Author: micah
Date: 2007-06-25 07:35:56 +0000 (Mon, 25 Jun 2007)
New Revision: 6057
Modified:
data/CVE/list
Log:
bunch of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-06-25 04:02:13 UTC (rev 6056)
+++ data/CVE/list 2007-06-25 07:35:56 UTC (rev 6057)
@@ -8,85 +8,85 @@
CVE-2007-3370 (Multiple PHP remote file inclusion vulnerabilities in Sun Board
...)
TODO: check
CVE-2007-3369 (Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with
...)
- TODO: check
+ NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone
CVE-2007-3368 (Buffer overflow in the HTTP server on the Polycom SoundPoint IP
601 ...)
- TODO: check
+ NOT-FOR-US: Polycom SoundPoint IP 601 SIP phone
CVE-2007-3367 (Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x
before ...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2007-3366 (Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper
...)
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2007-3365 (MyServer 0.8.9 and earlier does not properly handle uppercase
...)
- TODO: check
+ NOT-FOR-US: MyServer
CVE-2007-3364 (Cross-site scripting (XSS) vulnerability in the
cgi-bin/post.mscgi ...)
- TODO: check
+ NOT-FOR-US: MyServer
CVE-2007-3363 (Multiple unspecified vulnerabilities in ageet AGEphone before
1.6.3 ...)
- TODO: check
+ NOT-FOR-US: AGEphone
CVE-2007-3362 (ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the
HTC ...)
- TODO: check
+ NOT-FOR-US: AGEphone
CVE-2007-3361 (The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015]
allows ...)
- TODO: check
+ NOT-FOR-US: Nortel PC Client SIP Soft Phone
CVE-2007-3360 (hook.c in BitchX 1.1-final allows remote IRC servers to execute
...)
TODO: check
CVE-2007-3359 (Multiple PHP remote file inclusion vulnerabilities in SerWeb
0.9.6 and ...)
- TODO: check
+ NOT-FOR-US: SerWeb
CVE-2007-3358 (PHP remote file inclusion vulnerability in html/load_lang.php
in ...)
- TODO: check
+ NOT-FOR-US: SerWeb
CVE-2007-3357 (NetClassifieds Premium Edition does not use encryption for (1)
stored ...)
- TODO: check
+ NOT-FOR-US: NetClassifieds Premium Edition
CVE-2007-3356 (NetClassifieds Premium Edition allows remote attackers to
obtain ...)
- TODO: check
+ NOT-FOR-US: NetClassifieds Premium Edition
CVE-2007-3355 (Multiple cross-site scripting (XSS) vulnerabilities in
NetClassifieds ...)
- TODO: check
+ NOT-FOR-US: NetClassifieds Premium Edition
CVE-2007-3354 (Multiple SQL injection vulnerabilities in NetClassifieds
Premium ...)
- TODO: check
+ NOT-FOR-US: NetClassifieds Premium Edition
CVE-2007-3353 (** DISPUTED ** ...)
TODO: check
CVE-2007-3352 (Cross-site scripting (XSS) vulnerability in the preview form in
...)
- TODO: check
+ NOT-FOR-US: Stephen Ostermiller Contact Form
CVE-2007-3351 (The SJPhone SIP soft phone 1.60.303c, when installed on the
Dell Axim ...)
TODO: check
CVE-2007-3350 (AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows
remote ...)
- TODO: check
+ NOT-FOR-US: AIM
CVE-2007-3349 (The Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot
version ...)
- TODO: check
+ NOT-FOR-US: Aastra 9112i SIP Phone
CVE-2007-3348 (The D-Link DPH-540/DPH-541 phone allows remote attackers to
cause a ...)
- TODO: check
+ NOT-FOR-US: D-Link DPH-540/DPH-541 phone
CVE-2007-3347 (The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages
that are ...)
- TODO: check
+ NOT-FOR-US: D-Link DPH-540/DPH-541 phone
CVE-2007-3346 (Directory traversal vulnerability in index.php in PHPAccounts
0.5 ...)
- TODO: check
+ NOT-FOR-US: PHPAccounts
CVE-2007-3345 (Multiple SQL injection vulnerabilities in index.php in
PHPAccounts 0.5 ...)
- TODO: check
+ NOT-FOR-US: PHPAccounts
CVE-2007-3344 (Multiple cross-site scripting (XSS) vulnerabilities in
netjukebox ...)
- TODO: check
+ NOT-FOR-US: netjukebox
CVE-2007-3343 (Cross-site scripting (XSS) vulnerability in RaidenHTTPD before
2.0.14 ...)
- TODO: check
+ NOT-FOR-US: RaidenHTTPD
CVE-2007-3342 (Multiple cross-site scripting (XSS) vulnerabilities in Movable
Type ...)
TODO: check
CVE-2007-3341 (Unspecified vulnerability in the FTP implementation in
Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2007-3340 (HTTP SERVER 1.6.2 allows remote attackers to cause a denial of
service ...)
