Author: nion Date: 2007-12-21 11:33:38 +0000 (Fri, 21 Dec 2007) New Revision: 7668 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-12-21 09:14:11 UTC (rev 7667) +++ data/CVE/list 2007-12-21 11:33:38 UTC (rev 7668) @@ -1,109 +1,110 @@ CVE-2007-6507 (SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, ...) - TODO: check + NOT-FOR-US: Trend Micro ServerProtect CVE-2007-6506 (The HPRulesEngine.ContentCollection.1 ActiveX Control in ...) - TODO: check + NOT-FOR-US: HP Software Update CVE-2007-6505 (Solaris 9, with Solaris Auditing enabled and certain patches for sshd ...) - TODO: check + NOT-FOR-US: Solaris CVE-2007-6504 (Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1 ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6503 (Multiple unspecified vulnerabilities in Hosting Controller 6.1 Hot fix ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6502 (Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6501 (Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6500 (Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6499 (Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6498 (Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6497 (Hosting Controller 6.1 Hot fix 3.3 and earlier (1) allows remote ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6496 (Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6495 (inc_newuser.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6494 (Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2007-6493 (The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and ...) - TODO: check + NOT-FOR-US: iMesh CVE-2007-6492 (The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and ...) - TODO: check + NOT-FOR-US: iMesh CVE-2007-6491 (Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS ...) - TODO: check + NOT-FOR-US: Kvaliitti WebDoc CMS CVE-2007-6490 (Cross-site request forgery (CSRF) vulnerability in Falcon Series One ...) - TODO: check + NOT-FOR-US: Falcon Series One CMS CVE-2007-6489 (Multiple cross-site scripting (XSS) vulnerabilities in Falcon Series ...) - TODO: check + NOT-FOR-US: Falcon Series One CMS CVE-2007-6488 (Multiple PHP remote file inclusion vulnerabilities in Falcon Series ...) - TODO: check + NOT-FOR-US: Falcon Series One CMS CVE-2007-6487 (Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 ...) - TODO: check + NOT-FOR-US: Plain Black WebGUI CVE-2007-6486 (Multiple cross-site scripting (XSS) vulnerabilities in shout.php (aka ...) - TODO: check + NOT-FOR-US: LineShout CVE-2007-6485 (Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 ...) - TODO: check + NOT-FOR-US: Centreon CVE-2007-6484 (SQL injection vulnerability in index.php in phpRPG 0.8 allows remote ...) - TODO: check + NOT-FOR-US: phpRPG CVE-2007-6483 (Directory traversal vulnerability in SafeNet Sentinel Protection ...) - TODO: check + NOT-FOR-US: SafeNet Sentinel Protection and Keys Server CVE-2007-6482 (Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in ...) - TODO: check + NOT-FOR-US: utdevmgrd in Sun Ray Server Software CVE-2007-6481 (Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in ...) - TODO: check + NOT-FOR-US: utdevmgrd in Sun Ray Server Software CVE-2007-6480 (The Oracle database component in Sun Management Center (Sun MC) 3.6.1, ...) - TODO: check + NOT-FOR-US: Oracle database component in Sun Management Center CVE-2007-6479 (Unrestricted file upload vulnerability in the "My productions" ...) - TODO: check + NOT-FOR-US: Dokeos CVE-2007-6478 (Stack-based buffer overflow in Rosoft Media Player 4.1.7 allows remote ...) - TODO: check + NOT-FOR-US: Rosoft Media Player CVE-2007-6477 (Cross-site scripting (XSS) vulnerability in the on-line help feature ...) - TODO: check + NOT-FOR-US: Citrix Web Interface and NFuse CVE-2007-6476 (GF-3XPLORER 2.4 allows remote attackers to obtain configuration ...) - TODO: check + NOT-FOR-US: GF-3XPLORER CVE-2007-6475 (Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow ...) - TODO: check + NOT-FOR-US: GF-3XPLORER CVE-2007-6474 (Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 ...) - TODO: check + NOT-FOR-US: GF-3XPLORER CVE-2007-6473 (Heap-based buffer overflow in Texas Imperial Software WFTPD Pro ...) - TODO: check + NOT-FOR-US: WFTPD Explorer Pro CVE-2007-6472 (Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 ...) - TODO: check + NOT-FOR-US: phpMyRealty CVE-2007-6471 (Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on ...) - TODO: check + NOT-FOR-US: phPay CVE-2007-6470 (phpRPG 0.8 stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: phpRPG CVE-2007-6469 (SQL injection vulnerability in index.php in phpRPG 0.8, when ...) - TODO: check + NOT-FOR-US: phpRPG CVE-2007-6468 (Buffer overflow in the HuffDecode function in ...) - TODO: check + NOT-FOR-US: Hammer of Thyrion CVE-2007-6467 (SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows ...) - TODO: check + NOT-FOR-US: MKPortal CVE-2007-6466 (Multiple SQL injection vulnerabilities in index.php in FreeWebshop ...) - TODO: check + NOT-FOR-US: FreeWebshop CVE-2007-6465 (Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in ...) - TODO: check + - ganglia-monitor-core <not-affected> (ganglia web-frontend not included) CVE-2007-6464 (Multiple PHP remote file inclusion vulnerabilities in Form tools ...) - TODO: check + NOT-FOR-US: Form tools CVE-2007-6463 (Multiple cross-site scripting (XSS) vulnerabilities in the admin panel ...) - TODO: check + NOT-FOR-US: PHP Real Estate Classifieds CVE-2007-6462 (SQL injection vulnerability in fullnews.php in PHP Real Estate ...) - TODO: check + NOT-FOR-US: PHP Real Estate Classifieds CVE-2007-6461 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: Flyspray CVE-2007-6460 (Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy ...) - TODO: check + NOT-FOR-US: Anon Proxy Server CVE-2007-6459 (Anon Proxy Server 0.100, and probably 0.101, allows remote attackers ...) - TODO: check + NOT-FOR-US: Anon Proxy Server CVE-2007-6458 (SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 ...) - TODO: check + NOT-FOR-US: 123tkShop CVE-2007-6457 (Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 ...) - TODO: check + NOT-FOR-US: NetWin SurgeMail 38k4 CVE-2007-6456 (Unspecified vulnerability in OpenOffice.org code in Planamesa ...) TODO: check CVE-2007-6455 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: Mambo + NOTE: Mambo is in experimental CVE-2007-6454 (Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp ...) TODO: check CVE-2007-6453 (Directory traversal vulnerability in raidenhttpd-admin/workspace.php ...)