Author: joeyh
Date: 2007-07-13 09:14:07 +0000 (Fri, 13 Jul 2007)
New Revision: 6140
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-13 05:55:06 UTC (rev 6139)
+++ data/CVE/list 2007-07-13 09:14:07 UTC (rev 6140)
@@ -1,3 +1,175 @@
+CVE-2007-3761
+ RESERVED
+CVE-2007-3760
+ RESERVED
+CVE-2007-3759
+ RESERVED
+CVE-2007-3758
+ RESERVED
+CVE-2007-3757
+ RESERVED
+CVE-2007-3756
+ RESERVED
+CVE-2007-3755
+ RESERVED
+CVE-2007-3754
+ RESERVED
+CVE-2007-3753
+ RESERVED
+CVE-2007-3752
+ RESERVED
+CVE-2007-3751
+ RESERVED
+CVE-2007-3750
+ RESERVED
+CVE-2007-3749
+ RESERVED
+CVE-2007-3748
+ RESERVED
+CVE-2007-3747
+ RESERVED
+CVE-2007-3746
+ RESERVED
+CVE-2007-3745
+ RESERVED
+CVE-2007-3744
+ RESERVED
+CVE-2007-3743
+ RESERVED
+CVE-2007-3742
+ RESERVED
+CVE-2007-3741
+ RESERVED
+CVE-2007-3740
+ RESERVED
+CVE-2007-3739
+ RESERVED
+CVE-2007-3738
+ RESERVED
+CVE-2007-3737
+ RESERVED
+CVE-2007-3736
+ RESERVED
+CVE-2007-3735
+ RESERVED
+CVE-2007-3734
+ RESERVED
+CVE-2007-3733
+ RESERVED
+CVE-2007-3732
+ RESERVED
+CVE-2007-3731
+ RESERVED
+CVE-2007-3730 (The default configuration of the POP server in TCP/IP Services
5.6 for ...)
+ TODO: check
+CVE-2007-3729 (The default configuration of the POP server in TCP/IP Services
5.6 for ...)
+ TODO: check
+CVE-2007-3728 (Buffer overflow in lib/silcclient/client_notify.c of SILC
Client and ...)
+ TODO: check
+CVE-2007-3727 (Multiple unspecified vulnerabilities in Webmatic before 2.7
have ...)
+ TODO: check
+CVE-2007-3726 (Integer signedness error in the SET_VALUE function in rarvm.cpp
in ...)
+ TODO: check
+CVE-2007-3725 (The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91
allows ...)
+ TODO: check
+CVE-2007-3724 (The process scheduler in the Microsoft Windows XP kernel does
not make ...)
+ TODO: check
+CVE-2007-3723 (The process scheduler in the Sun Solaris kernel does not make
use of ...)
+ TODO: check
+CVE-2007-3722 (The 4BSD process scheduler in the FreeBSD kernel performs
scheduling ...)
+ TODO: check
+CVE-2007-3721 (The ULE process scheduler in the FreeBSD kernel gives
preference to ...)
+ TODO: check
+CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs
scheduling ...)
+ TODO: check
+CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives
preference to ...)
+ TODO: check
+CVE-2007-3718 (Multiple unspecified vulnerabilities in the SVG parsing engine
in ...)
+ TODO: check
+CVE-2007-3717 (rcp on Sun Solaris 8, 9, and 10 before 20070710 does not
properly call ...)
+ TODO: check
+CVE-2007-3716 (The Java XML Digital Signature implementation in Sun JDK and
JRE 6 ...)
+ TODO: check
+CVE-2007-3715 (Sun Java System Application Server and Web Server 7.0 through
9.0 ...)
+ TODO: check
+CVE-2007-3714 (Directory traversal vulnerability in Ada Image Server (ImgSvr)
0.6.5 ...)
+ TODO: check
+CVE-2007-3713 (Multiple buffer overflows in Konst CenterICQ 4.9.11 through
4.21 allow ...)
