diff options
author | Joey Hess <joeyh@debian.org> | 2007-01-09 20:14:21 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2007-01-09 20:14:21 +0000 |
commit | f369bafb7dcf971bf74ddfb0b6a2286708db7b77 (patch) | |
tree | 39dd45ada8da80c1a2421358e71b44b8072d384b /data | |
parent | 8ea71d406f36e26b5c2dc699a023fda6c044b98d (diff) |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5228 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/1999.list | 2 | ||||
-rw-r--r-- | data/CVE/2003.list | 4 | ||||
-rw-r--r-- | data/CVE/2004.list | 4 | ||||
-rw-r--r-- | data/CVE/2006.list | 134 | ||||
-rw-r--r-- | data/CVE/2007.list | 180 |
5 files changed, 305 insertions, 19 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list index ff10da4a1d..98b5794b7d 100644 --- a/data/CVE/1999.list +++ b/data/CVE/1999.list @@ -2081,7 +2081,7 @@ CVE-1999-1304 (Vulnerability in login in SCO UNIX 4.2 and earlier allows local u NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1303 (Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker -CVE-1999-1302 (Vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local ...) +CVE-1999-1302 (Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1300 (Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker diff --git a/data/CVE/2003.list b/data/CVE/2003.list index c6225415fd..022ff04b3f 100644 --- a/data/CVE/2003.list +++ b/data/CVE/2003.list @@ -1,3 +1,7 @@ +CVE-2003-1317 (Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 ...) + TODO: check +CVE-2003-1316 (mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive ...) + TODO: check CVE-2003-1315 (SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 ...) NOT-FOR-US: Land Down Under (LDU) CVE-2003-1314 (PHP remote file inclusion vulnerability in admin/auth.php in ...) diff --git a/data/CVE/2004.list b/data/CVE/2004.list index aeeb93e710..16f5a26fac 100644 --- a/data/CVE/2004.list +++ b/data/CVE/2004.list @@ -1,3 +1,7 @@ +CVE-2004-2671 (mod.php in eNdonesia 8.3 allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2004-2670 (Multiple cross-site scripting (XSS) vulnerabilities in mod.php in ...) + TODO: check CVE-2004-2669 (Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 ...) NOT-FOR-US: Land Down Under CVE-2004-2668 (SQL injection vulnerability in Interchange before 4.8.9 allows remote ...) diff --git a/data/CVE/2006.list b/data/CVE/2006.list index 1870e65a09..a3e3f63429 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -1,6 +1,108 @@ +CVE-2006-6910 (formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO ...) + TODO: check +CVE-2006-6909 (Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka ...) + TODO: check +CVE-2006-6908 (Buffer overflow in the Bluetooth Stack COM Server in the Widcomm ...) + TODO: check +CVE-2006-6907 (Unspecified vulnerability in the Bluesoil Bluetooth stack has unknown ...) + TODO: check +CVE-2006-6906 (Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and ...) + TODO: check +CVE-2006-6905 (Unspecified vulnerability in the Widcomm Bluetooth stack allows remote ...) + TODO: check +CVE-2006-6904 (Unspecified vulnerability in the Broadcom Bluetooth stack allows ...) + TODO: check +CVE-2006-6903 (Unspecified vulnerability in the Toshiba Bluetooth stack allows remote ...) + TODO: check +CVE-2006-6902 (Unspecified vulnerability in the Bluetooth stack in Microsoft Windows ...) + TODO: check +CVE-2006-6901 (Unspecified vulnerability in the Bluetooth stack in Microsoft Windows ...) + TODO: check +CVE-2006-6900 (Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 ...) + TODO: check +CVE-2006-6899 (hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to ...) + TODO: check +CVE-2006-6898 (Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote ...) + TODO: check +CVE-2006-6897 (Directory traversal vulnerability in Widcomm Bluetooth for Windows ...) + TODO: check +CVE-2006-6896 (The Bluetooth stack in the Plantronic Headset does not properly ...) + TODO: check +CVE-2006-6895 (The Bluetooth stack in the Sony Ericsson T60 does not properly ...) + TODO: check +CVE-2006-6894 (Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown ...) + TODO: check +CVE-2006-6893 (Tor allows remote attackers to discover the IP address of a hidden ...) + TODO: check +CVE-2006-6892 (Cross-site scripting (XSS) vulnerability in the GetLocation function ...) + TODO: check +CVE-2006-6891 (Vz (Adp) Forum 2.0.3 stores sensitive information under the web root ...) + TODO: check +CVE-2006-6890 (Voodoo chat 1.0RC1b stores sensitive information under the web root ...) + TODO: check +CVE-2006-6889 (FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information ...) + TODO: check +CVE-2006-6888 (P-News 1.16 and 1.17 store sensitive information under the web root ...) + TODO: check +CVE-2006-6887 (Unrestricted file upload vulnerability in logahead UNU 1.0 allows ...) + TODO: check +CVE-2006-6886 (phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2006-6885 (An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows ...) + TODO: check +CVE-2006-6884 (Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka ...) + TODO: check +CVE-2006-6883 (** DISPUTED ** PHP remote file inclusion vulnerability in php4you.php ...) + TODO: check +CVE-2006-6882 (Cross-site scripting (XSS) vulnerability in golden book allows remote ...) + TODO: check +CVE-2006-6881 (Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux ...) + TODO: check +CVE-2006-6880 (Multiple SQL injection vulnerabilities in code/guestadd.php in ...) + TODO: check +CVE-2006-6879 (Unrestricted file upload vulnerability in admin/uploads.php in ...) + TODO: check +CVE-2006-6878 (admin/uploads.php in PHP-Update 2.7 and earlier allows remote ...) + TODO: check +CVE-2006-6877 (Directory traversal vulnerability in index.php in Matteo Lucarelli ...) + TODO: check +CVE-2006-6876 (The fetchsms function in the SMS handling module (libsms_getsms.c) in ...) + TODO: check +CVE-2006-6875 (Buffer overflow in the validateospheader function in the Open ...) + TODO: check +CVE-2006-6874 (Multiple cross-site scripting (XSS) vulnerabilities in friend.php in ...) + TODO: check +CVE-2006-6873 (Multiple SQL injection vulnerabilities in mod.php in eNdonesia 8.4 ...) + TODO: check +CVE-2006-6872 (Directory traversal vulnerability in mod.php in eNdonesia 8.4 allows ...) + TODO: check +CVE-2006-6871 (Multiple cross-site scripting (XSS) vulnerabilities in eNdonesia 8.4 ...) + TODO: check +CVE-2006-6869 (Directory traversal vulnerability in ...) + TODO: check +CVE-2006-6868 (Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web ...) + TODO: check +CVE-2006-6867 (Multiple PHP remote file inclusion vulnerabilities in Vladimir ...) + TODO: check +CVE-2006-6866 (STphp EasyNews PRO 4.0 stores sensitive information under the web root ...) + TODO: check +CVE-2006-6865 (Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp ...) + TODO: check +CVE-2006-6864 (PHP remote file inclusion vulnerability in E2_header.inc.php in ...) + TODO: check +CVE-2006-6863 (** DISPUTED ** ...) + TODO: check +CVE-2006-6862 (Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky ...) + TODO: check +CVE-2006-6861 (Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 ...) + TODO: check +CVE-2006-6860 (Buffer overflow in the sendToMythTV function in MythControlServer.c in ...) + TODO: check +CVE-2006-6859 (SQL injection vulnerability in coupon_detail.asp in Website Designs ...) + TODO: check CVE-2006-XXXX [ssmtp password leak] - ssmtp 2.61-10.1 (bug #369542; low) -CVE-2006-6870 [avahi DoS] +CVE-2006-6870 (The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 ...) - avahi 0.6.16-1 CVE-2006-6858 (Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo ...) - miredo 1.0.4-2 (bug #405412; bug #405111) @@ -26,7 +128,7 @@ CVE-2006-6848 (SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows NOT-FOR-US: ASPTicker CVE-2006-6847 (An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 ...) NOT-FOR-US: RealPlayer for Windows -CVE-2006-6846 (Multiple SQL injection vulnerabilities in WYWO - InOut Board 1.0 allow ...) +CVE-2006-6846 (Multiple SQL injection vulnerabilities in While You Were Out (WYWO) ...) NOT-FOR-US: WYWO - InOut Board CVE-2006-6845 (Cross-site scripting (XSS) vulnerability in index.php in CMS Made ...) NOT-FOR-US: CMS Made Simple @@ -275,7 +377,7 @@ CVE-2006-6723 (The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 NOT-FOR-US: Microsoft CVE-2006-6722 (Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers ...) NOT-FOR-US: Bandwebsite (aka Bandsite portal system) -CVE-2006-6721 (Cross-site scripting (XSS) vulnerability in shout.php in Knusperleicht ...) +CVE-2006-6721 (Multiple cross-site scripting (XSS) vulnerabilities in shout.php in ...) NOT-FOR-US: Knusperleicht ShoutBox CVE-2006-6720 (PHP remote file inclusion vulnerability in admin/index_sitios.php in ...) NOT-FOR-US: Azucar CMS @@ -1172,8 +1274,8 @@ CVE-2006-6338 (Unrestricted file upload vulnerability in upload/index.php in deV NOT-FOR-US: deV!L`z Clanportal CVE-2006-6337 (Multiple SQL injection vulnerabilities in giris.asp in Aspee and ...) NOT-FOR-US: Aspee Ziyaretci Defteri -CVE-2006-6336 - RESERVED +CVE-2006-6336 (Heap-based buffer overflow in the Mail Management Server (MAILMA.exe) ...) + TODO: check CVE-2006-6335 (Multiple buffer overflows in Sophos Anti-Virus scanning engine before ...) NOT-FOR-US: Sophos Anti-Virus CVE-2006-6334 (Heap-based buffer overflow in the SendChannelData function in wfica.ocx in ...) @@ -1211,7 +1313,7 @@ CVE-2006-6320 RESERVED CVE-2006-6319 RESERVED -CVE-2006-6318 (elogd in elog 2.6.2 and earlier allows remote authenticated users to cause a ...) +CVE-2006-6318 (The show_elog_list function in elogd.c in elog 2.6.2 and earlier ...) {DSA-1242-1} CVE-2006-6317 RESERVED @@ -1948,8 +2050,7 @@ CVE-2006-5976 (Multiple SQL injection vulnerabilities in admin_login.asp in Blog NOT-FOR-US: BlogMe CVE-2006-5975 (Multiple cross-site scripting (XSS) vulnerabilities in comments.asp in ...) NOT-FOR-US: BlogMe -CVE-2006-5974 [fetchmail DoS] - RESERVED +CVE-2006-5974 (fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message ...) - fetchmail 6.3.6~rc3-1 CVE-2006-5973 (Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and ...) - dovecot 1.0.rc15-1 @@ -2179,8 +2280,7 @@ CVE-2006-5869 (pstotext before 1.9 allows user-assisted attackers to execute ... CVE-2006-5868 (Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 ...) {DSA-1213} - imagemagick 7:6.2.4.5.dfsg1-0.11 -CVE-2006-5867 [fetchmail cannot enforce TLS] - RESERVED +CVE-2006-5867 (fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit ...) - fetchmail 6.3.6~rc5-1 CVE-2006-5866 (Directory traversal vulnerability in Mdoc/view-sourcecode.php for ...) NOT-FOR-US: phpManta @@ -2416,8 +2516,8 @@ CVE-2006-5757 (Race condition in the __find_get_block_slow function in the ISO96 - linux-2.6 <unfixed> (low) CVE-2006-5756 RESERVED -CVE-2006-5755 - RESERVED +CVE-2006-5755 (Linux kernel before 2.6.18, when running on x86_64 systems, does not ...) + TODO: check CVE-2006-5754 RESERVED CVE-2006-5753 @@ -5088,7 +5188,7 @@ CVE-2006-4539 ((1) includes/widgets/module_company_tickets.php and (2) ...) CVE-2006-4538 (Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC ...) {DSA-1237 DSA-1233} - linux-2.6 2.6.17-9 -CVE-2006-4537 (NET$SESSION_CONTROL.EXE before 20060825 in DECnet-Plus in OpenVMS ...) +CVE-2006-4537 (NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and ...) NOT-FOR-US: OpenVMS CVE-2006-4536 (SQL injection vulnerability in module/rejestracja.php in CMS Frogss ...) NOT-FOR-US: CMS Frogss @@ -6073,10 +6173,10 @@ CVE-2006-4100 RESERVED CVE-2006-4099 (Business Objects Crystal Enterprise 9 and 10 generates predictable ...) NOT-FOR-US: Business Objects -CVE-2006-4098 - RESERVED -CVE-2006-4097 - RESERVED +CVE-2006-4098 (Stack-based buffer overflow in the CSRadius service in Cisco Secure Access ...) + TODO: check +CVE-2006-4097 (Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure ...) + TODO: check CVE-2006-4096 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to ...) {DSA-1172-1} - bind <not-affected> (Not vulnerable according to CERT advisory) diff --git a/data/CVE/2007.list b/data/CVE/2007.list index 21f580736d..dd227942be 