joeyh at alioth.debian.org
2007-Dec-13 21:14 UTC
[Secure-testing-commits] r7610 - data/CVE
Author: joeyh Date: 2007-12-13 21:14:11 +0000 (Thu, 13 Dec 2007) New Revision: 7610 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-12-13 09:49:59 UTC (rev 7609) +++ data/CVE/list 2007-12-13 21:14:11 UTC (rev 7610) @@ -1,3 +1,17 @@ +CVE-2007-6320 (Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does ...) + TODO: check +CVE-2007-6319 + RESERVED +CVE-2007-6318 (SQL injection vulnerability in wp-includes/query.php in WordPress ...) + TODO: check +CVE-2007-6317 (Multiple directory traversal vulnerabilities in BarracudaDrive Web ...) + TODO: check +CVE-2007-6316 (Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server ...) + TODO: check +CVE-2007-6315 (Group Chat in BarracudaDrive Web Server before 3.8 allows remote ...) + TODO: check +CVE-2007-6314 (BarracudaDrive Web Server before 3.8 allows remote attackers to read ...) + TODO: check CVE-2007-6313 RESERVED CVE-2007-6312 (Cross-site scripting (XSS) vulnerability in the logon page in Web ...) @@ -16,7 +30,7 @@ - libjfreechart-java <unfixed> (low; bug #456148) CVE-2007-6305 (Multiple unspecified vulnerabilities in IBM Hardware Management ...) NOT-FOR-US: IBM Hardware Management Console -CVE-2007-6302 (Unspecified vulnerability in Novell NetMail 3.5.2 before Messaging ...) +CVE-2007-6302 (Multiple heap-based buffer overflows in avirus.exe in Novell NetMail ...) NOT-FOR-US: Novell NetMail CVE-2007-6301 (Cross-site scripting (XSS) vulnerability in compose.php in ...) NOT-FOR-US: OpenNewsletter @@ -67,7 +81,7 @@ CVE-2007-6299 (Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x ...) - drupal5 5.5-1 - drupal 4.7.10-1 -CVE-2007-6321 [Roundcube webmail does not sanitize javascript expression calls in stylesheets] +CVE-2007-6321 (Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, ...) - roundcube <unfixed> (low; bug #455840) NOTE: http://seclists.org/bugtraq/2007/Dec/0107.html CVE-2007-6280 @@ -2159,7 +2173,7 @@ NOT-FOR-US: Miranda CVE-2007-5588 (Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 ...) - mnogosearch 3.3.4-4.1 (low; bug #447753) -CVE-2007-5587 (Buffer overflow in Macrovision SafeDisc secdrv.sys, as shipped in ...) +CVE-2007-5587 (Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as ...) NOT-FOR-US: Microsoft Windows CVE-2007-5586 REJECTED @@ -3052,22 +3066,22 @@ RESERVED CVE-2007-5352 RESERVED -CVE-2007-5351 - RESERVED -CVE-2007-5350 - RESERVED +CVE-2007-5351 (Unspecified vulnerability in Server Message Block Version 2 (SMBv2) ...) + TODO: check +CVE-2007-5350 (Unspecified vulnerability in the Windows Advanced Local Procedure Call ...) + TODO: check CVE-2007-5349 RESERVED CVE-2007-5348 RESERVED -CVE-2007-5347 - RESERVED +CVE-2007-5347 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to ...) + TODO: check CVE-2007-5346 RESERVED CVE-2007-5345 RESERVED -CVE-2007-5344 - RESERVED +CVE-2007-5344 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to ...) + TODO: check CVE-2007-5343 RESERVED CVE-2007-5342 @@ -6552,12 +6566,12 @@ - zoph 0.7.0.2-1 (bug #435711) CVE-2007-3904 RESERVED -CVE-2007-3903 - RESERVED -CVE-2007-3902 - RESERVED -CVE-2007-3901 - RESERVED +CVE-2007-3903 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to ...) + TODO: check +CVE-2007-3902 (Microsoft Internet Explorer 5.01 through 7 allows remote attackers to ...) + TODO: check +CVE-2007-3901 (Unspecified vulnerability in Microsoft DirectShow in Microsoft DirectX ...) + TODO: check CVE-2007-3900 RESERVED CVE-2007-3899 (Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, ...) @@ -6568,8 +6582,8 @@ NOT-FOR-US: Outlook Express CVE-2007-3896 (The URL handling in Shell32.dll in the Windows shell in Microsoft ...) NOT-FOR-US: Windows -CVE-2007-3895 - RESERVED +CVE-2007-3895 (Unspecified vulnerability in Microsoft DirectShow in Microsoft DirectX ...) + TODO: check CVE-2007-3894 RESERVED CVE-2007-3893 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 through ...) @@ -8691,8 +8705,8 @@ NOT-FOR-US: Microsoft CVE-2007-3040 (Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft ...) NOT-FOR-US: Windows -CVE-2007-3039 - RESERVED +CVE-2007-3039 (Buffer overflow in the Microsoft Message Queuing (MSMQ) service in ...) + TODO: check CVE-2007-3038 (The Teredo interface in Microsoft Windows Vista and Vista x64 Edition ...) NOT-FOR-US: Microsoft CVE-2007-3037 (Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote ...) @@ -16269,8 +16283,8 @@ RESERVED CVE-2007-0065 RESERVED -CVE-2007-0064 - RESERVED +CVE-2007-0064 (Unspecified vulnerability in Windows Media Format Runtime 7.1, 9, 9.5, ...) + TODO: check CVE-2007-0063 (Integer underflow in the DHCP server in EMC VMware Workstation before ...) - vmware-package 0.16 CVE-2007-0062 (Integer overflow in the DHCP server in EMC VMware Workstation before ...)