[Secure-testing-commits] r6501 - data/CVE

joeyh Tue, 04 Sep 2007 14:14:12 -0700

Author: joeyh
Date: 2007-09-04 21:14:07 +0000 (Tue, 04 Sep 2007)
New Revision: 6501


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-09-04 21:12:49 UTC (rev 6500)
+++ data/CVE/list       2007-09-04 21:14:07 UTC (rev 6501)
@@ -1,3 +1,41 @@
+CVE-2007-4649 (MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, 
and ...)
+       TODO: check
+CVE-2007-4648 (The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses 
weak ...)
+       TODO: check
+CVE-2007-4647 (newswire/uploadmedia.cgi in 2coolcode Our Space (Ourspace) 
2.0.9 ...)
+       TODO: check
+CVE-2007-4646 (Buffer overflow in the pop3 service in Hexamail Server 
3.0.0.001 Lite ...)
+       TODO: check
+CVE-2007-4645 (SQL injection vulnerability in index.php in NMDeluxe 2.0.0 
allows ...)
+       TODO: check
+CVE-2007-4644 (Format string vulnerability in the Cl_GetPackets function in 
cl_main.c ...)
+       TODO: check
+CVE-2007-4643 (Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and 
earlier ...)
+       TODO: check
+CVE-2007-4642 (Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 
and ...)
+       TODO: check
+CVE-2007-4641 (Directory traversal vulnerability in index.php in Pakupaku CMS 
0.4 and ...)
+       TODO: check
+CVE-2007-4640 (Unrestricted file upload vulnerability in index.php in Pakupaku 
CMS ...)
+       TODO: check
+CVE-2007-4639 (EnterpriseDB Advanced Server 8.2 does not properly handle 
certain ...)
+       TODO: check
+CVE-2007-4638 (Blizzard Entertainment StarCraft Brood War 1.15.1 and earlier 
allows ...)
+       TODO: check
+CVE-2007-4637 (xGB.php in xGB 2.0 does not require authentication for an admin 
edit ...)
+       TODO: check
+CVE-2007-4636 (Multiple PHP remote file inclusion vulnerabilities in phpBG 
0.9.1 ...)
+       TODO: check
+CVE-2007-4635 (Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote 
attackers to ...)
+       TODO: check
+CVE-2007-4634 (Multiple SQL injection vulnerabilities in Cisco CallManager and 
...)
+       TODO: check
+CVE-2007-4633 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco 
...)
+       TODO: check
+CVE-2007-4632 (Cisco IOS 12.2E, 12.2F, and 12.2S places a &quot;no login&quot; 
line into the ...)
+       TODO: check
+CVE-2007-4631 (The DataLoader::doStart function in dataloader.cpp in QGit 
1.5.6 and ...)
+       TODO: check
 CVE-2007-XXXX [maradns DoS]
        - maradns 1.2.12.08-1
        NOTE: http://marc.info/?l=maradns-list&m=118842373527534&w=2
@@ -111,7 +149,8 @@
        [sarge] - tcp-wrappers <not-affected> (Vulnerability was introduced in 
-10)
 CVE-2007-4580 (Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 
allows ...)
        NOT-FOR-US: BufferZone (Windows)
-CVE-2007-4579 (Heap-based buffer overflow in Microsoft MSN Messenger 7.x and 
Live ...)
+CVE-2007-4579
+       REJECTED
        NOT-FOR-US: MSN
 CVE-2007-4578 (Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 
allows ...)
        NOT-FOR-US: Sophos
@@ -256,8 +295,8 @@
        RESERVED
 CVE-2007-4516
        RESERVED
-CVE-2007-4515
-       RESERVED
+CVE-2007-4515 (Buffer overflow in a certain ActiveX control in YVerInfo.dll 
before ...)
+       TODO: check
 CVE-2007-4514
        RESERVED
 CVE-2007-4513
@@ -1381,6 +1420,7 @@
        RESERVED
 CVE-2007-3999 [buffer overflow in RPC library]
        RESERVED
+       {DSA-1368-1 DSA-1367-1}
        - librpcsecgss <unfixed>
        - krb5 <unfixed>
 CVE-2007-3998
@@ -1562,6 +1602,7 @@
 CVE-2007-3913
        RESERVED
 CVE-2007-3912 [debian-goodies checkrestart missing shell metachar escaping]
+       RESERVED
        - debian-goodies 0.34 (bug #440411; medium)
 CVE-2007-3911 (Multiple heap-based buffer overflows in (1) clsscheduler.exe 
(aka ...)
        NOT-FOR-US: BakBone NetVault Reporter
@@ -3842,8 +3883,8 @@
        NOT-FOR-US: Qtpfsgui and pfstools
 CVE-2007-2955 (Multiple unspecified &quot;input validation error&quot; 
vulnerabilities in ...)
        NOT-FOR-US: Norton Antivirus/Internet Security/System Works
-CVE-2007-2954
-       RESERVED
+CVE-2007-2954 (Multiple stack-based buffer overflows in the Spooler service 
...)
+       TODO: check
 CVE-2007-2953 (Format string vulnerability in the helptags_one function in ...)
        {DSA-1364-1}
        - vim 1:7.1-056+1 (low)
@@ -3893,8 +3934,8 @@
        NOT-FOR-US: Phil-a-Form
 CVE-2007-2932 (Cross-site scripting (XSS) vulnerability in index.php in 
BoastMachine ...)
        NOT-FOR-US: BoastMachine
-CVE-2007-2931
-       RESERVED
+CVE-2007-2931 (Heap-based buffer overflow in Microsoft MSN Messenger 7.x and 
Live ...)
+       TODO: check
 CVE-2007-2930
        RESERVED
 CVE-2007-2929 (The IBM Lenovo Access Support acpRunner ActiveX control, as ...)
@@ -6960,6 +7001,7 @@
 CVE-2007-1615 (SQL injection vulnerability in index.php in ScriptMagix Jokes 
2.0 and ...)
        NOT-FOR-US: ScriptMagix
 CVE-2007-1614 (Stack-based buffer overflow in the zzip_open_shared_io function 
in ...)
+       {DTSA-56-1}
        - zziplib 0.13.49-0 (bug #436701; low)
        [etch] - zziplib <no-dsa> (Minor issue)
        NOTE: 
http://www.securitylab.ru/forum/read.php?FID=21&TID=40858&MID=326187#message326187


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r6501 - data/CVE

Reply via email to