100644 --- a/data/CVE/2007.list +++ b/data/CVE/2007.list @@ -1,3 +1,181 @@ +CVE-2007-0139 (Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in ...) + TODO: check +CVE-2007-0138 (formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO ...) + TODO: check +CVE-2007-0137 (Cross-site scripting (XSS) vulnerability in SimpleBoxes/SerendipityNZ ...) + TODO: check +CVE-2007-0136 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal before ...) + TODO: check +CVE-2007-0135 (PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix ...) + TODO: check +CVE-2007-0134 (Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow ...) + TODO: check +CVE-2007-0133 (Multiple SQL injection vulnerabilities in display_review.php in ...) + TODO: check +CVE-2007-0132 (SQL injection vulnerability in compare_product.php in iGeneric iG Shop ...) + TODO: check +CVE-2007-0131 (JAMWiki before 0.5.0 does not properly check permissions during moves ...) + TODO: check +CVE-2007-0130 (SQL injection vulnerability in user.php in iGeneric iG Calendar 1.0 ...) + TODO: check +CVE-2007-0129 (SQL injection vulnerability in main.asp in LocazoList 2.01a beta5 and ...) + TODO: check +CVE-2007-0128 (SQL injection vulnerability in info_book.asp in Digirez 3.4 and ...) + TODO: check +CVE-2007-0127 (The Javascript SVG support in Opera before 9.10 does not properly ...) + TODO: check +CVE-2007-0126 (Heap-based buffer overflow in Opera 9.02 allows remote attackers to ...) + TODO: check +CVE-2007-0125 (Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux ...) + TODO: check +CVE-2007-0124 (Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before ...) + TODO: check +CVE-2007-0123 (Unrestricted file upload vulnerability in Uber Uploader 4.2 allows ...) + TODO: check +CVE-2007-0122 (Multiple SQL injection vulnerabilities in Coppermine Photo Gallery ...) + TODO: check +CVE-2007-0121 (Cross-site scripting (XSS) vulnerability in search.asp in RI Blog 1.3 ...) + TODO: check +CVE-2007-0120 (Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and ...) + TODO: check +CVE-2007-0119 (Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 ...) + TODO: check +CVE-2007-0118 (Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow ...) + TODO: check +CVE-2007-0117 (DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X ...) + TODO: check +CVE-2007-0116 (Digger Solutions Intranet Open Source (IOS) stores sensitive ...) + TODO: check +CVE-2007-0115 (Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 ...) + TODO: check +CVE-2007-0114 (Sun Java System Content Delivery Server 5.0 and 5.0 PU1 allows remote ...) + TODO: check +CVE-2007-0113 (Buffer overflow in Packeteer PacketShaper PacketWise 8.x allows remote ...) + TODO: check +CVE-2007-0112 (SQL injection vulnerability in cats.asp in createauction allows remote ...) + TODO: check +CVE-2007-0111 (Buffer overflow in Resco Photo Viewer for PocketPC 4.11 and 6.01, as ...) + TODO: check +CVE-2007-0110 (Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell ...) + TODO: check +CVE-2007-0109 (wp-login.php in WordPress 2.0.5 and earlier displays different error ...) + TODO: check +CVE-2007-0108 (nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not ...) + TODO: check +CVE-2007-0107 (WordPress before 2.0.6, when mbstring is enabled for PHP, decodes ...) + TODO: check +CVE-2007-0106 (Cross-site scripting (XSS) vulnerability in the CSRF protection scheme ...) + TODO: check +CVE-2007-0105 (Stack-based buffer overflow in the CSAdmin service in Cisco Secure ...) + TODO: check +CVE-2007-0104 (The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, ...) + TODO: check +CVE-2007-0103 (The Adobe PDF specification 1.3, as implemented by Adobe Acrobat ...) + TODO: check +CVE-2007-0102 (The Adobe PDF specification 1.3, as implemented by Apple Mac OS X ...) + TODO: check +CVE-2007-0101 (Cross-site request forgery (CSRF) vulnerability in SPINE allows remote ...) + TODO: check +CVE-2007-0100 (The Perforce client does not restrict the set of files that it ...) + TODO: check +CVE-2007-0099 (Race condition