thr3ads.net - Secure testing commits - [Secure-testing-commits] r7745

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2007-Dec-28 21:14 UTC
[Secure-testing-commits] r7745 - data/CVE

Author: joeyh
Date: 2007-12-28 21:14:13 +0000 (Fri, 28 Dec 2007)
New Revision: 7745

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-12-28 17:22:44 UTC (rev 7744)
+++ data/CVE/list	2007-12-28 21:14:13 UTC (rev 7745)
@@ -1,3 +1,83 @@
+CVE-2007-6564 (Cross-site scripting (XSS) vulnerability in admin.php in Limbo
CMS ...)
+	TODO: check
+CVE-2007-6563 (Heap-based buffer overflow in WinAce 2.65 and earlier, and
possibly ...)
+	TODO: check
+CVE-2007-6562 (Multiple stack-based buffer overflows in the use of FD_SET in
TCPreen ...)
+	TODO: check
+CVE-2007-6561 (Multiple stack-based buffer overflows in PDFLib allow
user-assisted ...)
+	TODO: check
+CVE-2007-6560 (Multiple cross-site scripting (XSS) vulnerabilities in Logaholic
allow ...)
+	TODO: check
+CVE-2007-6559 (Multiple SQL injection vulnerabilities in Logaholic allow remote
...)
+	TODO: check
+CVE-2007-6558 (TotalPlayer 3.0 allows user-assisted remote attackers to cause a
...)
+	TODO: check
+CVE-2007-6557 (Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow
remote ...)
+	TODO: check
+CVE-2007-6556 (Multiple SQL injection vulnerabilities in websihirbazi 5.1.1
allow ...)
+	TODO: check
+CVE-2007-6555 (PHP remote file inclusion vulnerability in
modules/mod_pxt_latest.php ...)
+	TODO: check
+CVE-2007-6554 (Multiple directory traversal vulnerabilities in TeamCal Pro
3.1.000 ...)
+	TODO: check
+CVE-2007-6553 (Multiple PHP remote file inclusion vulnerabilities in TeamCal
Pro ...)
+	TODO: check
+CVE-2007-6552 (Directory traversal vulnerability in index.php in AuraCMS 2.2
allows ...)
+	TODO: check
+CVE-2007-6551 (SQL injection vulnerability in showMsg.php in MailMachine Pro
2.2.4 ...)
+	TODO: check
+CVE-2007-6550 (form.php in PMOS Help Desk 2.4 and earlier sends a redirect to
the web ...)
+	TODO: check
+CVE-2007-6549 (Unspecified vulnerability in RunCMS before 1.6.1 has unknown
impact ...)
+	TODO: check
+CVE-2007-6548 (Multiple direct static code injection vulnerabilities in RunCMS
before ...)
+	TODO: check
+CVE-2007-6547 (RunCMS before 1.6.1 does not require entry of the old password
during ...)
+	TODO: check
+CVE-2007-6546 (RunCMS before 1.6.1 uses a predictable session id, which makes
it ...)
+	TODO: check
+CVE-2007-6545 (Multiple cross-site scripting (XSS) vulnerabilities in RunCMS
before ...)
+	TODO: check
+CVE-2007-6544 (Multiple SQL injection vulnerabilities in RunCMS before 1.6.1
allow ...)
+	TODO: check
+CVE-2007-6543 (SQL injection vulnerability in suggest-link.php in eSyndiCat
Link ...)
+	TODO: check
+CVE-2007-6542 (PHP remote file inclusion vulnerability in
admin/frontpage_right.php ...)
+	TODO: check
+CVE-2007-6541 (Multiple cross-site scripting (XSS) vulnerabilities in neuron
news 1.0 ...)
+	TODO: check
+CVE-2007-6540 (SQL injection vulnerability in neuron news 1.0 allows remote
attackers ...)
+	TODO: check
+CVE-2007-6539 (PHP local file inclusion vulnerability in index.php in IDevspot
...)
+	TODO: check
+CVE-2007-6538 (SQL injection vulnerability in
ing/blocks/mrbs/code/web/view_entry.php ...)
+	TODO: check
+CVE-2007-6537 (Stack-based buffer overflow in the zfile_gunzip function in
zfile.c in ...)
+	TODO: check
+CVE-2007-6536 (The Custom Button Installer dialog in Google Toolbar 4 and 5
beta ...)
+	TODO: check
+CVE-2007-6535 (Buffer overflow in the YShortcut ActiveX control in
YShortcut.dll ...)
+	TODO: check
+CVE-2007-6534 (Multiple unspecified vulnerabilities in Microsoft Office
Publisher ...)
