thr3ads.net - Secure testing commits - [Secure-testing-commits] r7259

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2007-Nov-09 21:14 UTC
[Secure-testing-commits] r7259 - data/CVE

Author: joeyh
Date: 2007-11-09 21:14:09 +0000 (Fri, 09 Nov 2007)
New Revision: 7259

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-11-09 14:56:32 UTC (rev 7258)
+++ data/CVE/list	2007-11-09 21:14:09 UTC (rev 7259)
@@ -1,3 +1,43 @@
+CVE-2007-5900
+	RESERVED
+CVE-2007-5899
+	RESERVED
+CVE-2007-5898
+	RESERVED
+CVE-2007-5897 (Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3,
9iR1, ...)
+	TODO: check
+CVE-2007-5896 (Mozilla Firefox 2.0.0.9 allows remote attackers to cause a
denial of ...)
+	TODO: check
+CVE-2007-5895
+	RESERVED
+CVE-2007-5894
+	RESERVED
+CVE-2006-7224 (Multiple integer overflows in Perl-Compatible Regular Expression
...)
+	TODO: check
+CVE-2004-2748 (viewreport.pl in NetIQ WebTrends Reporting Center Enterprise
Edition ...)
+	TODO: check
+CVE-2004-2747 (Directory traversal vulnerability in Pablo Software Solutions
Quick ''n ...)
+	TODO: check
+CVE-2004-2746 (SQL injection vulnerability in adminlogin.asp in XTREME ASP
Photo ...)
+	TODO: check
+CVE-2003-1536 (Multiple cross-site scripting (XSS) vulnerabilities in Codeworx
...)
+	TODO: check
+CVE-2003-1535 (Justice Guestbook 1.3 allows remote attackers to obtain the full
...)
+	TODO: check
+CVE-2003-1534 (Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice
...)
+	TODO: check
+CVE-2003-1533 (SQL injection vulnerability in accesscontrol.php in PhpPass 2
allows ...)
+	TODO: check
+CVE-2003-1532 (SQL injection vulnerability in compte.php in PhpMyShop 1.00
allows ...)
+	TODO: check
+CVE-2003-1531 (Cross-site scripting (XSS) vulnerability in testcgi.exe in
Lilikoi ...)
+	TODO: check
+CVE-2003-1530 (SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and
earlier ...)
+	TODO: check
+CVE-2003-1529 (Directory traversal vulnerability in Seagull Software Systems J
Walk ...)
+	TODO: check
+CVE-2003-1528 (nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users
to ...)
+	TODO: check
 CVE-2007-5893 (HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows
remote ...)
 	NOT-FOR-US: Sockets Library
 CVE-2007-5892 (Stack-based buffer overflow in the pdg2.dll ActiveX control in
...)
@@ -92,7 +132,7 @@
 	RESERVED
 CVE-2007-5847
 	RESERVED
-CVE-2007-5846 (The SNMP agent in net-snmp 5.4.1 and earlier allows remote
attackers ...)
+CVE-2007-5846 (The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows
remote ...)
 	- net-snmp 5.4.1~dfsg-1
 	NOTE: 5.4.1 already includes a fix by the upstream author
 CVE-2007-5845 (Directory traversal vulnerability in error.php in GuppY 4.6.3,
4.5.16, ...)
@@ -257,8 +297,8 @@
 	NOT-FOR-US: Globe7 soft phone client
 CVE-2007-5767 (Heap-based buffer overflow in the Client Trust application ...)
 	NOT-FOR-US: Geronimo Apache
-CVE-2007-5766
-	RESERVED
+CVE-2007-5766 (SQL injection vulnerability in okxLOV.jsp in Oracle E-Business
Suite ...)
+	TODO: check
 CVE-2007-5765
 	RESERVED
 CVE-2007-5764
@@ -1154,6 +1194,7 @@
 CVE-2003-1401 (login.php in php-Board 1.0 stores plaintext passwords in
$username.txt ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2007-5589 (Muliple cross-site scripting (XSS) vulnerabilities in phpMyAdmin
...)
+	{DSA-1403-1}
 	- phpmyadmin 4:2.11.1.2-1
 CVE-2007-5579 (login.php in Pligg CMS 9.5 uses a guessable confirmation code
when ...)
 	NOT-FOR-US: Pligg CMS
@@ -1872,6 +1913,7 @@
 CVE-2007-5387 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: Pindorama
 CVE-2007-5386 (Cross-site scripting (XSS) vulnerability in scripts/setup.php in
...)
+	{DSA-1403-1}
 	- phpmyadmin 4:2.11.1.2-1 (unimportant; bug #446451) 
 	[sarge] - phpmyadmin <not-affected> (vulnerable script not present)
 CVE-2007-5385 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
@@ -3738,6 +3780,7 @@
 CVE-2007-4651 (Unspecified vulnerability in Adobe Connect Enterprise Server 6
allows ...)
 	NOT-FOR-US: Adobe Connect Enterprise Server
 CVE-2007-4650 (Multiple unspecified vulnerabilities in Gallery before 2.2.3
allow ...)
+	{DSA-1404-1}
 	- gallery2 2.2.3-1
 	[etch] - gallery2 <unfixed> (bug #441407)
 	NOTE: does not affect gallery 1.x (package ''gallery'')
@@ -4043,8 +4086,8 @@
 	RESERVED
 CVE-2007-4518
 	RESERVED
-CVE-2007-4517
-	RESERVED
+CVE-2007-4517 (Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA
...)
+	TODO: check
 CVE-2007-4516
 	RESERVED
 CVE-2007-4515 (Buffer overflow in a certain ActiveX control in YVerInfo.dll
before ...)
Secure testing commits - Nov 2007 - r7259 - data/CVE

[Secure-testing-commits] r7259 - data/CVE
