automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5956 e39458fd-73e7-0310-bf30-c45bca0a0e42

4 files changed, 391 insertions, 47 deletions

diff --git a/data/CVE/2001.list b/data/CVE/2001.list
index f85fee00da..b27c8b7a2e 100644
--- a/data/CVE/2001.list
+++ b/data/CVE/2001.list
@@ -1,3 +1,5 @@
+CVE-2001-1581 (The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows ...)
+	TODO: check
 CVE-2001-XXXX [crypt++ passes passwords through the command line]
 	- crypt++el 2.91-2.1 (bug #105562; low)
 CVE-2001-XXXX [gnupg: inproper flagging of signatures as being local]
diff --git a/data/CVE/2003.list b/data/CVE/2003.list
index 75e2f64166..4c627f5621 100644
--- a/data/CVE/2003.list
+++ b/data/CVE/2003.list
@@ -1,3 +1,5 @@
+CVE-2003-1330 (Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on ...)
+	TODO: check
 CVE-2003-1329 (ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only ...)
 	- wu-ftpd 2.6.2-4
 CVE-2003-1327 (Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and ...)
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index e4da22aa78..35c9e04c99 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -1,3 +1,7 @@
+CVE-2006-7205 (The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 ...)
+	TODO: check
+CVE-2006-7204 (The imap_body function in PHP before 4.4.4 does not implement safemode ...)
+	TODO: check
 CVE-2006-7203 (The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 ...)
 	- linux-2.6 2.6.18.dfsg.1-9 (low)
 CVE-2006-7202 (The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not ...)
@@ -7263,8 +7267,7 @@ CVE-2006-3896 (The NeoScale Systems CryptoStor 700 series appliance before 2.6 r
 	NOT-FOR-US: NeoScale Systems CryptoStor
 CVE-2006-3895
 	RESERVED
-CVE-2006-3894
-	RESERVED
+CVE-2006-3894 (The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used ...)
 	NOT-FOR-US: RSA BSAFE
 CVE-2006-3893 (Multiple buffer overflows in the ActiveX controls in Newtone ImageKit ...)
 	NOT-FOR-US: Newtone ImageKit
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 1d037ddd17..a458612c22 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -1,3 +1,343 @@
+CVE-2007-2967 (Multiple F-Secure anti-virus products for Microsoft Windows and Linux ...)
+	TODO: check
+CVE-2007-2966 (Buffer overflow in the LHA decompresion component in F-Secure ...)
+	TODO: check
+CVE-2007-2965 (Unspecified vulnerability in the Real-time Scanning component in ...)
+	TODO: check
+CVE-2007-2964 (The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and ...)
+	TODO: check
+CVE-2007-2963 (Multiple cross-site scripting (XSS) vulnerabilities in Invision Power ...)
+	TODO: check
+CVE-2007-2962 (Cross-site scripting (XSS) vulnerability in search.php in Particle ...)
+	TODO: check
+CVE-2007-2961 (Unrestricted file upload vulnerability in FileCloset before 1.1.5 ...)
+	TODO: check
+CVE-2007-2960 (Multiple directory traversal vulnerabilities in Scallywag 2005-04-25 ...)
+	TODO: check
+CVE-2007-2959 (SQL injection vulnerability in manufacturer.php in cpCommerce before ...)
+	TODO: check
+CVE-2007-2958
+	RESERVED
+CVE-2007-2957
+	RESERVED
+CVE-2007-2956
+	RESERVED
+CVE-2007-2955
+	RESERVED
+CVE-2007-2954
+	RESERVED
+CVE-2007-2953
+	RESERVED
+CVE-2007-2952
+	RESERVED
+CVE-2007-2951
+	RESERVED
+CVE-2007-2950
+	RESERVED
+CVE-2007-2949
+	RESERVED
+CVE-2007-2948
+	RESERVED
+CVE-2007-2947 (Multiple PHP remote file inclusion vulnerabilities in OpenBASE Alpha ...)
+	TODO: check
+CVE-2007-2946 (Buffer overflow in a certain ActiveX control in LeadTools Raster ...)
+	TODO: check
+CVE-2007-2945 (RMForum stores sensitive information under the web root with ...)
+	TODO: check
+CVE-2007-2944 (WabCMS 1.0 stores sensitive information under the web root with ...)
+	TODO: check
+CVE-2007-2943 (PHP remote file inclusion vulnerability in class/class.php in Webavis ...)
