[Secure-testing-commits] r5921 - data/CVE

Fri, 25 May 2007 13:36:45 -0700 

Author: djoume-guest
Date: 2007-05-25 20:36:41 +0000 (Fri, 25 May 2007)
New Revision: 5921

Modified:
   data/CVE/list
Log:
- sun-java Image parser vulnerabilities
- NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-05-25 09:41:46 UTC (rev 5920)
+++ data/CVE/list       2007-05-25 20:36:41 UTC (rev 5921)
@@ -16,55 +16,58 @@
 CVE-2007-2794
        RESERVED
 CVE-2007-2793 (PHP remote file inclusion vulnerability in ImageImageMagick.php 
in ...)
-       TODO: check
+       - geeklog <itp> (bug #203818)
 CVE-2007-2792 (SQL injection vulnerability in index.php in the com_yanc 1.4 
beta ...)
-       TODO: check
+       NOT-FOR-US: com_yanc
+       NOTE: com_yanc component not in Mambo Debian package
 CVE-2007-2791 (Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 
UNIX ...)
-       TODO: check
+       NOT-FOR-US: HP Tru64
 CVE-2007-2790 (Cross-site scripting (XSS) vulnerability in shopcontent.asp in 
VP-ASP ...)
-       TODO: check
+       NOT-FOR-US: VP-ASP Shopping Cart
 CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before 
...)
-       TODO: check
+       - sun-java5 1.5.0-11-1 (medium)
+       - sun-java6 <unfixed> (bug #422403)
 CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in 
Sun Java ...)
-       TODO: check
+       - sun-java5 1.5.0-11-1 (medium)
+       - sun-java6 <unfixed> (bug #422403)
 CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the 
(1) ...)
-       TODO: check
+       NOT-FOR-US: LeadTools Raster Thumbnail Object Library
 CVE-2007-2786 (Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: ircd-ratbox
 CVE-2007-2785 (manage-admins.php in eSyndiCat Pro 1.x allows remote attackers 
to ...)
-       TODO: check
+       NOT-FOR-US: eSyndiCat Pro
 CVE-2007-2784 (Unspecified vulnerability in globus-job-manager in Globus 
Toolkit ...)
-       TODO: check
+       - globus <itp> (bug #142932)
 CVE-2007-2783 (Unspecified vulnerability in Rational Soft Hidden Administrator 
1.7 ...)
-       TODO: check
+       NOT-FOR-US: Rational Soft Hidden Administrator
 CVE-2007-2782 (Packeteer PacketShaper uses fixed increments in TCP initial 
sequence ...)
-       TODO: check
+       NOT-FOR-US: Packeteer PacketShaper
 CVE-2007-2781 (Cross-site scripting (XSS) vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: WikyBlog
 CVE-2007-2780 (PsychoStats 3.0.6b and earlier allows remote attackers to 
obtain ...)
-       TODO: check
+       NOT-FOR-US: PsychoStats
 CVE-2007-2779 (PHP remote file inclusion vulnerability in template_csv.php in 
...)
-       TODO: check
+       NOT-FOR-US: Libstats
 CVE-2007-2778 (Multiple directory traversal vulnerabilities in MolyX BOARD 
2.5.0 ...)
-       TODO: check
+       NOT-FOR-US: MolyX BOARD
 CVE-2007-2777 (Unrestricted file upload vulnerability in 
admin/addsptemplate.php in ...)
-       TODO: check
+       NOT-FOR-US: AlstraSoft Template Seller Pro
 CVE-2007-2776 (AlstraSoft Template Seller Pro 3.25 and earlier sends a 
redirect to ...)
-       TODO: check
+       NOT-FOR-US: AlstraSoft Template Seller Pro
 CVE-2007-2775 (AlstraSoft Live Support 1.21 sends a redirect to the web 
browser but ...)
-       TODO: check
+       NOT-FOR-US: AlstraSoft Live Support
 CVE-2007-2774 (Multiple PHP remote file inclusion vulnerabilities in SunLight 
CMS 5.3 ...)
-       TODO: check
+       NOT-FOR-US:  SunLight CMS
 CVE-2007-2773 (SQL injection vulnerability in 
plugins/mp3playlist/mp3playlist.php in ...)
-       TODO: check
+       NOT-FOR-US: Zomplog
 CVE-2007-2772 ((1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe 
(catirpc.dll and ...)
-       TODO: check
+       NOT-FOR-US: CA BrightStor Backup
 CVE-2007-2771 (Stack-based buffer overflow in the LEAD Technologies LeadTools 
JPEG ...)
-       TODO: check
+       NOT-FOR-US: LeadTools JPEG 2000
 CVE-2007-2770 (Stack-based buffer overflow in Eudora 7.1 allows user-assisted, 
remote ...)
-       TODO: check
+       NOT-FOR-US: Eudora
 CVE-2007-2769 (BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 does not 
properly ...)
-       TODO: check
+       NOT-FOR-US: OPeNDAP
 CVE-2007-2768 (OpenSSH, when using OPIE (One-Time Passwords in Everything) for 
PAM, ...)
        TODO: check
 CVE-2007-2767 (Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 
(Hydrax) ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to