Author: fw
Date: 2007-06-16 09:51:35 +0000 (Sat, 16 Jun 2007)
New Revision: 6006
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-06-16 09:50:54 UTC (rev 6005)
+++ data/CVE/list 2007-06-16 09:51:35 UTC (rev 6006)
@@ -70,19 +70,19 @@
- glpi <unfixed> (bug #429192)
- wordpress <unfixed> (bug #429194)
CVE-2007-3214 (SQL injection vulnerability in style.php in e-Vision CMS 2.02
and ...)
- TODO: check
+ NOT-FOR-US: e-Vision CMS
CVE-2007-3213 (Multiple cross-site scripting (XSS) vulnerabilities in
comments.cgi in ...)
- TODO: check
+ NOT-FOR-US: Sporum Forum
CVE-2007-3212 (Multiple cross-site scripting (XSS) vulnerabilities in
links.php in ...)
- TODO: check
+ NOT-FOR-US: Beehive Forum
CVE-2007-3211 (Cross-site scripting (XSS) vulnerability in 404.php in Domain
...)
- TODO: check
+ NOT-FOR-US: Domain Technologie Control (DTC)
CVE-2007-3210 (Stack-based buffer overflow in nptoken.mox in the Cellosoft
Tokens ...)
- TODO: check
+ NOT-FOR-US: Cellosoft Tokens Object
CVE-2007-3209 (Mail Notification 4.0, when WITH_SSL is set to 0 at compile
time, uses ...)
- mail-notification <unfixed> (low; bug #429200)
CVE-2007-3208 (CRLF injection vulnerability in Yet another Bulletin Board
(YaBB) 2.1 ...)
- TODO: check
+ NOT-FOR-US: YaBB
CVE-2007-3207
RESERVED
CVE-2007-3206
@@ -91,47 +91,47 @@
- php4 <unfixed> (low)
- php5 <unfixed> (low)
CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network
...)
- TODO: check
+ NOT-FOR-US: Just For Fun Network Management System (JFFNMS)
CVE-2007-3203 (Stack-based buffer overflow in smtpdll.dll in the SMTP service
in ...)
- TODO: check
+ NOT-FOR-US: 602Pro LAN SUITE
CVE-2007-3202 (Cross-site scripting (XSS) vulnerability in the rich text
editor in ...)
- TODO: check
+ NOT-FOR-US: Webwiz
CVE-2007-3201 (Visual truncation vulnerability in Windows Privacy Tray (WinPT)
1.2.0 ...)
- TODO: check
+ NOT-FOR-US: Windows Privacy Tray (WinPT)
CVE-2007-3200 (NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2
and ...)
- TODO: check
+ NOT-FOR-US: Novell
CVE-2007-3199 (Unrestricted file upload vulnerability in Link Request Contact
Form ...)
- TODO: check
+ NOT-FOR-US: Link Request Contact Form
CVE-2007-3198 (Cross-site scripting (XSS) vulnerability in comments.php in
Maran PHP ...)
- TODO: check
+ NOT-FOR-US: Maran PHP Blog
CVE-2007-3197 (SQL injection vulnerability in vBSupport.php in vBSupport 1.1
before ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2007-3196 (SQL injection vulnerability in vBSupport.php in vSupport
Integrated ...)
- TODO: check
+ NOT-FOR-US: VBulletin
CVE-2007-3195 (Cross-site scripting (XSS) vulnerability in index.php in ERFAN
WIKI ...)
- TODO: check
+ NOT-FOR-US: ERFAN WIKI
CVE-2007-3194 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: myBloggie
CVE-2007-3193 (lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the ...)
- phpwiki <unfixed> (low; bug #429201)
CVE-2007-3192 (admin/setup.php in Just For Fun Network Management System
(JFFNMS) ...)
- TODO: check
+ NOT-FOR-US: Just For Fun Network Management System (JFFNMS)
CVE-2007-3191 (Just For Fun Network Management System (JFFNMS) 0.8.3 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Just For Fun Network Management System (JFFNMS)
CVE-2007-3190 (Multiple SQL injection vulnerabilities in auth.php in Just For
Fun ...)
