Author: stef-guest
Date: 2007-08-02 21:39:37 +0000 (Thu, 02 Aug 2007)
New Revision: 6217
Modified:
data/CVE/list
Log:
new postfix-policyd issue; NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-02 19:13:19 UTC (rev 6216)
+++ data/CVE/list 2007-08-02 21:39:37 UTC (rev 6217)
@@ -594,75 +594,75 @@
CVE-2007-3835 (Cross-site scripting (XSS) vulnerability in Ex Libris MetaLib
3.13 and ...)
NOT-FOR-US: Ex Libris MetaLib
CVE-2007-3834 (Multiple cross-site scripting (XSS) vulnerabilities in Ex
Libris ALEPH ...)
- TODO: check
+ NOT-FOR-US: Ex Libris ALEPH
CVE-2007-3833 (The AOL Instant Messenger (AIM) protocol handler in Cerulean
Studios ...)
- TODO: check
+ NOT-FOR-US: Trillian
CVE-2007-3832 (Buffer overflow in the AOL Instant Messenger (AIM) protocol
handler in ...)
- TODO: check
+ NOT-FOR-US: Trillian
CVE-2007-3831 (PHP remote file inclusion in main.php in ISS Proventia Network
IPS ...)
- TODO: check
+ NOT-FOR-US: ISS Proventia Network IPS
CVE-2007-3830 (Cross-site scripting (XSS) vulnerability in alert.php in ISS
Proventia ...)
- TODO: check
+ NOT-FOR-US: ISS Proventia Network IPS
CVE-2007-3829 (Multiple stack-based buffer overflows in (a) InterActual Player
...)
- TODO: check
+ NOT-FOR-US: InterActual Player
CVE-2007-3828 (Unspecified vulnerability in mDNSResponder in Apple Mac OS X
allows ...)
TODO: check
CVE-2007-3827 (Mozilla Firefox allows for cookies to be set with a null domain
(aka ...)
TODO: check
CVE-2007-3826 (Microsoft Internet Explorer 7 on Windows XP SP2 allows remote
...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation
in ...)
- TODO: check
+ NOT-FOR-US: CA Alert Notification Server
CVE-2007-3824 (SQL injection vulnerability in katgoster.asp in MzK Blog (tr)
allows ...)
- TODO: check
+ NOT-FOR-US: MzK Blog
CVE-2007-3823 (The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0
allows ...)
- TODO: check
+ NOT-FOR-US: IPSwitch WS_FTP
CVE-2007-3822 (Multiple cross-site scripting (XSS) vulnerabilities in Webcit
before ...)
- TODO: check
+ NOT-FOR-US: Webcit
CVE-2007-3821 (Cross-site request forgery (CSRF) vulnerability in Webcit
before 7.11 ...)
- TODO: check
+ NOT-FOR-US: Webcit
CVE-2007-3820 (konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote
attackers to ...)
TODO: check
CVE-2007-3819 (Opera 9.21 allows remote attackers to spoof the data: URI
scheme in ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2007-3818 (Cross-site scripting (XSS) vulnerability in the LoginToboggan
module ...)
- TODO: check
+ NOT-FOR-US: LoginToboggan
CVE-2007-3817 (Cross-site scripting (XSS) vulnerability in the LoginToboggan
module ...)
- TODO: check
+ NOT-FOR-US: LoginToboggan
CVE-2007-3816 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: JWIG
CVE-2007-3815 (Buffer overflow in pirs32.exe in Poslovni informator Republike
...)
- TODO: check
+ NOT-FOR-US: Poslovni informator Republike Slovenije
CVE-2007-3814 (Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow
remote ...)
- TODO: check
+ NOT-FOR-US: MKPortal
CVE-2007-3813 (PHP remote file inclusion vulnerability in include/user.php in
the ...)
- TODO: check
+ NOT-FOR-US: NoBoard BETA module for MKPortal
CVE-2007-3812 (SQL injection vulnerability in forums.php in CMScout 1.23 and
earlier ...)
- TODO: check
+ NOT-FOR-US: CMScout
CVE-2007-3811 (Multiple SQL injection vulnerabilities in eSyndiCat allow
remote ...)
- TODO: check
+ NOT-FOR-US: eSyndiCat
CVE-2007-3810 (SQL injection vulnerability in index.php in Realtor 747 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Realtor 747
CVE-2007-3809 (Multiple SQL injection vulnerabilities in Prozilla Directory
Script ...)
- TODO: check
+ NOT-FOR-US: Prozilla Directory Script
CVE-2007-3808 (SQL injection vulnerability in includes/search.php in paFileDB
3.6 ...)
