Author: nion Date: 2007-10-09 22:09:23 +0000 (Tue, 09 Oct 2007) New Revision: 6882 Modified: data/CVE/list Log: NFUs CVE-2007-5270 drupal not-affected CVE-2007-526[6-9] libpng not-affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-10-09 21:53:27 UTC (rev 6881) +++ data/CVE/list 2007-10-09 22:09:23 UTC (rev 6882) @@ -38,49 +38,55 @@ CVE-2007-5272 (SQL injection vulnerability in kategori.asp in Furkan Tastan Blog ...) NOT-FOR-US: Furkan Tastan Blog CVE-2007-5271 (Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS ...) - TODO: check + NOT-FOR-US: Trionic Cite CMS CVE-2007-5270 (Unspecified vulnerability in the Boost module before 4.7.x-1.0, and ...) - TODO: check + - drupal <not-affected> (does not ship this module) CVE-2007-5269 (Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 ...) - TODO: check + - libpng <not-affected> (vulnerable code not present in Debian version) CVE-2007-5268 (pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) ...) - TODO: check + - libpng <not-affected> (vulnerable code not present in Debian version) CVE-2007-5267 (Off-by-one error in ICC profile chunk handling in the png_set_iCCP ...) - TODO: check + - libpng <not-affected> (vulnerable code not present) + NOTE: the version in Debian does not use strncpy to copy the buffer so this off-by-one + NOTE: is not present in this old version. Instead it allocates space for strlen(name)+1 + NOTE: and uses strcpy(new_iccp_name, name) which is not nice but safe CVE-2007-5266 (Off-by-one error in ICC profile chunk handling in the png_set_iCCP ...) - TODO: check + - libpng <not-affected> (vulnerable code not present) + NOTE: the version in Debian does not use strncpy to copy the buffer so this off-by-one + NOTE: is not present in this old version. Instead it allocates space for strlen(name)+1 + NOTE: and uses strcpy(new_iccp_name, name) which is not nice but safe CVE-2007-5265 (Multiple format string vulnerabilities in websrv.cpp in Dawn of Time ...) - TODO: check + NOT-FOR-US: Dawn of Time CVE-2007-5264 (Battlefront Dropteam 1.3.3 and earlier sends the client''s online ...) - TODO: check + NOT-FOR-US: Battlefront CVE-2007-5263 (Multiple buffer overflows in Battlefront Dropteam 1.3.3 and earlier ...) - TODO: check + NOT-FOR-US: Battlefront CVE-2007-5262 (Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 ...) - TODO: check + NOT-FOR-US: Battlefront CVE-2004-2744 (Unspecified vulnerability in Tincan Limited PHPlist before 2.8.12 has ...) - TODO: check + NOT-FOR-US: Tincan Limited PHPlist CVE-2004-2743 (upload.cgi in Mega Upload Progress Bar before 1.45 allows remote ...) - TODO: check + NOT-FOR-US: Mega Upload Progress Bar CVE-2004-2742 (Cross-site scripting (XSS) vulnerability in the report viewer in ...) - TODO: check + NOT-FOR-US: Crystal Enterprise CVE-2004-2741 (Cross-site scripting (XSS) vulnerability in the "help window" ...) - TODO: check + - horde2 <removed> CVE-2004-2740 (PHP remote file inclusion vulnerability in authform.inc.php in ...) - TODO: check + NOT-FOR-US: PHProjekt CVE-2004-2739 (The setup routine (setup.php) in PHProjekt 4.2.1 and earlier allows ...) - TODO: check + NOT-FOR-US: PHProjekt CVE-2004-2738 (Cross-site scripting (XSS) vulnerability in check_user_id.php in ...) - TODO: check + NOT-FOR-US: Zero board CVE-2004-2737 (SQL injection vulnerability in problist.asp in NetSupport DNA HelpDesk ...) - TODO: check + NOT-FOR-US: NetSupport DNA HelpDesk CVE-2004-2736 (Polar HelpDesk 3.0 allows remote attackers to bypass authentication by ...) - TODO: check + NOT-FOR-US: Polar HelpDesk CVE-2004-2735 (Cross-site scripting (XSS) vulnerability in P4DB 2.01 and earlier ...) - TODO: check + NOT-FOR-US: P4DB CVE-2004-2734 (webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses ...) - TODO: check + NOT-FOR-US: Novell NetWare CVE-2004-2733 (Web Wiz Forums 7.7a uses invalid logic to determine user privileges, ...) - TODO: check + NOT-FOR-US: Web Wiz Forums CVE-2004-2732 (nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain ...) TODO: check CVE-2004-2731 (Multiple integer overflows in Sbus PROM driver ...) @@ -95,11 +101,6 @@ TODO: check CVE-2004-2726 (HTTPMail service in MailEnable Professional 1.18 does not properly ...) TODO: check -CVE-2007-XXXX - - libpng <not-affected> (vulnerable code not present) - NOTE: the version in Debian does not use strncpy to copy the buffer so this off-by-one - NOTE: is not present in this old version. Instead it allocates space for strlen(name)+1 - NOTE: and uses strcpy(new_iccp_name, name) which is not nice but safe CVE-2007-5261 (Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote ...) NOT-FOR-US: MultiCart CVE-2007-5260 (ASP-CMS 1.0 stores sensitive information under the web root with ...)