Author: nion Date: 2007-09-27 22:55:24 +0000 (Thu, 27 Sep 2007) New Revision: 6730 Modified: data/CVE/list Log: CVE-2007-5105 fixed in wordpress 2.0.4-1 NFUs new issue: egroupware (CVE-2007-5091) CVE-2007-5087 kernel-image-2.4 was removed CVE-2002-2227 fixed in ssldump 0.9b3-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-09-27 22:28:12 UTC (rev 6729) +++ data/CVE/list 2007-09-27 22:55:24 UTC (rev 6730) @@ -19,47 +19,47 @@ CVE-2007-5106 (Cross-site scripting (XSS) vulnerability in wp-register.php in ...) - wordpress 2.0.2-1 (low) CVE-2007-5105 (Cross-site scripting (XSS) vulnerability in wp-register.php in ...) - TODO: check + - wordpress 2.0.4-1 (low) CVE-2007-5104 (SQL injection vulnerability in index.php in the Arcade module in bcoos ...) - TODO: check + NOT-FOR-US: bcoos CVE-2007-5103 (Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 ...) - TODO: check + NOT-FOR-US: Wordsmith CVE-2007-5102 (PHP remote file inclusion vulnerability in config.inc.php in Wordsmith ...) - TODO: check + NOT-FOR-US: Wordsmith CVE-2007-5101 (ChironFS before 1.0 RC7 sets user/group ownership to the mounter ...) - TODO: check + NOT-FOR-US: ChironFS CVE-2007-5100 (Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, ...) - TODO: check + NOT-FOR-US: phpBB plus (phpbb2 does not include this module) CVE-2007-5099 (PHP remote file inclusion vulnerability in show.php in David Watters ...) - TODO: check + NOT-FOR-US: helplink CVE-2007-5098 (Multiple PHP remote file inclusion vulnerabilities in DFD Cart 1.1.4 ...) - TODO: check + NOT-FOR-US: DFD Cart CVE-2007-5097 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Online Fantasy Football League CVE-2007-5096 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: guanxiCRM Business Solution CVE-2007-5095 (Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes ...) - TODO: check + NOT-FOR-US: Windows Media Player CVE-2007-5094 (Heap-based buffer overflow in iaspam.dll in the SMTP Server in ...) - TODO: check + NOT-FOR-US: Ipswitch IMail Server CVE-2007-5093 (The disconnect method in the Philips USB Webcam (pwc) driver in Linux ...) - TODO: check + NOT-FOR-US: Philips firmware CVE-2007-5092 (Directory traversal vulnerability in index.php in the Dance Music ...) - TODO: check + NOT-FOR-US: phpNuke module CVE-2007-5091 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare ...) - TODO: check + - egroupware <unfixed> (low; bug #444351) CVE-2007-5090 (Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a ...) - TODO: check + NOT-FOR-US: IBM Rational ClearQuest CVE-2007-5089 (PHP remote file inclusion vulnerability in php-inc/log.inc.php in ...) - TODO: check + NOT-FOR-US: Sklog CVE-2007-5088 (Cross-site scripting (XSS) vulnerability in search/cust_bill_event.cgi ...) - TODO: check + NOT-FOR-US: freeside CVE-2007-5087 (The ATM module in the Linux kernel before 2.4.35.3, when CLIP support ...) - TODO: check + - kernel-image-2.4 <removed> CVE-2007-5086 (Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not ...) - TODO: check + NOT-FOR-US: Kaspersky Anti-Virus and Internet Security 7.0 CVE-2007-5085 (Unspecified vulnerability in the management EJB (MEJB) in Apache ...) - TODO: check + NOT-FOR-US: Geronimo Apache CVE-2007-5084 RESERVED CVE-2007-5083 @@ -67,7 +67,7 @@ CVE-2007-5082 RESERVED CVE-2002-2227 (Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers ...) - TODO: check + - ssldump 0.9b3-1 (low) CVE-2007-5081 RESERVED CVE-2007-5080