+	TODO: check
+CVE-2007-2942 (SQL injection vulnerability in user.php in My Little Forum 1.7 and ...)
+	TODO: check
+CVE-2007-2941 (Multiple PHP remote file inclusion vulnerabilities in the creator in ...)
+	TODO: check
+CVE-2007-2940 (Multiple PHP remote file inclusion vulnerabilities in FlaP 1.0b (1.0 ...)
+	TODO: check
+CVE-2007-2939 (Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat ...)
+	TODO: check
+CVE-2007-2938 (Buffer overflow in the BaseRunner ActiveX control in the Ademco ...)
+	TODO: check
+CVE-2007-2937 (PHP remote file inclusion vulnerability in admin/admin.php in TROforum ...)
+	TODO: check
+CVE-2007-2936 (Multiple PHP remote file inclusion vulnerabilities in Frequency Clock ...)
+	TODO: check
+CVE-2007-2935 (core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows ...)
+	TODO: check
+CVE-2007-2934 (Directory traversal vulnerability in skins/common.css.php in Vistered ...)
+	TODO: check
+CVE-2007-2933 (SQL injection vulnerability in index.php in the Phil-a-Form ...)
+	TODO: check
+CVE-2007-2932 (Cross-site scripting (XSS) vulnerability in index.php in BoastMachine ...)
+	TODO: check
+CVE-2007-2931
+	RESERVED
+CVE-2007-2930
+	RESERVED
+CVE-2007-2929
+	RESERVED
+CVE-2007-2928
+	RESERVED
+CVE-2007-2927
+	RESERVED
+CVE-2007-2926
+	RESERVED
+CVE-2007-2925
+	RESERVED
+CVE-2007-2924
+	RESERVED
+CVE-2007-2923
+	RESERVED
+CVE-2007-2922
+	RESERVED
+CVE-2007-2921
+	RESERVED
+CVE-2007-2920
+	RESERVED
+CVE-2007-2919
+	RESERVED
+CVE-2007-2918
+	RESERVED
+CVE-2007-2917
+	RESERVED
+CVE-2007-2916 (Cross-site scripting (XSS) vulnerability in showown.php in GMTT Music ...)
+	TODO: check
+CVE-2007-2915 (Cross-site scripting (XSS) vulnerability in RM EasyMail Plus allows ...)
+	TODO: check
+CVE-2007-2914 (Multiple cross-site scripting (XSS) vulnerabilities in PsychoStats ...)
+	TODO: check
+CVE-2007-2913 (Cross-site scripting (XSS) vulnerability in index.php in ClonusWiki .5 ...)
+	TODO: check
+CVE-2007-2912 (Unspecified vulnerability in Jelsoft vBulletin before 3.6.6, when ...)
+	TODO: check
+CVE-2007-2911 (SQL injection vulnerability in admincp/attachment.php in Jelsoft ...)
+	TODO: check
+CVE-2007-2910 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before ...)
+	TODO: check
+CVE-2007-2909 (Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft ...)
+	TODO: check
+CVE-2007-2908 (Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft ...)
+	TODO: check
+CVE-2007-2907 (Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote ...)
+	TODO: check
+CVE-2007-2906 (Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a ...)
+	TODO: check
+CVE-2007-2905 (SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 ...)
+	TODO: check
+CVE-2007-2904 (Cross-site scripting (XSS) vulnerability in Sun Java System Messaging ...)
+	TODO: check
+CVE-2007-2903 (Buffer overflow in the HelpPopup method in the Microsoft Office 2000 ...)
+	TODO: check
+CVE-2007-2902 (SQL injection vulnerability in main/auth/my_progress.php in Dokeos ...)
+	TODO: check
+CVE-2007-2901 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 ...)
+	TODO: check
+CVE-2007-2900 (Multiple PHP remote file inclusion vulnerabilities in Scallywag ...)
+	TODO: check
+CVE-2007-2899 (Direct static code injection vulnerability in admin_config.php in ...)
+	TODO: check
+CVE-2007-2898 (SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 ...)
+	TODO: check
+CVE-2007-2897 (Microsoft Internet Information Services (IIS) 6.0 allows remote ...)
+	TODO: check
+CVE-2007-2896 (Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 ...)
+	TODO: check
+CVE-2007-2895 (Buffer overflow in a certain ActiveX control in LTRDF14e.DLL 14.5.0.44 ...)
