diff options
author | Joey Hess <joeyh@debian.org> | 2007-07-13 09:14:07 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2007-07-13 09:14:07 +0000 |
commit | 48848a9adbb07ac6965ce2186f591b55dc3641f8 (patch) | |
tree | 4ebc93f9902f3569558b879ba003f15f28f78b32 /data | |
parent | 55c6cb1916bc6e846bfaf418f08cfc600785f157 (diff) |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@6140 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/1999.list | 2 | ||||
-rw-r--r-- | data/CVE/2005.list | 3 | ||||
-rw-r--r-- | data/CVE/2006.list | 16 | ||||
-rw-r--r-- | data/CVE/2007.list | 188 |
4 files changed, 191 insertions, 18 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list index b0c2fa5ed8..878f4a5dfb 100644 --- a/data/CVE/1999.list +++ b/data/CVE/1999.list @@ -1,3 +1,5 @@ +CVE-1999-1592 (Multiple unspecified vulnerabilities in sendmail 5, as installed on ...) + TODO: check CVE-1999-1591 (Microsoft Internet Information Services (IIS) server 4.0 SP4, without ...) TODO: check CVE-1999-1590 (Directory traversal vulnerability in Muhammad A. Muquit wwwcount ...) diff --git a/data/CVE/2005.list b/data/CVE/2005.list index 4de28e0da6..8b2010c0ea 100644 --- a/data/CVE/2005.list +++ b/data/CVE/2005.list @@ -2891,7 +2891,8 @@ CVE-2005-3563 REJECTED CVE-2005-3562 REJECTED -CVE-2005-3561 ( ...) +CVE-2005-3561 + REJECTED NOT-FOR-US: ATutor CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite ...) NOT-FOR-US: Zone Labs diff --git a/data/CVE/2006.list b/data/CVE/2006.list index 96ab33e924..dc844525f3 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -4259,14 +4259,14 @@ CVE-2006-5276 (Stack-based buffer overflow in the DCE/RPC preprocessor in Snort - snort <not-affected> (snort versions 2.3.x do not contain the DCE RPC preprocessor) CVE-2006-5275 RESERVED -CVE-2006-5274 - RESERVED -CVE-2006-5273 - RESERVED -CVE-2006-5272 - RESERVED -CVE-2006-5271 - RESERVED +CVE-2006-5274 (Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...) + TODO: check +CVE-2006-5273 (Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...) + TODO: check +CVE-2006-5272 (Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...) + TODO: check +CVE-2006-5271 (Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...) + TODO: check CVE-2006-5270 (Integer overflow in the Microsoft Malware Protection Engine ...) NOT-FOR-US: Microsoft CVE-2006-5269 diff --git a/data/CVE/2007.list b/data/CVE/2007.list index aa3c1d3500..7fb9a1ce2f 100644 --- a/data/CVE/2007.list +++ b/data/CVE/2007.list @@ -1,3 +1,173 @@ +CVE-2007-3761 + RESERVED +CVE-2007-3760 + RESERVED +CVE-2007-3759 + RESERVED +CVE-2007-3758 + RESERVED +CVE-2007-3757 + RESERVED +CVE-2007-3756 + RESERVED +CVE-2007-3755 + RESERVED +CVE-2007-3754 + RESERVED +CVE-2007-3753 + RESERVED +CVE-2007-3752 + RESERVED +CVE-2007-3751 + RESERVED +CVE-2007-3750 + RESERVED +CVE-2007-3749 + RESERVED +CVE-2007-3748 + RESERVED +CVE-2007-3747 + RESERVED +CVE-2007-3746 + RESERVED +CVE-2007-3745 + RESERVED +CVE-2007-3744 + RESERVED +CVE-2007-3743 + RESERVED +CVE-2007-3742 + RESERVED +CVE-2007-3741 + RESERVED +CVE-2007-3740 + RESERVED +CVE-2007-3739 + RESERVED +CVE-2007-3738 + RESERVED +CVE-2007-3737 + RESERVED +CVE-2007-3736 + RESERVED +CVE-2007-3735 + RESERVED +CVE-2007-3734 + RESERVED +CVE-2007-3733 + RESERVED +CVE-2007-3732 + RESERVED +CVE-2007-3731 + RESERVED +CVE-2007-3730 (The default configuration of the POP server in TCP/IP Services 5.6 for ...) + TODO: check +CVE-2007-3729 (The default configuration of the POP server in TCP/IP Services 5.6 for ...) + TODO: check +CVE-2007-3728 (Buffer overflow in lib/silcclient/client_notify.c of SILC Client and ...) + TODO: check +CVE-2007-3727 (Multiple unspecified vulnerabilities in Webmatic before 2.7 have ...) + TODO: check +CVE-2007-3726 (Integer signedness error in the SET_VALUE function in rarvm.cpp in ...) + TODO: check +CVE-2007-3725 (The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows ...) + TODO: check +CVE-2007-3724 (The process scheduler in the Microsoft Windows XP kernel does not make ...) + TODO: check +CVE-2007-3723 (The process scheduler in the Sun Solaris kernel does not make use of ...) + TODO: check +CVE-2007-3722 (The 4BSD process scheduler in the FreeBSD kernel performs scheduling ...) + TODO: check +CVE-2007-3721 (The ULE process scheduler in the FreeBSD kernel gives preference to ...) + TODO: check +CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs scheduling ...) + TODO: check +CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to ...) + TODO: check +CVE-2007-3718 (Multiple unspecified vulnerabilities in the SVG parsing engine in ...) + TODO: check +CVE-2007-3717 (rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call ...) + TODO: check +CVE-2007-3716 (The Java XML Digital Signature implementation in Sun JDK and JRE 6 ...) + TODO: check +CVE-2007-3715 (Sun Java System Application Server and Web Server 7.0 through 9.0 ...) + TODO: check +CVE-2007-3714 (Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 ...) + TODO: check +CVE-2007-3713 (Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow ...) + TODO: check +CVE-2007-3712 (Multiple cross-site scripting (XSS) vulnerabilities in HiddenChest "is ...) + TODO: check +CVE-2007-3711 (Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x ...) + TODO: check +CVE-2007-3710 (PHP remote file inclusion vulnerability in ...) + TODO: check +CVE-2007-3709 (CRLF injection vulnerability in the redirect function in ...) + TODO: check +CVE-2007-3708 (Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before ...) + TODO: check +CVE-2007-3707 (Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 ...) + TODO: check +CVE-2007-3706 (The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 ...) + TODO: check +CVE-2007-3705 (SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to ...) + TODO: check +CVE-2007-3704 (Entertainment CMS allows remote attackers to bypass authentication and ...) + TODO: check +CVE-2007-3703 (Stack-based buffer overflow in a certain ActiveX control in sasatl.dll ...) + TODO: check +CVE-2007-3702 (Directory traversal vulnerability in the load function in ...) + TODO: check +CVE-2007-3701 (TippingPoint IPS before 20070710 does not properly handle a ...) + TODO: check +CVE-2007-3700 (Sun Java System Access Manager (formerly Java System Identity Server) ...) + TODO: check +CVE-2007-3699 + RESERVED +CVE-2007-3698 (The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 ...) + TODO: check +CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in ...) + TODO: check +CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model ...) + TODO: check +CVE-2007-3695 (Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly ...) + TODO: check +CVE-2007-3694 + RESERVED +CVE-2007-3693 (Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built ...) + TODO: check +CVE-2007-3692 (Directory traversal vulnerability in download.cgi in EZFactory KDDI ...) + TODO: check +CVE-2007-3691 (Multiple SQL injection vulnerabilities in changePW.php in AV Tutorial ...) + TODO: check +CVE-2007-3690 (The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal ...) + TODO: check +CVE-2007-3689 (The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal ...) + TODO: check +CVE-2007-3688 (Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear ...) + TODO: check +CVE-2007-3687 (SQL injection vulnerability in inferno.php in the Inferno Technologies ...) + TODO: check +CVE-2007-3686 (CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating ...) + TODO: check +CVE-2007-3685 (Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive ...) + TODO: check +CVE-2007-3684 (Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating ...) + TODO: check +CVE-2007-3683 (SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and ...) + TODO: check +CVE-2007-3682 (SQL injection vulnerability in index.php in OpenLD 1.2.2 and earlier ...) + TODO: check +CVE-2007-3681 (The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in ...) + TODO: check +CVE-2007-3680 (Stack-based buffer overflow in the odm_searchpath function in libodm ...) + TODO: check +CVE-2007-3679 + RESERVED +CVE-2007-3678 (Stack-based buffer overflow in the MSWord text-import extension (Word ...) + TODO: check +CVE-2007-3677 (Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow ...) + TODO: check CVE-2007-3676 RESERVED CVE-2007-3675 @@ -68,7 +238,7 @@ CVE-2007-3644 - libarchive <unfixed> (bug #432924; low) CVE-2007-3643 (admin/index.php in AV Arcade 2.1b grants administrative privileges ...) TODO: check -CVE-2007-3642 (The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c ...) +CVE-2007-3642 (The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c ...) TODO: check CVE-2007-3641 RESERVED @@ -342,8 +512,8 @@ CVE-2007-3511 (The focus handling for the onkeydown event in Mozilla Firefox 1.5 TODO: check CVE-2007-3510 RESERVED -CVE-2007-3509 - RESERVED +CVE-2007-3509 (Heap-based buffer overflow in the RPC subsystem in Symantec Backup ...) + TODO: check CVE-2007-3508 (** DISPUTED ** ...) - glibc 2.6-2 (unimportant; bug #431858) NOTE: Not security-relevant @@ -355,7 +525,7 @@ CVE-2007-3506 (The ft_bitmap_assure_buffer function in src/base/ftbimap.c in Fre [etch] - freetype <not-affected> (Vulnerable code introduced in 2.3.x) CVE-2007-3505 (Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 ...) NOT-FOR-US: QuickTalk forum -CVE-2007-3504 (Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java ...) +CVE-2007-3504 (Directory traversal vulnerability in the PersistenceService in Sun ...) - sun-java5 <not-affected> NOTE: Sun Alert ID 102957 says issue is Windows only CVE-2007-3503 (The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML ...) @@ -462,10 +632,10 @@ CVE-2007-3459 (A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech Avax NOT-FOR-US: Civitech Avax Vector CVE-2007-3458 (The libsldap library in Sun Solaris 8, 9, and 10 allows local users to ...) NOT-FOR-US: Sun Solaris libsldap -CVE-2007-3457 - RESERVED -CVE-2007-3456 - RESERVED +CVE-2007-3457 (Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP ...) + TODO: check +CVE-2007-3456 (Unspecified vulnerability in Adobe Flash Player 9.0.45.0 and earlier ...) + TODO: check CVE-2007-3455 (cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan ...) NOT-FOR-US: Trend Micro OfficeScan Corporate Edition CVE-2007-3454 (Buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro ...) @@ -4247,7 +4417,7 @@ CVE-2007-1756 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Of TODO: check CVE-2007-1755 RESERVED -CVE-2007-1754 (Microsoft Office Publisher 2007 does not properly clear memory when ...) +CVE-2007-1754 (PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear ...) TODO: check CVE-2007-1753 RESERVED |