Add missing .adv files for DTSA 54 and 55

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@6477 e39458fd-73e7-0310-bf30-c45bca0a0e42

2 files changed, 43 insertions, 0 deletions

diff --git a/data/DTSA/advs/54-poppler.adv b/data/DTSA/advs/54-poppler.adv
new file mode 100644
index 0000000000..77d750c10d
--- /dev/null
+++ b/data/DTSA/advs/54-poppler.adv
@@ -0,0 +1,21 @@
+source: poppler
+date:  August 22nd , 2007
+author: Steffen Joeris
+vuln-type: integer overflow
+problem-scope: local (remote)
+debian-specifc: no
+cve: CVE-2007-3387
+vendor-advisory: 
+testing-fix: 0.5.4-6lenny1
+sid-fix: 0.5.4-6.1
+upgrade: apt-get upgrade
+
+It was discovered that an integer overflow in the xpdf PDF viewer may lead
+to the execution of arbitrary code if a malformed PDF file is opened.
+
+CVE-2007-3387
+
+Integer overflow in the StreamPredictor::StreamPredictor function in gpdf 
+before 2.8.2, as used in (1) poppler, (2) xpdf, (3) kpdf, (4) kdegraphics,
+(5) CUPS, and other products, might allow remote attackers to execute 
+arbitrary code via a crafted PDF file.
diff --git a/data/DTSA/advs/55-centerim.adv b/data/DTSA/advs/55-centerim.adv
new file mode 100644
index 0000000000..1fb37cbc8b
--- /dev/null
+++ b/data/DTSA/advs/55-centerim.adv
@@ -0,0 +1,22 @@
+source: centerim
+date: September 1st , 2007
+author: Steffen Joeris
+vuln-type: buffer overflows
+problem-scope: remote
+debian-specifc: no
+cve: CVE-2007-3713
+vendor-advisory: 
+testing-fix: 4.22.1-2lenny1
+sid-fix: 4.22.1-2.1
+upgrade: apt-get upgrade
+
+It was discovered that there are multiple buffer overflows, which could lead 
+to the execution of arbitrary code.
+
+CVE-2007-3713
+
+Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow
+remote attackers to execute arbitrary code via unspecified vectors.
+NOTE: the provenance of this information is unknown; the details are 
+obtained solely from third party information. NOTE: this might overlap
+CVE-2007-0160.