Author: enerv-guest
Date: 2007-01-12 13:47:57 +0100 (Fri, 12 Jan 2007)
New Revision: 5247
Modified:
data/CVE/list
Log:
Update CVEs entries.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-12 08:14:20 UTC (rev 5246)
+++ data/CVE/list 2007-01-12 12:47:57 UTC (rev 5247)
@@ -1,15 +1,15 @@
CVE-2007-0205 (Multiple directory traversal vulnerabilities in @lex Guestbook
4.0.2 ...)
- TODO: check
+ TODO: @alex
CVE-2006-6920 (Cross-site scripting (XSS) vulnerability in Nucleus before 3.24
allows ...)
- TODO: check
+ NOT-FOR-US: Nucleus
CVE-2006-6919 (Firefox Sage extension 1.3.8 and earlier allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Sage extension
CVE-2006-6918 (Unspecified vulnerability in the Admin login for Georgian
discussion ...)
- TODO: check
+ NOT-FOR-US: GeoBB
CVE-2006-6917 (Multiple buffer overflows in Computer Associates (CA)
BrightStor ...)
- TODO: check
+ NOT-FOR-US: Computer Associates (CA)
CVE-2006-6916 (Getahead Direct Web Remoting (DWR) before 1.1.3 allows
attackers to ...)
- TODO: check
+ NOT-FOR-US: Getahead
CVE-2007-0204 (Multiple cross-site scripting (XSS) vulnerabilities in
phpMyAdmin ...)
- phpmyadmin <unfixed> (bug #406486; high)
CVE-2007-0203 (Multiple unspecified vulnerabilities in phpMyAdmin before
2.9.2-rc1 ...)
@@ -29,33 +29,33 @@
CVE-2007-0196 (SQL injection vulnerability in admin_check_user.asp in
Motionborg Web ...)
NOT-FOR-US: Motionborg Web Real Estate
CVE-2007-0195 (my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0
displays ...)
- TODO: RESERVED
+ TODO: F5
CVE-2007-0194 (admin.php in MKPortal M1.1 RC1 allows remote attackers to
obtain ...)
- TODO: RESERVED
+ NOT-FOR-US: MKPortal
CVE-2007-0193 (FON La Fonera routers do not properly limit DNS service access
by ...)
- TODO: RESERVED
+ NOT-FOR-US: FON La Fonera
CVE-2007-0192 (Cross-site request forgery (CSRF) vulnerability in the
save_main ...)
- TODO: RESERVED
+ NOT-FOR-US: MKPortal
CVE-2007-0191 (Cross-site scripting (XSS) vulnerability in admin.php in
MKPortal ...)
- TODO: RESERVED
+ NOT-FOR-US: MKPortal
CVE-2007-0190 (PHP remote file inclusion vulnerability in edit_address.php in
edit-x ...)
- TODO: RESERVED
+ NOT-FOR-US: edit-x ecommerce
CVE-2007-0189 (** DISPUTED ** ...)
TODO: RESERVED
CVE-2007-0188 (F5 FirePass 5.4 through 5.5.1 does not properly enforce host
access ...)
- TODO: RESERVED
+ NOT-FOR-US: F5
CVE-2007-0187 (F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers
to ...)
- TODO: RESERVED
+ NOT-FOR-US: F5
CVE-2007-0186 (Multiple cross-site scripting (XSS) vulnerabilities in F5
FirePass SSL ...)
- TODO: RESERVED
+ NOT-FOR-US: F5
CVE-2007-0185 (Getahead Direct Web Remoting (DWR) before 1.1.4 allows
attackers to ...)
- TODO: RESERVED
+ NOT-FOR-US: Getahead
CVE-2007-0184 (Getahead Direct Web Remoting (DWR) before 1.1.4 allows
attackers to ...)
- TODO: RESERVED
+ NOT-FOR-US: Getahead
CVE-2007-0183 (Cross-site scripting (XSS) vulnerability in /search in iPlanet
Web ...)
- TODO: RESERVED
+ NOT-FOR-US: iPlanet Web
CVE-2007-0182 (Multiple PHP remote file inclusion vulnerabilities in magic
photo ...)
- TODO: RESERVED
+ NOT-FOR-US: Magic photo storage website
CVE-2007-0181 (PHP remote file inclusion vulnerability in
include/common_function.php ...)
NOT-FOR-US: Magic Photo Storage website
CVE-2007-0180 (Stack-based buffer overflow in EF Commander 5.75 allows
user-assisted ...)
@@ -82,13 +82,13 @@
CVE-2007-0170 (PHP remote file inclusion vulnerability in index.php in
AllMyVisitors ...)
NOT-FOR-US: AllmyVisitors
CVE-2007-0169 (Multiple buffer overflows in Computer Associates (CA)
BrightStor ...)
- TODO: check
+ NOT-FOR-US: Computer Associates (CA)
CVE-2007-0168 (The Tape Engine service in Computer Associates (CA) BrightStor
...)
- TODO: check
+ TODO: Computer Associates (CA)
CVE-2007-0167 (Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC
Search ...)
NOT-FOR-US: PPC Search
CVE-2007-0166 (The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify
...)
- TODO: check
+ TODO: FreeBSD
CVE-2007-0165 (Unspecified vulnerability in libnsl in Sun Solaris 8 and 9
allows ...)
NOT-FOR-US: Solaris
CVE-2007-0164 (Camouflage 1.2.1 embeds password information in the carrier
file, ...)
@@ -100,9 +100,9 @@
CVE-2007-0161 (The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one
drivers, as ...)
NOT-FOR-US: HP all-in-one drivers
CVE-2007-0160 (Stack-based buffer overflow in the LiveJournal support ...)
- TODO: check
+ TODO: LiveJournal
CVE-2007-0159 (Directory traversal vulnerability in the
GeoIP_update_database_general ...)
- TODO: check
+ libgeoip1 <unfixed> (bug #406238; medium)
CVE-2007-0158
RESERVED
CVE-2007-0157 (Array index error in the uri_lookup function in the URI parser
for ...)
@@ -16462,7 +16462,7 @@
{DSA-930-2 DSA-930-1}
- smstools 1.16-1.1 (bug #347221; medium)
CVE-2006-0106 (gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other
versions, ...)
- {DSA-954-1}
+ {DSA-954-1 CVE-2005-4560}}
- wine 0.9.2-1 (bug #346197; medium)
CVE-2006-0082 (Format string vulnerability in the SetImageInfo function in
image.c ...)
{DSA-1213}
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