+ TODO: check
+CVE-2007-3712 (Multiple cross-site scripting (XSS) vulnerabilities in
HiddenChest "is ...)
+ TODO: check
+CVE-2007-3711 (Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and
2.5.x ...)
+ TODO: check
+CVE-2007-3710 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2007-3709 (CRLF injection vulnerability in the redirect function in ...)
+ TODO: check
+CVE-2007-3708 (Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3
before ...)
+ TODO: check
+CVE-2007-3707 (Directory traversal vulnerability in index.php in CodeIgniter
1.5.3 ...)
+ TODO: check
+CVE-2007-3706 (The _sanitize_globals function in CodeIgniter 1.5.3 before
20070628 ...)
+ TODO: check
+CVE-2007-3705 (SQL injection vulnerability in FuseTalk 2.0 allows remote
attackers to ...)
+ TODO: check
+CVE-2007-3704 (Entertainment CMS allows remote attackers to bypass
authentication and ...)
+ TODO: check
+CVE-2007-3703 (Stack-based buffer overflow in a certain ActiveX control in
sasatl.dll ...)
+ TODO: check
+CVE-2007-3702 (Directory traversal vulnerability in the load function in ...)
+ TODO: check
+CVE-2007-3701 (TippingPoint IPS before 20070710 does not properly handle a ...)
+ TODO: check
+CVE-2007-3700 (Sun Java System Access Manager (formerly Java System Identity
Server) ...)
+ TODO: check
+CVE-2007-3699
+ RESERVED
+CVE-2007-3698 (The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6
Update 1 ...)
+ TODO: check
+CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in
...)
+ TODO: check
+CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model
...)
+ TODO: check
+CVE-2007-3695 (Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler
(formerly ...)
+ TODO: check
+CVE-2007-3694
+ RESERVED
+CVE-2007-3693 (Cross-site scripting (XSS) vulnerability in Gobi as of
20070711, built ...)
+ TODO: check
+CVE-2007-3692 (Directory traversal vulnerability in download.cgi in EZFactory
KDDI ...)
+ TODO: check
+CVE-2007-3691 (Multiple SQL injection vulnerabilities in changePW.php in AV
Tutorial ...)
+ TODO: check
+CVE-2007-3690 (The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for
Drupal ...)
+ TODO: check
+CVE-2007-3689 (The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for
Drupal ...)
+ TODO: check
+CVE-2007-3688 (Multiple cross-site request forgery (CSRF) vulnerabilities in
DotClear ...)
+ TODO: check
+CVE-2007-3687 (SQL injection vulnerability in inferno.php in the Inferno
Technologies ...)
+ TODO: check
+CVE-2007-3686 (CRLF injection vulnerability in db.php in Unobtrusive Ajax Star
Rating ...)
+ TODO: check
+CVE-2007-3685 (Cross-site scripting (XSS) vulnerability in rpc.php in
Unobtrusive ...)
+ TODO: check
+CVE-2007-3684 (Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star
Rating ...)
+ TODO: check
+CVE-2007-3683 (SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3
and ...)
+ TODO: check
+CVE-2007-3682 (SQL injection vulnerability in index.php in OpenLD 1.2.2 and
earlier ...)
+ TODO: check
+CVE-2007-3681 (The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device
driver in ...)
+ TODO: check
+CVE-2007-3680 (Stack-based buffer overflow in the odm_searchpath function in
libodm ...)
+ TODO: check
+CVE-2007-3679
+ RESERVED
+CVE-2007-3678 (Stack-based buffer overflow in the MSWord text-import extension
(Word ...)
+ TODO: check
+CVE-2007-3677 (Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst
allow ...)
+ TODO: check
+CVE-1999-1592 (Multiple unspecified vulnerabilities in sendmail 5, as
installed on ...)
+ TODO: check
CVE-2007-3676
RESERVED
CVE-2007-3675
@@ -68,7 +240,7 @@
- libarchive <unfixed> (bug #432924; low)
CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative
privileges ...)