- TODO: check
+ NOT-FOR-US: Just For Fun Network Management System (JFFNMS)
CVE-2007-3189 (Cross-site scripting (XSS) vulnerability in auth.php in Just
For Fun ...)
- TODO: check
+ NOT-FOR-US: Just For Fun Network Management System (JFFNMS)
CVE-2007-3188 (SQL injection vulnerability in down_indir.asp in Fullaspsite
GeometriX ...)
- TODO: check
+ NOT-FOR-US: Fullaspsite GeometriX Download Portal
CVE-2007-3187 (Multiple unspecified vulnerabilities in Apple Safari for
Windows allow ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2007-3186 (Apple Safari Beta 3.0.1 for Windows allows remote attackers to
execute ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2007-3185 (Apple Safari Beta 3.0.1 for Windows public beta allows remote
...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2007-3184 (Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS
X, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-3183
RESERVED
CVE-2007-3182
@@ -139,39 +139,39 @@
CVE-2007-3181 (Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1
allows ...)
TODO: check
CVE-2007-3180 (Buffer overflow in Help and Support Center before 4.4 C on HP
Windows ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2007-3179 (Multiple SQL injection vulnerabilities in archives.php in
Particle ...)
- TODO: check
+ NOT-FOR-US: Particle Blogger
CVE-2007-3178 (Multiple SQL injection vulnerabilities in Zindizayn Okul Web
Sistemi ...)
- TODO: check
+ NOT-FOR-US: Sistemi
CVE-2007-3177 (Ingate Firewall and SIParator before 4.5.2 allow remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Ingate Firewall / SIParator
CVE-2007-3176 (Unspecified vulnerability in Ingate Firewall and SIParator
before ...)
- TODO: check
+ NOT-FOR-US: Ingate Firewall / SIParator
CVE-2007-3175 (Multiple SQL injection vulnerabilities in W2B Online Banking
allow ...)
- TODO: check
+ NOT-FOR-US: W2B Online Banking
CVE-2007-3174 (Cross-site scripting (XSS) vulnerability in auth.w2b in W2B
Online ...)
- TODO: check
+ NOT-FOR-US: W2B Online Banking
CVE-2007-3173 (Almnzm allows remote attackers to obtain sensitive information
via an ...)
- TODO: check
+ NOT-FOR-US: Almnzm
CVE-2007-3172 (Directory traversal vulnerability in demo/pop3/error.php in
Uebimiau ...)
- TODO: check
+ NOT-FOR-US: UebiMiau
CVE-2007-3171 (Uebimiau Webmail allows remote attackers to obtain sensitive
...)
- TODO: check
+ NOT-FOR-US: UebiMiau
CVE-2007-3170 (Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau
...)
- TODO: check
+ NOT-FOR-US: Uebimiau
CVE-2007-3169 (Buffer overflow in a certain ActiveX control in the EDraw
Office ...)
- TODO: check
+ NOT-FOR-US: EDraw Office Viewer Component
CVE-2007-3168 (A certain ActiveX control in the EDraw Office Viewer Component
...)
- TODO: check
+ NOT-FOR-US: EDraw Office Viewer Component
CVE-2007-3167 (Stack-based buffer overflow in the Vivotek Motion Jpeg ActiveX
control ...)
- TODO: check
+ NOT-FOR-US: Vivotek
CVE-2007-3166 (Buffer overflow in Qualcomm Eudora 7.1.0.9 allows
user-assisted, ...)
- TODO: check
+ NOT-FOR-US: Qualcomm Eudora
CVE-2007-3165 (Tor before 0.1.2.14 can construct circuits in which an entry
guard is ...)
- tor 0.1.2.14-1 (medium)
CVE-2007-3164 (Microsoft Internet Explorer 7, when prompting for HTTP Basic
...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in
Frederico ...)
TODO: check
CVE-2007-3162 (Buffer overflow in the NotSafe function in the idaiehlp ActiveX
...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
