Author: enerv-guest
Date: 2007-02-04 22:24:11 +0100 (Sun, 04 Feb 2007)
New Revision: 5411
Modified:
data/CVE/list
Log:
CVE-2007-0640 zabbix unfixed.
CVE-2007-0664 thttp nof-affected.
CVE-2007-0650 tetex-bin unfixed.
some NFUs.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-04 21:14:25 UTC (rev 5410)
+++ data/CVE/list 2007-02-04 21:24:11 UTC (rev 5411)
@@ -4,11 +4,11 @@
CVE-2007-XXXX [ejabberd unspecified vulnerability in mod_roster_odbc]
- ejabberd 1.1.2-5
CVE-2007-0688 (SQL injection vulnerability in oku.asp in Hunkaray Duyuru
Scripti ...)
- TODO: check
+ NOT-FOR-US: Hunkaray Duyuru Scripti
CVE-2007-0687 (SQL injection vulnerability in i-search.php in Michelle's L2J
Dropcalc ...)
- TODO: check
+ NOT-FOR-US: L2J Dropcalc
CVE-2007-0686 (The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9
(w29n51.sys) ...)
- TODO: check
+ NOT-FOR-US: Intel 2200BG Cards drive.
CVE-2007-0685 (Internet Explorer on Windows Mobile 5.0 and Windows Mobile 2003
and ...)
NOT-FOR-US: Internet Explorer
CVE-2007-0684 (PHP remote file inclusion vulnerability in portal.php in
Cerulean ...)
@@ -34,27 +34,28 @@
CVE-2007-0674 (Pictures and Videos on Windows Mobile 5.0 and Windows Mobile
2003 and ...)
NOT-FOR-US: Windows Mobile
CVE-2007-0673 (LGSERVER.EXE in BrightStor ARCserve Backup for Laptops &
Desktops ...)
- TODO: check
+ NOT-FOR-US: (CA) BrightStor
CVE-2007-0672 (LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: (CA) BrightStor
CVE-2007-0671 (Unspecified vulnerability in Microsoft Excel 2000, XP, and 2003
allows ...)
NOT-FOR-US: Microsoft Excel
CVE-2007-0670 (Buffer overflow in bos.rte.libc in IBM AIX 5.3 allows local
users to ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2007-0669
RESERVED
CVE-2007-0668 (The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local
users in ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris.
CVE-2007-0667 (Unspecified vulnerability in (1) LedgerSMB before 1.1.5 and (2)
...)
- TODO: check
+ - sql-ledger <unfixed> (bug #409703; )
CVE-2007-0666 (Ipswitch WS_FTP Server 5.04 allows attackers to execute
arbitrary code ...)
- TODO: check
+ NOT-FOR-US: WS_FTP Server
CVE-2007-0665 (Format string vulnerability in the SCP module in Ipswitch
WS_FTP 2007 ...)
- TODO: check
+ NOT-FOR-US: WS_FTP Server
CVE-2007-0664 (thttpd before 2.25b-r6 in Gentoo Linux is started from the
system root ...)
- TODO: check
+ - thttpd <not-affected>
+ NOTE: In accordance with Debian Policy is not possible start Webserver
in root directory (/).
CVE-2007-0663 (SQL injection vulnerability in index.php in Eclectic Designs
...)
- TODO: check
+ NOT-FOR-US: Eclectic Designs CascadianFAQ
CVE-2007-0662 (PHP remote file inclusion vulnerability in ...)
TODO: check
CVE-2007-0661 (Intel Enterprise Southbridge 2 Baseboard Management Controller
(BMC), ...)
@@ -80,29 +81,29 @@
CVE-2007-0651
RESERVED
CVE-2007-0650 (Buffer overflow in the open_sty function in mkind.c for
makeindex 2.14 ...)
- TODO: check
+ - tetex-bin <unfixed>
CVE-2007-0649 (Variable overwrite vulnerability in interface/globals.php in
OpenEMR ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2007-0648 (Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4,
with voice ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-0647 (Format string vulnerability in Help Viewer 3.0.0 allows remote
...)
- TODO: check
+ NOT-FOR-US: AppleKit
CVE-2007-0646 (Format string vulnerability in iMovie HD 6.0.3 allows remote
...)
- TODO: check
+ NOT-FOR-US: iMovie
CVE-2007-0645 (Format string vulnerability in iPhoto 6.0.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: iPhoto
CVE-2007-0644 (Format string vulnerability in Apple Safari 2.0.4 (419.3)
allows ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2007-0643 (Stack-based buffer overflow in Bloodshed Dev-C++ 4.9.9.2 allows
...)
- TODO: check
+ NOT-FOR-US: Bloodshed Dev-C++
CVE-2007-0642 (SQL injection vulnerability in tForum 2.00 in the Raymond
BERTHOU ...)
- TODO: check
+ NOT-FOR-US: Raymond BERTHOU script collection
CVE-2007-0641 (Buffer overflow in the EnumPrintersA function in dapcnfsd.dll
0.6.4.0 ...)
- TODO: check
+ NOT-FOR-US: Shaffer Solutions (SSC)
CVE-2007-0640 (Buffer overflow in ZABBIX before 1.1.5 has unknown impact and
attack ...)
- TODO: check
+ - zabbix <unfixed> (bug #409257)
CVE-2007-0639 (Multiple static code injection vulnerabilities in error.php in
GuppY ...)
- TODO: check
+ NOT-FOR-US: GuppY
CVE-2007-0638 (show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote
attackers ...)
TODO: check
CVE-2007-0637 (Directory traversal vulnerability in zd_numer.php in Galeria
Zdjec 3.0 ...)
@@ -110,9 +111,9 @@
CVE-2007-0636 (Unspecified vulnerability in inotify before 0.3.5 has unknown
impact ...)
TODO: check
CVE-2007-0635 (Multiple PHP remote file inclusion vulnerabilities in EncapsCMS
0.3.6 ...)
- TODO: check
+ NOT-FOR-US: EncapsCMS
CVE-2007-0634 (Unspecified vulnerability in Sun Solaris 10 before 20070130
allows ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2007-XXXX [kaya buffer overflow, cross-site scripting and data leak]
- kaya 0.2.0-6 (bug #409062)
CVE-2007-XXXX [file descriptor leak when a Compose file uses the "include"
directive]
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
