfixed>
 	- krb5 <unfixed>
 CVE-2007-3998
@@ -1562,6 +1602,7 @@
 CVE-2007-3913
 	RESERVED
 CVE-2007-3912 [debian-goodies checkrestart missing shell metachar escaping]
+	RESERVED
 	- debian-goodies 0.34 (bug #440411; medium)
 CVE-2007-3911 (Multiple heap-based buffer overflows in (1) clsscheduler.exe
(aka ...)
 	NOT-FOR-US: BakBone NetVault Reporter
@@ -3842,8 +3883,8 @@
 	NOT-FOR-US: Qtpfsgui and pfstools
 CVE-2007-2955 (Multiple unspecified &quot;input validation error&quot;
vulnerabilities in ...)
 	NOT-FOR-US: Norton Antivirus/Internet Security/System Works
-CVE-2007-2954
-	RESERVED
+CVE-2007-2954 (Multiple stack-based buffer overflows in the Spooler service
...)
+	TODO: check
 CVE-2007-2953 (Format string vulnerability in the helptags_one function in ...)
 	{DSA-1364-1}
 	- vim 1:7.1-056+1 (low)
@@ -3893,8 +3934,8 @@
 	NOT-FOR-US: Phil-a-Form
 CVE-2007-2932 (Cross-site scripting (XSS) vulnerability in index.php in
BoastMachine ...)
 	NOT-FOR-US: BoastMachine
-CVE-2007-2931
-	RESERVED
+CVE-2007-2931 (Heap-based buffer overflow in Microsoft MSN Messenger 7.x and
Live ...)
+	TODO: check
 CVE-2007-2930
 	RESERVED
 CVE-2007-2929 (The IBM Lenovo Access Support acpRunner ActiveX control, as ...)
@@ -6960,6 +7001,7 @@
 CVE-2007-1615 (SQL injection vulnerability in index.php in ScriptMagix Jokes
2.0 and ...)
 	NOT-FOR-US: ScriptMagix
 CVE-2007-1614 (Stack-based buffer overflow in the zzip_open_shared_io function
in ...)
+	{DTSA-56-1}
 	- zziplib 0.13.49-0 (bug #436701; low)
 	[etch] - zziplib <no-dsa> (Minor issue)
 	NOTE:
http://www.securitylab.ru/forum/read.php?FID=21&TID=40858&MID=326187#message326187
Secure testing commits - Sep 2007 - r6501 - data/CVE

[Secure-testing-commits] r6501 - data/CVE