TODO: check
CVE-2007-3339 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: ColdFusion
CVE-2007-3338 (Multiple buffer stack-based overflows in Ingres database server
2006 ...)
- TODO: check
+ NOT-FOR-US: Ingres
CVE-2007-3337 (wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5,
as used ...)
- TODO: check
+ NOT-FOR-US: Ingres
CVE-2007-3336 (Multiple "pointer overwrite" vulnerabilities in
Ingres database server ...)
- TODO: check
+ NOT-FOR-US: Ingres
CVE-2007-3335 (Multiple SQL injection vulnerabilities in the admin panel in
PHPEcho ...)
- TODO: check
+ NOT-FOR-US: PHPEcho CMS
CVE-2007-3334 (Multiple heap-based buffer overflows in the (1) Communications
Server ...)
- TODO: check
+ NOT-FOR-US: Ingres
CVE-2007-3333
RESERVED
CVE-2007-3332 (Directory traversal vulnerability in Satellite.php in Satel
Lite for ...)
TODO: check
CVE-2007-3331 (Cross-site request forgery (CSRF) vulnerability in STphp
EasyNews PRO ...)
- TODO: check
+ NOT-FOR-US: STphp EasyNews PRO
CVE-2007-3330 (Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO
4.0 ...)
- TODO: check
+ NOT-FOR-US: STphp EasyNews PRO
CVE-2007-3329 (Multiple array index errors in the (1) get_intra_block, (2) ...)
TODO: check
CVE-2007-3328 (Multiple cross-site scripting (XSS) vulnerabilities in Interact
2.4 ...)
@@ -94,13 +94,13 @@
CVE-2007-3327 (httpsv.exe in HTTP Server 1.6.2 allows remote attackers to
obtain ...)
TODO: check
CVE-2007-3326 (Multiple directory traversal vulnerabilities in vBulletin 3.x.x
allow ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2007-3325 (PHP remote file inclusion vulnerability in lib/language.php in
LAN ...)
TODO: check
CVE-2007-3324 (Multiple cross-site scripting (XSS) vulnerabilities in Comersus
Cart ...)
- TODO: check
+ NOT-FOR-US: Comersus Cart
CVE-2007-3323 (SQL injection vulnerability in comersus_optReviewReadExec.asp
in ...)
- TODO: check
+ NOT-FOR-US: Comersus Shop Cart
CVE-2006-7207 (Buffer overflow in ageet AGEphone before 1.4.0 might allow
remote ...)
TODO: check
CVE-2006-7206 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote
...)
@@ -133,17 +133,17 @@
CVE-2007-3311 (SQL injection vulnerability in print.php in the Articles 1.02
and ...)
NOT-FOR-US: Articles
CVE-2007-3310 (Cross-site scripting (XSS) vulnerability in arama.asp in TDizin
allows ...)
- TODO: check
+ NOT-FOR-US: TDizin
CVE-2007-3309 (Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.2
allows ...)
- TODO: check
+ NOT-FOR-US: Simple Machines Forum
CVE-2007-3308 (Simple Machines Forum (SMF) 1.1.2 uses a concatenation method
with ...)
- TODO: check
+ NOT-FOR-US: Simple Machines Forum
CVE-2007-3307 (SQL injection vulnerability in game_listing.php in Solar Empire
...)
- TODO: check
+ NOT-FOR-US: Solar Empire
CVE-2007-3306 (PHP remote file inclusion vulnerability in
crontab/run_billing.php in ...)
- TODO: check
+ NOT-FOR-US: MiniBill
CVE-2007-3305 (Heap-based buffer overflow in Cerulean Studios Trillian 3.x
before ...)
- TODO: check
+ NOT-FOR-US: Cerulean Studios Trillian
CVE-2007-3304 (Apache httpd 1.3.37, and 2.0.59 and 2.2.4 with the Prefork MPM
module, ...)
TODO: check
CVE-2007-3303 (Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module,
allows ...)
@@ -151,15 +151,15 @@
CVE-2007-3302
RESERVED
CVE-2007-3301 (SQL injection vulnerability in
forum/include/error/autherror.cfm in ...)
- TODO: check
+ NOT-FOR-US: FuseTalk
CVE-2007-3300 (Multiple F-Secure anti-virus products for Microsoft Windows and
Linux ...)
TODO: check
CVE-2007-3299 (Cross-site scripting (XSS) vulnerability in AWFFull before
3.7.4, when ...)
TODO: check
CVE-2007-3298 (SQL injection vulnerability in Spey before 0.4.1 allows remote
...)
- TODO: check
+ NOT-FOR-US: Spey
CVE-2007-3297 (Multiple PHP remote file inclusion vulnerabilities in Musoo
0.21 allow ...)
- TODO: check
+ NOT-FOR-US: Musoo
CVE-2007-3296 (The ThunderServer.webThunder.1 ActiveX control in xunlei Web
...)
TODO: check
CVE-2007-3295 (Directory traversal vulnerability in Yet another Bulletin Board
(YaBB) ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
