Author: joeyh
Date: 2007-08-31 09:14:08 +0000 (Fri, 31 Aug 2007)
New Revision: 6449
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-30 21:58:57 UTC (rev 6448)
+++ data/CVE/list 2007-08-31 09:14:08 UTC (rev 6449)
@@ -1,4 +1,102 @@
-CVE-2007-4601 (A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11
does ...)
+CVE-2007-4630 (Cross-site scripting (XSS) vulnerability in xlaapmview.asp in
Absolute ...)
+ TODO: check
+CVE-2007-4629 (Buffer overflow in the processLine funtion in maptemplate.c in
...)
+ TODO: check
+CVE-2007-4628 (SQL injection vulnerability in shownews.php in phpns 1.1 allows
remote ...)
+ TODO: check
+CVE-2007-4627 (SQL injection vulnerability in index.php in ABC eStore 3.0
allows ...)
+ TODO: check
+CVE-2007-4626 (Unspecified vulnerability in Polipo before 1.0.2 allows remote
...)
+ TODO: check
+CVE-2007-4625 (Polipo before 1.0.2 allows remote HTTP servers to cause a
denial of ...)
+ TODO: check
+CVE-2007-4624 (Cross-site scripting (XSS) vulnerability in pframe.php in
AbleDesign ...)
+ TODO: check
+CVE-2007-4623
+ RESERVED
+CVE-2007-4622
+ RESERVED
+CVE-2007-4621
+ RESERVED
+CVE-2007-4620
+ RESERVED
+CVE-2007-4619
+ RESERVED
+CVE-2007-4618 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold
through SP7 ...)
+ TODO: check
+CVE-2007-4617 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold
through SP7, ...)
+ TODO: check
+CVE-2007-4616 (The SSL server implementation in BEA WebLogic Server 7.0 Gold
through ...)
+ TODO: check
+CVE-2007-4615 (The SSL client implementation in BEA WebLogic Server 7.0 SP7,
8.1 SP2 ...)
+ TODO: check
+CVE-2007-4614 (BEA WebLogic Server 9.1 does not properly handle propagation of
an ...)
+ TODO: check
+CVE-2007-4613 (SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0
Gold ...)
+ TODO: check
+CVE-2007-4612 (CRLF injection vulnerability in contact.php in Moonware (aka
Dale ...)
+ TODO: check
+CVE-2007-4611 (SQL injection vulnerability in viewevent.php in Moonware (aka
Dale ...)
+ TODO: check
+CVE-2007-4610 (Unrestricted file upload vulnerability in config/upload.php in
...)
+ TODO: check
+CVE-2007-4609 (eyeOS uses predictable checksum values in the checknum
parameter for ...)
+ TODO: check
+CVE-2007-4608 (PHP remote file inclusion vulnerability in protection.php in
...)
+ TODO: check
+CVE-2007-4607 (Buffer overflow in the EasyMailSMTPObj ActiveX control in
emsmtp.dll ...)
+ TODO: check
+CVE-2007-4606 (PHP remote file inclusion vulnerability in
convert/mvcw_conver.php in ...)
+ TODO: check
+CVE-2007-4605 (PHP remote file inclusion vulnerability in convert/mvcw.php in
Virtual ...)
+ TODO: check
+CVE-2007-4604 (SQL injection vulnerability in viewitem.php in DL PayCart 1.01
allows ...)
+ TODO: check
+CVE-2007-4603 (Multiple SQL injection vulnerabilities in index.php in ACG News
1.0 ...)
+ TODO: check
+CVE-2007-4602 (SQL injection vulnerability in cms/revert-content.php in
Implied by ...)
+ TODO: check
+CVE-2007-4600
+ RESERVED
+CVE-2007-4599
+ RESERVED
+CVE-2007-4598 (IBM SurePOS 500 has (1) a default password of "12345"
for the manager ...)
+ TODO: check
+CVE-2007-4597 (SQL injection vulnerability in index.php in TurnkeyWebTools
SunShop ...)
+ TODO: check
+CVE-2007-4596 (The perl extension in PHP does not follow safe_mode
restrictions, ...)
+ TODO: check
+CVE-2007-4595 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12
allows ...)
+ TODO: check
+CVE-2007-4594 (Entrust Entelligence Security Provider (ESP) 8 does not
properly ...)
+ TODO: check
+CVE-2007-4593 (Unspecified vulnerability in vstor2-ws60.sys in VMWare
Workstation 6.0 ...)
+ TODO: check
+CVE-2007-4592
+ RESERVED
+CVE-2007-4591 (vstor-ws60.sys in VMWare Workstation 6.0 allows local users to
cause a ...)