+	TODO: check
+CVE-2007-2894 (The emulated floppy disk controller in Bochs 2.3 allows local users of ...)
+	TODO: check
+CVE-2007-2893 (Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in ...)
+	TODO: check
+CVE-2007-2892 (Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 ...)
+	TODO: check
+CVE-2007-2891 (Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 ...)
+	TODO: check
+CVE-2007-2890 (SQL injection vulnerability in category.php in cpCommerce 1.1.0 and ...)
+	TODO: check
+CVE-2007-2889 (SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 ...)
+	TODO: check
+CVE-2007-2888 (Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows ...)
+	TODO: check
+CVE-2007-2887 (Cross-site scripting (XSS) vulnerability in index.php in Web Icerik ...)
+	TODO: check
+CVE-2007-2886 (Unspecified vulnerability in the Nortel CS 1000 M media card in ...)
+	TODO: check
+CVE-2007-2885 (The NotSafe function in the MSVDTDatabaseDesigner7 ActiveX control in ...)
+	TODO: check
+CVE-2007-2884 (Multiple stack-based buffer overflows in Microsoft Visual Basic 6 ...)
+	TODO: check
+CVE-2007-2883 (Credant Mobile Guardian Shield for Windows 5.2.1.105 and earlier ...)
+	TODO: check
+CVE-2007-2882 (Unspecified vulnerability in the NFS client module in Sun Solaris 8 ...)
+	TODO: check
+CVE-2007-2881 (Multiple stack-based buffer overflows in the SOCKS proxy support ...)
+	TODO: check
+CVE-2007-2880 (Multiple cross-site scripting (XSS) vulnerabilities in Digirez 3.4 ...)
+	TODO: check
+CVE-2007-2879 (Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk ...)
+	TODO: check
+CVE-2007-2878 (The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run ...)
+	TODO: check
+CVE-2007-2877 (Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 ...)
+	TODO: check
+CVE-2007-2876
+	RESERVED
+CVE-2007-2875
+	RESERVED
+CVE-2007-2874
+	RESERVED
+CVE-2007-2873
+	RESERVED
+CVE-2007-2872
+	RESERVED
+CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...)
+	TODO: check
+CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...)
+	TODO: check
+CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before ...)
+	TODO: check
+CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox ...)
+	TODO: check
+CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla Firefox ...)
+	TODO: check
+CVE-2007-2866 (Multiple SQL injection vulnerabilities in ...)
+	TODO: check
+CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin ...)
+	TODO: check
+CVE-2007-2864
+	RESERVED
+CVE-2007-2863
+	RESERVED
+CVE-2007-2862 (Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow ...)
+	TODO: check
+CVE-2007-2861 (Multiple PHP remote file inclusion vulnerabilities in Simple ...)
+	TODO: check
+CVE-2007-2860 (user.php in BoastMachine 3.0 platinum allows remote authenticated ...)
+	TODO: check
+CVE-2007-2859 (Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 ...)
+	TODO: check
+CVE-2007-2858 (SQL injection vulnerability in the IP-Search functionality in the ...)
+	TODO: check
+CVE-2007-2857 (PHP remote file inclusion vulnerability in sample/xls2mysql in ABC ...)
+	TODO: check
+CVE-2007-2856 (Buffer overflow in the Dart Communications PowerTCP ZIP Compression ...)
+	TODO: check
+CVE-2007-2855 (Buffer overflow in a certain ActiveX control in DartZipLite.dll ...)
+	TODO: check
+CVE-2007-2854 (Multiple SQL injection vulnerabilities in account_change.php in ...)
+	TODO: check
+CVE-2007-2853 (The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in Virtual CD ...)
+	TODO: check
+CVE-2007-2852 (Multiple stack-based buffer overflows in ESET NOD32 Antivirus before ...)
+	TODO: check
+CVE-2007-2851 (A certain ActiveX control in LeadTools Raster Variant Object Library ...)
+	TODO: check
+CVE-2007-2850 (The Session Reliability Service (XTE) in Citrix MetaFrame Presentation ...)
+	TODO: check
+CVE-2007-2849 (KnowledgeTree Document Management (aka KnowledgeTree Open Source) ...)
+	TODO: check
+CVE-2007-2848 (Stack-based buffer overflow in the SetPath function in the shComboBox ...)
+	TODO: check
+CVE-2007-2847 (Multiple cross-site scripting (XSS) vulnerabilities in hlstats.php in ...)