+	TODO: check
+CVE-2007-6533 (Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows
...)
+	TODO: check
+CVE-2007-6532
+	RESERVED
+CVE-2007-6531
+	RESERVED
+CVE-2007-6530 (Buffer overflow in the XUpload.ocx ActiveX control in Persits
Software ...)
+	TODO: check
+CVE-2007-6529 (Multiple unspecified vulnerabilities in TikiWiki before 1.9.9
have ...)
+	TODO: check
+CVE-2007-6528 (Directory traversal vulnerability in tiki-listmovies.php in
TikiWiki ...)
+	TODO: check
+CVE-2007-6527 (uploadimg.php in the Automatic Image Upload with Thumbnails ...)
+	TODO: check
+CVE-2007-6526 (Cross-site scripting (XSS) vulnerability in
tiki-special_chars.php in ...)
+	TODO: check
+CVE-2007-6525 (Unspecified vulnerability in eClient in IBM DB2 Content Manager
(CM) ...)
+	TODO: check
 CVE-2007-6524 (Opera before 9.25 allows remote attackers to obtain potentially
...)
 	NOT-FOR-US: Opera
 CVE-2007-6523 (Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x
before ...)
@@ -163,6 +243,7 @@
 	NOT-FOR-US: Mambo
 	NOTE: Mambo is in experimental
 CVE-2007-6454 (Heap-based buffer overflow in the handshakeHTTP function in
servhs.cpp ...)
+	{DSA-1441-1}
 	- peercast 0.1218+svn20071220+2 (medium; bug #457300)
 CVE-2007-6453 (Directory traversal vulnerability in
raidenhttpd-admin/workspace.php ...)
 	NOT-FOR-US: RaidenHTTPD
@@ -391,6 +472,7 @@
 CVE-2007-6382 (The Event Dispatch Thread in Robocode before 1.5.1 allows remote
...)
 	NOT-FOR-US: Robocode
 CVE-2007-6381 (SQL injection vulnerability in the indexed_search system
extension in ...)
+	{DSA-1439-1}
 	- typo3-src 4.1.4-1 (low; bug #457446)
 	NOTE: you need to be a logged in backend user to exploit this
 CVE-2007-6380 (Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08,
and ...)
@@ -3627,8 +3709,8 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-5343
 	RESERVED
-CVE-2007-5342
-	RESERVED
+CVE-2007-5342 (The default catalina.policy in the JULI logging component in
Apache ...)
+	TODO: check
 CVE-2007-5341
 	RESERVED
 CVE-2007-5340 (Multiple vulnerabilities in the Javascript engine in Mozilla
Firefox ...)
@@ -4468,6 +4550,7 @@
 	- bugzilla <not-affected> (Vulnerable code not present in the version we
ship)
 	TODO: check when newer upstream version enters the pool (> 2.22.1-2.2)
 CVE-2007-5037 (Buffer overflow in the inotifytools_snprintf function in ...)
+	{DSA-1440-1}
 	- inotify-tools 3.11-1 (medium; bug #443913)
 CVE-2007-5036 (Multiple buffer overflows in the AirDefense Airsensor M520 with
...)
 	NOT-FOR-US: AirDefense firmware
@@ -5811,12 +5894,13 @@
 CVE-2007-4477 (The administration interface in the Planet VC-200M VDSL2 router
allows ...)
 	NOT-FOR-US: Planet VC-200M VDSL2 router
 CVE-2007-4476 (Buffer overflow in the safer_name_suffix function in GNU tar has
...)
+	{DSA-1438-1}
 	- tar 1.18-1 (low; bug #441444)
 	- cpio 2.9-5 (low; bug #449222)
 CVE-2007-4475
 	RESERVED
-CVE-2007-4474
-	RESERVED
+CVE-2007-4474 (Multiple stack-based buffer overflows in the IBM Lotus Domino
Web ...)
+	TODO: check
 CVE-2007-4473 (Gesytec Easylon OPC Server before 2.3.44 does not properly
validate ...)
 	NOT-FOR-US: Gesytec Easylon OPC Server
 CVE-2007-4472 (Multiple buffer overflows in the Broderbund Expressit
3DGreetings ...)
@@ -6606,6 +6690,7 @@
 CVE-2007-4132 (Unspecified vulnerability in Red Hat Network Satellite Server
5.0.0 ...)
 	NOT-FOR-US: Red Hat Satellite Server
 CVE-2007-4131 (Directory traversal vulnerability in the contains_dot_dot
function in ...)
+	{DSA-1438-1}
 	- tar 1.18-2 (medium; bug #439335)
 CVE-2007-4130
 	RESERVED
Secure testing commits - Dec 2007 - r7745 - data/CVE

[Secure-testing-commits] r7745 - data/CVE