+ TODO: check
+CVE-2007-4590 (The get_system_info command in Ignite-UX C.7.0 through C.7.3,
and ...)
+ TODO: check
+CVE-2007-4589 (Multiple cross-site scripting (XSS) vulnerabilities in
InterWorx ...)
+ TODO: check
+CVE-2007-4588 (Multiple cross-site scripting (XSS) vulnerabilities in
InterWorx ...)
+ TODO: check
+CVE-2007-4587 (Cross-site scripting (XSS) vulnerability in Easy Software
Cafeteria ...)
+ TODO: check
+CVE-2007-4586 (Multiple buffer overflows in php_iisfunc.dll in the iisfunc
extension ...)
+ TODO: check
+CVE-2007-4585 (Directory traversal vulnerability in activateuser.php in
2532|Gigs ...)
+ TODO: check
+CVE-2007-4584 (Stack-based buffer overflow in BitchX 1.1 Final allows remote
IRC ...)
+ TODO: check
+CVE-2007-4583 (Multiple absolute path traversal vulnerabilities in the ...)
+ TODO: check
+CVE-2007-4582 (Buffer overflow in the nvUnifiedControl.AUnifiedControl.1
ActiveX ...)
+ TODO: check
+CVE-2007-4581 (SQL injection vulnerability in acrotxt.php in WBB2-Addon:
Acrotxt 1 ...)
+ TODO: check
+CVE-2007-4601 (A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11
does not ...)
- tcp-wrappers 7.6.dbs-12 (bug #405342; medium)
CVE-2007-4580 (Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5
allows ...)
NOT-FOR-US: BufferZone (Windows)
@@ -46,7 +144,8 @@
- python2.3 <removed>
- python2.4 <unfixed> (bug #440097)
- python2.5 <unfixed> (bug #440099)
-CVE-2007-4558 (Directory traversal vulnerability in extract.c in star before
1.5a84 ...)
+CVE-2007-4558
+ REJECTED
- star <unfixed> (bug #440100)
CVE-2007-4557 (Cross-site scripting (XSS) vulnerability in the webacc servlet
in ...)
NOT-FOR-US: Novell
@@ -242,8 +341,8 @@
RESERVED
CVE-2007-4468
RESERVED
-CVE-2007-4467
- RESERVED
+CVE-2007-4467 (Multiple stack-based buffer overflows in the Oracle JInitiator
ActiveX ...)
+ TODO: check
CVE-2007-4466
RESERVED
CVE-2006-7222 (Buffer overflow in the CFLICStream::_deltachunk function in ...)
@@ -306,7 +405,7 @@
NOT-FOR-US: Unreal on Windows
CVE-2007-4441 (Buffer overflow in php_win32std.dll in the win32std extension
for PHP ...)
- php5 <not-affected> (Windows-specific)
-CVE-2007-4440 (Stack-based buffer overflow in the SMTP server in Mercury Mail
...)
+CVE-2007-4440 (Stack-based buffer overflow in the MercuryS SMTP server in
Mercury ...)
NOT-FOR-US: Mercury mail system
CVE-2007-4439 (PHP remote file inclusion vulnerability in popup_window.php in
...)
NOT-FOR-US: Squirrelcart
@@ -790,10 +889,10 @@
RESERVED
CVE-2007-4222
RESERVED
-CVE-2007-4221
- RESERVED
-CVE-2007-4220
- RESERVED
+CVE-2007-4221 (Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5
for ...)
+ TODO: check
+CVE-2007-4220 (Directory traversal vulnerability in Motorola Timbuktu Pro
before ...)
+ TODO: check
CVE-2007-4219 (Integer overflow in the RPCFN_SYNC_TASK function in
StRpcSrv.dll, as ...)
TODO: check
CVE-2007-4218 (Multiple buffer overflows in the ServerProtect service
(SpntSvc.exe) ...)
@@ -970,12 +1069,12 @@
RESERVED
CVE-2007-4135
RESERVED
-CVE-2007-4134
- RESERVED
+CVE-2007-4134 (Directory traversal vulnerability in extract.c in star before
1.5a84 ...)
+ TODO: check
CVE-2007-4133
RESERVED
-CVE-2007-4132
- RESERVED
+CVE-2007-4132 (Unspecified vulnerability in Red Hat Network Satellite Server
5.0.0 ...)
+ TODO: check
CVE-2007-4131 (Directory traversal vulnerability in the contains_dot_dot
function in ...)
- tar <unfixed> (high; bug #439335)
CVE-2007-4130
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
