thr3ads.net - Secure testing commits - [Secure-testing-commits] r7296

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2007-Nov-13 21:14 UTC
[Secure-testing-commits] r7296 - data/CVE

Author: joeyh
Date: 2007-11-13 21:14:11 +0000 (Tue, 13 Nov 2007)
New Revision: 7296

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-11-13 16:08:57 UTC (rev 7295)
+++ data/CVE/list	2007-11-13 21:14:11 UTC (rev 7296)
@@ -1,3 +1,67 @@
+CVE-2007-5932 (Multiple cross-site scripting (XSS) vulnerabilities in Fatwire
Content ...)
+	TODO: check
+CVE-2007-5931 (The reDirect function in lib/controllers/RepViewController.php
in ...)
+	TODO: check
+CVE-2007-5930 (Cross-site scripting (XSS) vulnerability in the web interface in
...)
+	TODO: check
+CVE-2007-5929 (Buffer overflow in OpenBase 10.0.5 and earlier might allow
remote ...)
+	TODO: check
+CVE-2007-5928 (OpenBase 10.0.5 and earlier allows remote authenticated users to
...)
+	TODO: check
+CVE-2007-5927 (Directory traversal vulnerability in OpenBase 10.0.5 and earlier
...)
+	TODO: check
+CVE-2007-5926 (OpenBase 10.0.5 and earlier allows remote authenticated users to
...)
+	TODO: check
+CVE-2007-5925 (The convert_search_mode_to_innobase function in ha_innodb.cc in
the ...)
+	TODO: check
+CVE-2007-5924 (Cross-site scripting (XSS) vulnerability in the Web Server
(HTTP) task ...)
+	TODO: check
+CVE-2007-5923 (Cross-site scripting (XSS) vulnerability in
forms/smpwservices.fcc in ...)
+	TODO: check
+CVE-2007-5922 (The modules/mdop.m in the Cypress 1.0k script for BitchX, as
...)
+	TODO: check
+CVE-2007-5921 (Unspecified vulnerability in the ioctl interface in the Solaris
Volume ...)
+	TODO: check
+CVE-2007-5920 (index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows
remote ...)
+	TODO: check
+CVE-2007-5919 (MyWebFTP stores sensitive information under the web root with
...)
+	TODO: check
+CVE-2007-5918 (Cross-site request forgery (CSRF) vulnerability in edit.php in
the MS ...)
+	TODO: check
+CVE-2007-5917 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
+CVE-2007-5916 (SQL injection vulnerability in the login page in phphelpdesk
0.6.16 ...)
+	TODO: check
+CVE-2007-5915 (Directory traversal vulnerability in index.php in phphelpdesk
0.6.16 ...)
+	TODO: check
+CVE-2007-5914 (Direct static code injection vulnerability in ...)
+	TODO: check
+CVE-2007-5913 (dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier
does not ...)
+	TODO: check
+CVE-2007-5912 (SQL injection vulnerability in mailer.php in jPORTAL 2 allows
remote ...)
+	TODO: check
+CVE-2007-5911 (Multiple stack-based buffer overflows in the AxMetaStream
ActiveX ...)
+	TODO: check
+CVE-2007-5910 (Stack-based buffer overflow in Autonomy (formerly Verity)
KeyView ...)
+	TODO: check
+CVE-2007-5909 (Multiple stack-based buffer overflows in Autonomy (formerly
Verity) ...)
+	TODO: check
+CVE-2007-5908 (Buffer overflow in the (1) sysfs_show_available_clocksources and
(2) ...)
+	TODO: check
+CVE-2007-5907 (Xen 3.1.1 does not prevent modification of the CR4 TSC from ...)
+	TODO: check
+CVE-2007-5906 (Xen 3.1.1 allows virtual guest system users to cause a denial of
...)
+	TODO: check
+CVE-2007-5905
+	RESERVED
+CVE-2007-5904 (Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and
...)
+	TODO: check
+CVE-2007-5903
+	RESERVED
+CVE-2007-5902
+	RESERVED
+CVE-2007-5901
+	RESERVED
 CVE-2007-XXXX [Incorrect input from client can lead to remote DoS in pioneers
server]
 	- pioneers <unfixed> (bug #449541)
 CVE-2007-5900
@@ -480,7 +544,7 @@
 CVE-2002-2365 (Simple WAIS (SWAIS) 1.11 allows remote attackers to execute
arbitrary ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2007-5740 (The format string protection mechanism in IMAPD for Perdition
Mail ...)
-	{DSA-1398-1}
+	{DSA-1398-1 DTSA-84-1}
 	- perdition 1.17.1-1 (medium; bug #448853)
 CVE-2007-5751 (Liferea before 1.4.6 uses weak permissions (0644) for the ...)
 	- liferea 1.4.6-1 (low; bug #448850)
@@ -1732,7 +1796,7 @@
 	NOTE: CVE-2007-5414, mailed mitre
 CVE-2007-5414 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox
before ...)
 	- iceweasel 2.0+dfsg-1
-CVE-2007-5413 (Unspecified vulnerability in httpd.tkd in HP OpenView
Configuration ...)
+CVE-2007-5413 (httpd.tkd in Radia Integration Server in Hewlett-Packard (HP)
OpenView ...)
 	NOT-FOR-US: HP OpenView
 CVE-2007-5412 (Multiple PHP remote file inclusion vulnerabilities in the
Quoc-Huy MP3 ...)
 	NOT-FOR-US: Joomla! extension
@@ -1766,8 +1830,8 @@
 	RESERVED
 CVE-2007-5397
 	RESERVED
-CVE-2007-5396
-	RESERVED
+CVE-2007-5396 (Format string vulnerability in the ext_yahoo_contact_added
function in ...)
+	TODO: check
 CVE-2007-5395 (Stack-based buffer overflow in the separate_word function in
...)
 	- link-grammar 4.2.5-1 (medium; bug #450695)
 CVE-2007-5394
@@ -3955,8 +4019,8 @@
 	NOTE: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
 	NOTE:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
 	NOTE: very easy to exploit locally
-CVE-2007-4570
-	RESERVED
+CVE-2007-4570 (Algorithmic complexity vulnerability in the MCS translation
daemon in ...)
+	TODO: check
 CVE-2007-4569 (backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when
autologin is ...)
 	{DSA-1376-1 DTSA-60-1}
 	- kdebase 4:3.5.7-4
Secure testing commits - Nov 2007 - r7296 - data/CVE

[Secure-testing-commits] r7296 - data/CVE