+	TODO: check
+CVE-2007-2846 (Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus ...)
+	TODO: check
+CVE-2007-2845 (Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus ...)
+	TODO: check
+CVE-2007-2844 (PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, ...)
+	TODO: check
+CVE-2007-2843 (Cross-domain vulnerability in Apple Safari 2.0.4 allows remote ...)
+	TODO: check
+CVE-2007-2842
+	RESERVED
+CVE-2007-2841
+	RESERVED
+CVE-2007-2840
+	RESERVED
+CVE-2007-2839
+	RESERVED
+CVE-2007-2838
+	RESERVED
+CVE-2007-2837
+	RESERVED
+CVE-2007-2836
+	RESERVED
+CVE-2007-2835
+	RESERVED
+CVE-2007-2834
+	RESERVED
+CVE-2007-2833
+	RESERVED
+CVE-2007-2832 (Cross-site scripting (XSS) vulnerability in the web application ...)
+	TODO: check
+CVE-2007-2831 (Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ...)
+	TODO: check
+CVE-2007-2830 (The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 ...)
+	TODO: check
+CVE-2007-2829 (The 802.11 network stack in net80211/ieee80211_input.c in MadWifi ...)
+	TODO: check
+CVE-2007-2828 (Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php ...)
+	TODO: check
+CVE-2007-2827 (Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX ...)
+	TODO: check
+CVE-2007-2826 (PHP remote file inclusion vulnerability in lib/addressbook.php in ...)
+	TODO: check
+CVE-2007-2825 (Multiple cross-site scripting (XSS) vulnerabilities in ReadMsg.php in ...)
+	TODO: check
+CVE-2007-2824 (SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 ...)
+	TODO: check
+CVE-2007-2823 (Multiple buffer overflows in HT Editor before 2.0.6 might allow remote ...)
+	TODO: check
+CVE-2007-2822 (TutorialCMS 1.01 and earlier, when register_globals is enabled, allows ...)
+	TODO: check
+CVE-2007-2821 (SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress ...)
+	TODO: check
+CVE-2007-2820 (Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX ...)
+	TODO: check
+CVE-2007-2819 (Cross-site scripting (XSS) vulnerability in reportItem.do in Track+ ...)
+	TODO: check
+CVE-2007-2818 (Cross-site scripting (XSS) vulnerability in cand_login.asp in ...)
+	TODO: check
+CVE-2007-2817 (SQL injection vulnerability in read/index.php in ol'bookmarks 0.7.4 ...)
+	TODO: check
+CVE-2007-2816 (Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks ...)
+	TODO: check
+CVE-2007-2815 (The "hit-highlighting" functionality in webhits.dll in Microsoft ...)
+	TODO: check
+CVE-2007-2814 (Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX ...)
+	TODO: check
+CVE-2007-2813 (Cisco IOS 12.4 and earlier, when using the crypto packages and SSL ...)
+	TODO: check
+CVE-2007-2812 (Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats ...)
+	TODO: check
+CVE-2007-2811 (Cross-site scripting (XSS) vulnerability in OSK Advance-Flow 4.41 and ...)
+	TODO: check
+CVE-2007-2810 (SQL injection vulnerability in down_indir.asp in Gazi Download Portal ...)
+	TODO: check
+CVE-2007-2809 (Buffer overflow in the transfer manager in Opera before 9.21 for ...)
+	TODO: check
+CVE-2007-2808 (Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb ...)
+	TODO: check
+CVE-2007-2807 (Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop ...)
+	TODO: check
+CVE-2007-2806 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+	TODO: check
+CVE-2007-2805 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+	TODO: check
+CVE-2007-2804 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2007-2803 (SQL injection vulnerability in default.asp in Vizayn Urun Tanitim ...)
+	TODO: check
+CVE-2007-2802 (Cross-site scripting (XSS) vulnerability in cp/ps/Main/login/Login in ...)
+	TODO: check
+CVE-2007-2801
+	RESERVED
+CVE-2007-2800
+	RESERVED
+CVE-2007-2799 (Integer overflow in the "file" program 4.20, when running on 32-bit ...)
+	TODO: check
+CVE-2007-2798
+	RESERVED
 CVE-2007-XXXX [MadWifi several DoS, one of them remote]
 	- madwifi 1:0.9.3-2
 	[etch] - madwifi <no-dsa> (Non-free not supported)
@@ -250,10 +590,10 @@ CVE-2007-2689 (Check Point Web Intelligence does not properly handle certain ...