in the msxml3 module in Microsoft Internet Explorer 6 ...) + TODO: check +CVE-2007-0098 (Directory traversal vulnerability in language.php in VerliAdmin 0.3 ...) + TODO: check +CVE-2007-0097 (Multiple stack-based buffer overflows in the (1) LoadTree and (2) ...) + TODO: check +CVE-2007-0096 (CarbonCommunities stores sensitive information under the web root with ...) + TODO: check +CVE-2007-0095 (phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2007-0094 (Sven Moderow GuestBook 0.3a stores sensitive information under the web ...) + TODO: check +CVE-2007-0093 (SQL injection vulnerability in page.php in Simple Web Content ...) + TODO: check +CVE-2007-0092 (SQL injection vulnerability in productdetail.asp in E-SMARTCART 1.0 ...) + TODO: check +CVE-2007-0091 (newsCMSlite stores sensitive information under the web root with ...) + TODO: check +CVE-2007-0090 (WineGlass stores sensitive information under the web root with ...) + TODO: check +CVE-2007-0089 (jgbbs stores sensitive information under the web root with ...) + TODO: check +CVE-2007-0088 (Multiple directory traversal vulnerabilities in openmedia allow remote ...) + TODO: check +CVE-2007-0087 (** DISPUTED ** ...) + TODO: check +CVE-2007-0086 (** DISPUTED ** ...) + TODO: check +CVE-2007-0085 (Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics ...) + TODO: check +CVE-2007-0084 (** DISPUTED ** ...) + TODO: check +CVE-2007-0083 (Cross-site scripting (XSS) vulnerability in Nuked Klan 1.7 and earlier ...) + TODO: check +CVE-2007-0082 (users_adm/start1.php in IMGallery 2.5 and earlier does not properly ...) + TODO: check +CVE-2007-0081 (Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and ...) + TODO: check +CVE-2007-0080 (Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 ...) + TODO: check +CVE-2007-0079 (rblog stores sensitive information under the web root with ...) + TODO: check +CVE-2007-0078 (BattleBlog stores sensitive information under the web root with ...) + TODO: check +CVE-2007-0077 (lblog stores sensitive information under the web root with ...) + TODO: check +CVE-2007-0076 (Openforum stores sensitive information under the web root with ...) + TODO: check +CVE-2007-0075 (AspBB stores sensitive information under the web root with ...) + TODO: check +CVE-2007-0074 + RESERVED +CVE-2007-0073 + RESERVED +CVE-2007-0072 + RESERVED +CVE-2007-0071 + RESERVED +CVE-2007-0070 + RESERVED +CVE-2007-0069 + RESERVED +CVE-2007-0068 + RESERVED +CVE-2007-0067 + RESERVED +CVE-2007-0066 + RESERVED +CVE-2007-0065 + RESERVED +CVE-2007-0064 + RESERVED +CVE-2007-0063 + RESERVED +CVE-2007-0062 + RESERVED +CVE-2007-0061 + RESERVED +CVE-2007-0060 + RESERVED +CVE-2007-0059 (Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 ...) + TODO: check +CVE-2007-0058 (Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 ...) + TODO: check +CVE-2007-0057 (Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through ...) + TODO: check +CVE-2007-0056 (Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe ...) + TODO: check +CVE-2007-0055 (Directory traversal vulnerability in formbankcgi.exe/AbfrageForm in ...) + TODO: check +CVE-2007-0054 (Cross-site scripting (XSS) vulnerability in gbrowse.php in Belchior ...) + TODO: check +CVE-2007-0053 (SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer ...) + TODO: check +CVE-2007-0052 (SQL injection vulnerability in haberdetay.asp in Vizayn Haber allows ...) + TODO: check +CVE-2007-0051 (Format string vulnerability in Apple iPhoto 6.0.5 (316), and possibly ...) + TODO: check CVE-2007-XXXX [CenterICQ buffer overflow] - centericq 4.21.0-17 NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051663.html @@ -79,7 +257,7 @@ CVE-2007-0019 RESERVED CVE-2007-0018 RESERVED -CVE-2007-0017 (Format string vulnerability in VideoLAN VLC 0.8.6 allows user-assisted ...) +CVE-2007-0017 (Multiple format string vulnerabilities in (1) the cdio_log_handler ...) - vlc 0.8.6-svn20061012.debian-1.2 (bug #405425; medium) CVE-2007-0016 (Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers ...) NOT-FOR-US: MoviePlay |