[Secure-testing-commits] r6636 - data/CVE

Tue, 18 Sep 2007 14:14:11 -0700 

Author: joeyh
Date: 2007-09-18 21:14:08 +0000 (Tue, 18 Sep 2007)
New Revision: 6636

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-09-18 13:17:30 UTC (rev 6635)
+++ data/CVE/list       2007-09-18 21:14:08 UTC (rev 6636)
@@ -1,3 +1,49 @@
+CVE-2007-4924
+       RESERVED
+CVE-2007-4923 (PHP remote file inclusion vulnerability in 
admin.joomlaradiov5.php in ...)
+       TODO: check
+CVE-2007-4922 (SQL injection vulnerability in index.php in the jeuxflash 1.0 
module ...)
+       TODO: check
+CVE-2007-4921 (PHP remote file inclusion vulnerability in 
_includes/settings.inc.php ...)
+       TODO: check
+CVE-2007-4920 (SQL injection vulnerability in soporte_derecha_w.php in PHP 
Webquest ...)
+       TODO: check
+CVE-2007-4919 (Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) 
remote ...)
+       TODO: check
+CVE-2007-4918 (SQL injection vulnerability in index.php in Gelato allows 
remote ...)
+       TODO: check
+CVE-2007-4917 (Cross-site scripting (XSS) vulnerability in tracking.php in 
PHP-Stats ...)
+       TODO: check
+CVE-2007-4916 (Heap-based buffer overflow in the FileFind::FindFile method in 
(1) ...)
+       TODO: check
+CVE-2007-4915 (The Intersil isl3893 extensions for Boa 0.93.15, as used on the 
...)
+       TODO: check
+CVE-2007-4914 (Unspecified vulnerability in the subscriptions manager in 
Invision ...)
+       TODO: check
+CVE-2007-4913 (ips_kernel/class_upload.php in Invision Power Board (IPB or 
IP.Board) ...)
+       TODO: check
+CVE-2007-4912 (Cross-site scripting (XSS) vulnerability in 
ips_kernel/class_ajax.php ...)
+       TODO: check
+CVE-2007-4911 (JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote 
attackers to ...)
+       TODO: check
+CVE-2007-4910 (Unspecified vulnerability in netInvoicing before 2.7.3 has 
unknown ...)
+       TODO: check
+CVE-2007-4909 (Interpretation conflict in WinSCP before 4.0.4 allows remote 
attackers ...)
+       TODO: check
+CVE-2007-4908 (Directory traversal vulnerability in index.php in AuraCMS 2.1 
and ...)
+       TODO: check
+CVE-2007-4907 (Multiple PHP remote file inclusion vulnerabilities in X-Cart 
allow ...)
+       TODO: check
+CVE-2007-4906 (PHP remote file inclusion vulnerability in ...)
+       TODO: check
+CVE-2007-4905 (Unrestricted file upload vulnerability in mod/contak.php in 
AuraCMS ...)
+       TODO: check
+CVE-2007-4904 (RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix 
Player ...)
+       TODO: check
+CVE-2007-4903 (Multiple buffer overflows in a certain ActiveX control in 
CryptoX.dll ...)
+       TODO: check
+CVE-2007-4902 (Absolute path traversal vulnerability in a certain ActiveX 
control in ...)
+       TODO: check
 CVE-2007-4901 (Unspecified vulnerability in AOL Instant Messenger (AIM) 
6.1.41.2 ...)
        NOT-FOR-US: AOL Instant Messenger
 CVE-2007-4900 (Cross-site scripting (XSS) vulnerability in the logon page in 
RSA ...)
@@ -2208,6 +2254,7 @@
 CVE-2007-3917
        RESERVED
 CVE-2007-3916 [skktools insecure tempfile]
+       RESERVED
        - skktools 1.2+0.20061004-3
 CVE-2007-3915
        RESERVED
@@ -2651,8 +2698,8 @@
        RESERVED
 CVE-2007-3732
        RESERVED
-CVE-2007-3731
-       RESERVED
+CVE-2007-3731 (The Linux kernel 2.6.20 and 2.6.21 does not properly handle an 
invalid ...)
+       TODO: check
 CVE-2007-3730 (The default configuration of the POP server in TCP/IP Services 
5.6 for ...)
        NOT-FOR-US: HP OpenVMS
 CVE-2007-3729 (The default configuration of the POP server in TCP/IP Services 
5.6 for ...)
@@ -2827,8 +2874,8 @@
        - sun-java5 1.5.0-12-1
        [etch] - sun-java5 <no-dsa> (Non-free not supported)
        - sun-java6 6-02-1
-CVE-2007-3654
-       RESERVED
+CVE-2007-3654 (The display driver allocattr functions in NetBSD 3.0 through 
...)
+       TODO: check
 CVE-2007-3653
        RESERVED
 CVE-2007-3652
@@ -3486,8 +3533,8 @@
 CVE-2007-3380 (The Distributed Lock Manager (DLM) in the cluster manager for 
Linux ...)
        - linux-2.6 2.6.23-1
        [etch] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2007-3379
-       RESERVED
+CVE-2007-3379 (Unspecified vulnerability in the kernel in Red Hat Enterprise 
Linux ...)
+       TODO: check
 CVE-2007-3378 (The (1) session_save_path, (2) ini_set, and (3) error_log 
functions in ...)
        - php4 <unfixed> (unimportant)
        - php5 <unfixed> (unimportant)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to