TODO: check
-CVE-2007-3642 (The decode_choice function in
net/netfilter/bf_conntrack_h323_asn1.c ...)
+CVE-2007-3642 (The decode_choice function in
net/netfilter/nf_conntrack_h323_asn1.c ...)
TODO: check
CVE-2007-3641
RESERVED
@@ -382,8 +554,8 @@
TODO: check
CVE-2007-3510
RESERVED
-CVE-2007-3509
- RESERVED
+CVE-2007-3509 (Heap-based buffer overflow in the RPC subsystem in Symantec
Backup ...)
+ TODO: check
CVE-2007-3508 (** DISPUTED ** ...)
- glibc 2.6-2 (unimportant; bug #431858)
NOTE: Not security-relevant
@@ -395,7 +567,7 @@
[etch] - freetype <not-affected> (Vulnerable code introduced in 2.3.x)
CVE-2007-3505 (Multiple directory traversal vulnerabilities in QuickTalk forum
1.3 ...)
NOT-FOR-US: QuickTalk forum
-CVE-2007-3504 (Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier,
and Java ...)
+CVE-2007-3504 (Directory traversal vulnerability in the PersistenceService in
Sun ...)
- sun-java5 <not-affected>
NOTE: Sun Alert ID 102957 says issue is Windows only
CVE-2007-3503 (The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can
generate HTML ...)
@@ -502,10 +674,10 @@
NOT-FOR-US: Civitech Avax Vector
CVE-2007-3458 (The libsldap library in Sun Solaris 8, 9, and 10 allows local
users to ...)
NOT-FOR-US: Sun Solaris libsldap
-CVE-2007-3457
- RESERVED
-CVE-2007-3456
- RESERVED
+CVE-2007-3457 (Adobe Flash Player 8.0.34.0 and earlier insufficiently
validates HTTP ...)
+ TODO: check
+CVE-2007-3456 (Unspecified vulnerability in Adobe Flash Player 9.0.45.0 and
earlier ...)
+ TODO: check
CVE-2006-7214 (Multiple unspecified vulnerabilities in Firebird 1.5 allow
remote ...)
- firebird1.5 <unfixed> (bug filed)
- firebird2 <removed>
@@ -4412,7 +4584,7 @@
TODO: check
CVE-2007-1755
RESERVED
-CVE-2007-1754 (Microsoft Office Publisher 2007 does not properly clear memory
when ...)
+CVE-2007-1754 (PUBCONV.DLL in Microsoft Office Publisher 2007 does not
properly clear ...)
TODO: check
CVE-2007-1753
RESERVED
@@ -12760,14 +12932,14 @@
- snort <not-affected> (snort versions 2.3.x do not contain the DCE RPC
preprocessor)
CVE-2006-5275
RESERVED
-CVE-2006-5274
- RESERVED
-CVE-2006-5273
- RESERVED
-CVE-2006-5272
- RESERVED
-CVE-2006-5271
- RESERVED
+CVE-2006-5274 (Integer overflow in McAfee ePolicy Orchestrator 3.5 through
3.6.1, ...)
+ TODO: check
+CVE-2006-5273 (Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5
through ...)
+ TODO: check
+CVE-2006-5272 (Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5
through ...)
+ TODO: check
+CVE-2006-5271 (Integer underflow in McAfee ePolicy Orchestrator 3.5 through
3.6.1, ...)
+ TODO: check
CVE-2006-5270 (Integer overflow in the Microsoft Malware Protection Engine ...)
NOT-FOR-US: Microsoft
CVE-2006-5269
@@ -27940,7 +28112,8 @@
REJECTED
CVE-2005-3562
REJECTED
-CVE-2005-3561 ( ...)
+CVE-2005-3561
+ REJECTED
NOT-FOR-US: ATutor
CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet
Security Suite ...)
NOT-FOR-US: Zone Labs
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