 	NOT-FOR-US: Check Point
 CVE-2007-2688 (The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS ...)
 	NOT-FOR-US: Cisco
-CVE-2007-2687
-	RESERVED
-CVE-2007-2686
-	RESERVED
+CVE-2007-2687 (Stack-based buffer overflow in the MicroWorld Agent service ...)
+	TODO: check
+CVE-2007-2686 (Cross-site scripting (XSS) vulnerability in index.php in Jetbox CMS ...)
+	TODO: check
 CVE-2007-2685 (Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 ...)
 	NOT-FOR-US: Jetbox CMS
 CVE-2007-2684 (Jetbox CMS 2.1 allows remote attackers to obtain sensitive information ...)
@@ -317,7 +657,7 @@ CVE-2007-2656 (Stack-based buffer overflow in the Hewlett-Packard (HP) Magview .
 	NOT-FOR-US: HP
 CVE-2007-2655 (Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before ...)
 	NOT-FOR-US: NetWin
-CVE-2007-2654 (xfs_fsr in xfsdump creates a temporary directory with insecure ...)
+CVE-2007-2654 (xfs_fsr in xfsdump creates a .fsr temporary directory with insecure ...)
 	- xfsdump 2.2.45-1 (bug #417894; low)
 CVE-2007-2653 (Unspecified vulnerability in Vim (Vi IMproved) before 7.1 has ...)
 	NOT-FOR-US: This is bogus, the annoucement refers to the recently discovered modelines issues	
@@ -590,8 +930,8 @@ CVE-2007-2521 (PHP remote file inclusion vulnerability in common.php in E-GADS!
 	NOT-FOR-US: E-GADS!
 CVE-2007-2520
 	RESERVED
-CVE-2007-2519
-	RESERVED
+CVE-2007-2519 (Directory traversal vulnerability in the installer in PEAR 1.0 through ...)
+	TODO: check
 CVE-2007-2518
 	REJECTED
 CVE-2007-2517
@@ -738,8 +1078,7 @@ CVE-2007-2453
 CVE-2007-2452
 	RESERVED
 	- findutils <unfixed> (low; bug #426862)
-CVE-2007-2451 [linux geode-aes security issue]
-	RESERVED
+CVE-2007-2451 (Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES ...)
 	- linux-2.6 2.6.21-3
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present, introduced in 2.6.20)
 CVE-2007-2450
@@ -882,16 +1221,16 @@ CVE-2007-2392
 	RESERVED
 CVE-2007-2391
 	RESERVED
-CVE-2007-2390
-	RESERVED
-CVE-2007-2389
-	RESERVED
-CVE-2007-2388
-	RESERVED
+CVE-2007-2390 (Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows ...)
+	TODO: check
+CVE-2007-2389 (Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear ...)
+	TODO: check
+CVE-2007-2388 (Unspecified vulnerability in Apple QuickTime for Java 7.1.6 on Mac OS ...)
+	TODO: check
 CVE-2007-2387
 	RESERVED
-CVE-2007-2386
-	RESERVED
+CVE-2007-2386 (Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 ...)
+	TODO: check
 CVE-2007-2385 (The Yahoo! UI framework exchanges data using JavaScript Object ...)
 	TODO: check yui
 	NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
@@ -2041,8 +2380,7 @@ CVE-2007-1862
 CVE-2007-1861 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel ...)
 	{DSA-1289-1}
 	- linux-2.6 2.6.21-1
-CVE-2007-1860 [Apache Tomcat JK Connector Information disclosure]
-	RESERVED
+CVE-2007-1860 (mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 ...)
 	- libapache-mod-jk <unfixed> (bug #425836)
 CVE-2007-1859 (XScreenSaver 4.10, when using a remote directory service for ...)
 	- xscreensaver <unfixed> (low)
@@ -3172,8 +3510,8 @@ CVE-2007-1364 (DropAFew before 0.2.1 does not require authorization for certain
 	NOT-FOR-US: DropAFew
 CVE-2007-1363 (Multiple SQL injection vulnerabilities in DropAFew before 0.2.1 allow ...)
 	NOT-FOR-US: DropAFew
-CVE-2007-1362
-	RESERVED
+CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and ...)
+	TODO: check
 CVE-2007-1361 (Cross-site scripting (XSS) vulnerability in virtuemart_parser.php in ...)