- TODO: check
+ NOT-FOR-US: paFileDB
CVE-2007-3807 (Multiple cross-site scripting (XSS) vulnerabilities in
SiteScape Forum ...)
- TODO: check
+ NOT-FOR-US: SiteScape Forum
CVE-2007-3806 (The glob function in PHP 5.2.3 allows context-dependent
attackers to ...)
TODO: check
CVE-2007-3805 (The IKE implementation in Clavister CorePlus before 8.80.03,
and ...)
- TODO: check
+ NOT-FOR-US: Clavister CorePlus
CVE-2007-3804 (The AntiVirus engine in the HTTP-ALG in Clavister CorePlus
before ...)
- TODO: check
+ NOT-FOR-US: Clavister CorePlus
CVE-2007-3803 (The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00,
does ...)
- TODO: check
+ NOT-FOR-US: Clavister CorePlus
CVE-2007-3802 (The Decomposer component in multiple Symantec products may
allow ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2007-3801 (The Decomposer component in multiple Symantec products allows
remote ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2007-3800 (Unspecified vulnerability in the Real-time scanner (RTVScan)
component ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2007-3799 (The session_start function in ext/session in PHP 4.x up to
4.4.7 and ...)
TODO: check
CVE-2007-3798 (Integer overflow in print-bgp.c in the BGP dissector in tcpdump
3.9.6 ...)
@@ -670,33 +670,33 @@
CVE-2007-3797
RESERVED
CVE-2007-3796 (The password reset feature in the Spam Quarantine HTTP
interface for ...)
- TODO: check
+ NOT-FOR-US: Spam Quarantine HTTP interface for MailMarshal SMTP
CVE-2007-3795 (Unspecified vulnerability in Hitachi TP1/Server Base before
03-05-/P, ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2007-3794 (Buffer overflow in Hitachi Cosminexus V4 through V7, Processing
Kit ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2007-3793 (SQL injection vulnerability in Job Management Partner 1/NETM/DM
...)
- TODO: check
+ NOT-FOR-US: Job Management Partner
CVE-2007-3792 (Multiple PHP remote file inclusion vulnerabilities in AzDG
Dating Gold ...)
- TODO: check
+ NOT-FOR-US: AzDG Dating Gold
CVE-2007-3791 (Buffer overflow in the w_read function in sockets.c in Cami
Sardinha ...)
- TODO: check
+ - postfix-policyd <unfixed> (bug #435735)
CVE-2007-3790 (The com_print_typeinfo function in the bz2 extension in PHP
5.2.3 ...)
TODO: check
CVE-2007-3789 (SQL injection vulnerability in admin/index.php in Inmostore 4.0
allows ...)
- TODO: check
+ NOT-FOR-US: Inmostore
CVE-2007-3788 (The eSoft InstaGate EX2 UTM device stores the admin password
within ...)
- TODO: check
+ NOT-FOR-US: eSoft InstaGate
CVE-2007-3787 (The eSoft InstaGate EX2 UTM device does not require entry of
the old ...)
- TODO: check
+ NOT-FOR-US: eSoft InstaGate
CVE-2007-3786 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: eSoft InstaGate
CVE-2007-3785 (Absolute path traversal vulnerability in a certain ActiveX
control in ...)
- TODO: check
+ NOT-FOR-US: EldoS SecureBlackbox
CVE-2007-3784 (Cross-site scripting (XSS) vulnerability in the Belkin G Plus
Router ...)
- TODO: check
+ NOT-FOR-US: Belkin
CVE-2007-3783 (SQL injection vulnerability in default.asp in enVivo!CMS allows
remote ...)
- TODO: check
+ NOT-FOR-US: enVivo!CMS
CVE-2007-3782 (MySQL Community Server before 5.0.45 allows remote
authenticated users ...)
TODO: check
CVE-2007-3781 (MySQL Community Server before 5.0.45 does not require
privileges such ...)
@@ -710,11 +710,11 @@
CVE-2007-3777 (avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and
Free ...)
TODO: check
CVE-2007-3776 (Cisco Unified Communications Manager (CUCM, formerly
CallManager) and ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-3775 (Unspecified vulnerability in Cisco Unified Communications
Manager ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-3774 (Dvbbs 7.1.0 SP1 stores sensitive information under the web root
with ...)
- TODO: check
+ NOT-FOR-US: Dvbbs
CVE-2007-3773 (Cross-site request forgery (CSRF) vulnerability in the
Email-Template ...)
TODO: check
CVE-2007-3772 (Directory traversal vulnerability in news/show.php in PsNews
1.1 ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
