[Secure-testing-commits] r2994 - data/CVE

Joey Hess joeyh at costa.debian.org
Sat Dec 10 09:14:23 UTC 2005


Author: joeyh
Date: 2005-12-10 09:14:18 +0000 (Sat, 10 Dec 2005)
New Revision: 2994

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-12-09 21:14:22 UTC (rev 2993)
+++ data/CVE/list	2005-12-10 09:14:18 UTC (rev 2994)
@@ -1,3 +1,98 @@
+CVE-2005-4141 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...)
+	TODO: check
+CVE-2005-4140 (SQL injection vulnerability in admin/login/index.php in Website Baker ...)
+	TODO: check
+CVE-2005-4139 (Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 ...)
+	TODO: check
+CVE-2005-4138 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard before ...)
+	TODO: check
+CVE-2005-4137 (SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows ...)
+	TODO: check
+CVE-2005-4136 (Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 ...)
+	TODO: check
+CVE-2005-4135 (Direct static code injection vulnerability in includes/newtopic.php in ...)
+	TODO: check
+CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon up to 0.9 ...)
+	TODO: check
+CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web ...)
+	TODO: check
+CVE-2005-4132 (Unspecified "security leak" vulnerability in Contenido before 4.6.4, ...)
+	TODO: check
+CVE-2005-4131 (** UNVERIFIABLE, PRERELEASE ** ...)
+	TODO: check
+CVE-2005-4130 (** UNVERIFIABLE, PRERELEASE ** ...)
+	TODO: check
+CVE-2005-4129
+	REJECTED
+	TODO: check
+CVE-2005-4128 (** UNVERIFIABLE, PRERELEASE ** ...)
+	TODO: check
+CVE-2005-4127 (** UNVERIFIABLE, PRERELEASE ** ...)
+	TODO: check
+CVE-2005-4126 (** UNVERIFIABLE, PRERELEASE ** ...)
+	TODO: check
+CVE-2005-4125
+	RESERVED
+CVE-2005-4124
+	RESERVED
+CVE-2005-4123
+	RESERVED
+CVE-2005-4122
+	RESERVED
+CVE-2005-4121
+	RESERVED
+CVE-2005-4120
+	RESERVED
+CVE-2005-4119
+	RESERVED
+CVE-2005-4118
+	RESERVED
+CVE-2005-4117
+	RESERVED
+CVE-2005-4116
+	RESERVED
+CVE-2005-4115
+	RESERVED
+CVE-2005-4114
+	RESERVED
+CVE-2005-4113
+	RESERVED
+CVE-2005-4112
+	RESERVED
+CVE-2005-4111
+	RESERVED
+CVE-2005-4110
+	RESERVED
+CVE-2005-4109
+	RESERVED
+CVE-2005-4108
+	RESERVED
+CVE-2005-4107
+	RESERVED
+CVE-2005-4106
+	RESERVED
+CVE-2005-4105
+	RESERVED
+CVE-2005-4104
+	RESERVED
+CVE-2005-4103
+	RESERVED
+CVE-2005-4102
+	RESERVED
+CVE-2005-4101
+	RESERVED
+CVE-2005-4100
+	RESERVED
+CVE-2005-4099
+	RESERVED
+CVE-2005-4098
+	RESERVED
+CVE-2005-4097
+	RESERVED
+CVE-2005-4096
+	RESERVED
+CVE-2004-2650 (Spooler in Apache Foundation James 2.2.0 allows local users to cause a ...)
+	TODO: check
 CVE-2005-4095 (Directory traversal vulnerability in connector.php in the ...)
 	NOT-FOR-US: DoceboLMS
 CVE-2005-4094 (connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows ...)
@@ -4,7 +99,7 @@
 	NOT-FOR-US: DoceboLMS
 CVE-2005-4093 (Unspecified vulnerability in Check Point VPN-1 SecureClient NG with ...)
 	NOT-FOR-US: Check Point
-CVE-2005-4092 (Heap-based buffer overflow in Apple QuickTime Player 7.0.3 and iTunes ...)
+CVE-2005-4092 (** UNVERIFIABLE, PRERELEASE ** ...)
 	NOT-FOR-US: Apple QuickTime
 CVE-2005-4091 (Cross-site scripting (XSS) vulnerability in 1search.cgi in 1-Script ...)
 	NOT-FOR-US: 1-Script 1-Search
@@ -825,7 +920,7 @@
 	- phpgroupware 0.9.14.007
 CVE-2005-3848 (Memory leak in the icmp_push_reply function in Linux 2.6 before ...)
 	[sarge] - kernel-source-2.6.8 2.6.8-16sarge2
-CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel before ...)
+CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up ...)
 	[sarge] - kernel-source-2.6.8 2.6.8-16sarge2 
 CVE-2005-3849 (Cross-site scripting (XSS) vulnerability in the Search module in ...)
 	- pmwiki <itp> (bug #330117)
@@ -1403,7 +1498,7 @@
 	NOT-FOR-US: ATutor 
 CVE-2005-3562 (Direct code injection vulnerability in ATutor 1.5.1 allows remote ...)
 	NOT-FOR-US: ATutor 
-CVE-2005-3561 (SQL injection vulnerability in password_reminder.php in ATutor before ...)
+CVE-2005-3561 ( ...)
 	NOT-FOR-US: ATutor 
 CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite ...)
 	NOT-FOR-US: Zone Labs
@@ -6193,9 +6288,9 @@
 	NOT-FOR-US: MailEnable
 CVE-2005-2222 (Unknown vulnerability in the HTTPMail service in MailEnable Professional ...)
 	NOT-FOR-US: MailEnable
-CVE-2005-2221 (** DISPUTED ** Multiple SQL injection vulnerabilities in Dragonfly ...)
+CVE-2005-2221 (** DISPUTED ** ...)
 	NOT-FOR-US: Dragonfly
-CVE-2005-2220 (** DISPUTED ** Dragonfly Commerce allows remote attackers to change a ...)
+CVE-2005-2220 (** DISPUTED ** ...)
 	NOT-FOR-US: Dragonfly
 CVE-2005-2219 (Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to ...)
 	NOT-FOR-US: Hosting Controller
@@ -10803,7 +10898,7 @@
 	NOT-FOR-US: SurgeFTP
 CVE-2005-1033 (CubeCart 2.0.6 allows remote attackers to obtain sensitive information ...)
 	NOT-FOR-US: CubeCart
-CVE-2005-1032 (** DISPUTED ** NOTE: the vendor has disputed this issue.  SQL ...)
+CVE-2005-1032 (** DISPUTED ** ...)
 	NOT-FOR-US: LiteCommerce
 CVE-2005-1031 (RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), ...)
 	NOT-FOR-US: exoops




More information about the Secure-testing-commits mailing list