 	NOT-FOR-US: VirtueMart
 CVE-2007-1360 (Unspecified vulnerability in the Nodefamily module for Drupal 5.x ...)
@@ -4622,14 +4960,14 @@ CVE-2007-0755
 	RESERVED
 CVE-2007-0754 (Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows ...)
 	NOT-FOR-US: Apple QuickTime
-CVE-2007-0753
-	RESERVED
-CVE-2007-0752
-	RESERVED
-CVE-2007-0751
-	RESERVED
-CVE-2007-0750
-	RESERVED
+CVE-2007-0753 (Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X ...)
+	TODO: check
+CVE-2007-0752 (The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the ...)
+	TODO: check
+CVE-2007-0751 (A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might ...)
+	TODO: check
+CVE-2007-0750 (Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 ...)
+	TODO: check
 CVE-2007-0749 (Multiple stack-based buffer overflows in the is_command function in ...)
 	NOT-FOR-US: Apple Darwin Streaming Server
 CVE-2007-0748 (Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using ...)
@@ -4648,8 +4986,8 @@ CVE-2007-0742 (The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier
 	NOT-FOR-US: Apple Mac OS X
 CVE-2007-0741 (Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-0740
-	RESERVED
+CVE-2007-0740 (Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display ...)
+	TODO: check
 CVE-2007-0739 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2007-0738 (The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not ...)
@@ -4742,16 +5080,16 @@ CVE-2007-0696 (Cross-site scripting (XSS) vulnerability in error messages in Fre
 	NOT-FOR-US: Free LAN Intranet Portal
 CVE-2007-0695 (Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net ...)
 	NOT-FOR-US: Free LAN Intranet Portal
-CVE-2007-0694
-	RESERVED
-CVE-2007-0693
-	RESERVED
-CVE-2007-0692
-	RESERVED
+CVE-2007-0694 (Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 ...)
+	TODO: check
+CVE-2007-0693 (SQL injection vulnerability in news.php in DGNews 2.1 allows remote ...)
+	TODO: check
+CVE-2007-0692 (DGNews 2.1 allows remote attackers to obtain sensitive information via ...)
+	TODO: check
 CVE-2007-0691
 	REJECTED
-CVE-2007-0690
-	RESERVED
+CVE-2007-0690 (myEvent 1.6 allows remote attackers to obtain sensitive information ...)
+	TODO: check
 CVE-2007-0689 (MyBB 1.2.4 allows remote attackers to obtain sensitive information via ...)
 	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2007-XXXX [remctl ACL bypass vulnerability]
@@ -5289,8 +5627,8 @@ CVE-2007-0450 (Directory traversal vulnerability in Apache HTTP Server and Tomca
 	- tomcat5.5 <unfixed> (medium)
 CVE-2007-0449 (Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve ...)
 	NOT-FOR-US: CA BrightStor
-CVE-2007-0448
-	RESERVED
+CVE-2007-0448 (The fopen function in PHP 5.2.0 does not properly handle invalid URI ...)
+	TODO: check
 CVE-2007-0447
 	RESERVED
 CVE-2007-0446 (Stack-based buffer overflow in magentproc.exe for Hewlett-Packard ...)
@@ -5550,8 +5888,8 @@ CVE-2007-0330 (Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipsw
 	NOT-FOR-US: Ipswitch WS_FTP
 CVE-2007-0329 (download.php in Joonas Viljanen JV2 Folder Gallery allows remote ...)
 	NOT-FOR-US: Joonas Viljanen JV2 Folder Gallery
-CVE-2007-0328
-	RESERVED
+CVE-2007-0328 (The DWUpdateService ActiveX control in the agent (agent.exe) in ...)
+	TODO: check
 CVE-2007-0327
 	RESERVED
 CVE-2007-0326
@@ -5720,8 +6058,7 @@ CVE-2007-0249 (Cross-site scripting (XSS) vulnerability in index.php in Nwom top
 CVE-2007-0247 (squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers ...)
 	- squid 2.6.5-4 (low)
 	[sarge] - squid <not-affected> (Vulnerable code not present)
-CVE-2007-0246 [gforge-plugin-scmcvs missing input sanitising ]
-	RESERVED
+CVE-2007-0246 (plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 ...)
 	{DSA-1297-1}
 	- gforge-plugin-scmcvs 4.5.14-6
 CVE-2007-0245