[Secure-testing-commits] r2994 - data/CVE
Joey Hess
joeyh at costa.debian.org
Sat Dec 10 09:14:23 UTC 2005
Author: joeyh
Date: 2005-12-10 09:14:18 +0000 (Sat, 10 Dec 2005)
New Revision: 2994
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-09 21:14:22 UTC (rev 2993)
+++ data/CVE/list 2005-12-10 09:14:18 UTC (rev 2994)
@@ -1,3 +1,98 @@
+CVE-2005-4141 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...)
+ TODO: check
+CVE-2005-4140 (SQL injection vulnerability in admin/login/index.php in Website Baker ...)
+ TODO: check
+CVE-2005-4139 (Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 ...)
+ TODO: check
+CVE-2005-4138 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard before ...)
+ TODO: check
+CVE-2005-4137 (SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows ...)
+ TODO: check
+CVE-2005-4136 (Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 ...)
+ TODO: check
+CVE-2005-4135 (Direct static code injection vulnerability in includes/newtopic.php in ...)
+ TODO: check
+CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon up to 0.9 ...)
+ TODO: check
+CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web ...)
+ TODO: check
+CVE-2005-4132 (Unspecified "security leak" vulnerability in Contenido before 4.6.4, ...)
+ TODO: check
+CVE-2005-4131 (** UNVERIFIABLE, PRERELEASE ** ...)
+ TODO: check
+CVE-2005-4130 (** UNVERIFIABLE, PRERELEASE ** ...)
+ TODO: check
+CVE-2005-4129
+ REJECTED
+ TODO: check
+CVE-2005-4128 (** UNVERIFIABLE, PRERELEASE ** ...)
+ TODO: check
+CVE-2005-4127 (** UNVERIFIABLE, PRERELEASE ** ...)
+ TODO: check
+CVE-2005-4126 (** UNVERIFIABLE, PRERELEASE ** ...)
+ TODO: check
+CVE-2005-4125
+ RESERVED
+CVE-2005-4124
+ RESERVED
+CVE-2005-4123
+ RESERVED
+CVE-2005-4122
+ RESERVED
+CVE-2005-4121
+ RESERVED
+CVE-2005-4120
+ RESERVED
+CVE-2005-4119
+ RESERVED
+CVE-2005-4118
+ RESERVED
+CVE-2005-4117
+ RESERVED
+CVE-2005-4116
+ RESERVED
+CVE-2005-4115
+ RESERVED
+CVE-2005-4114
+ RESERVED
+CVE-2005-4113
+ RESERVED
+CVE-2005-4112
+ RESERVED
+CVE-2005-4111
+ RESERVED
+CVE-2005-4110
+ RESERVED
+CVE-2005-4109
+ RESERVED
+CVE-2005-4108
+ RESERVED
+CVE-2005-4107
+ RESERVED
+CVE-2005-4106
+ RESERVED
+CVE-2005-4105
+ RESERVED
+CVE-2005-4104
+ RESERVED
+CVE-2005-4103
+ RESERVED
+CVE-2005-4102
+ RESERVED
+CVE-2005-4101
+ RESERVED
+CVE-2005-4100
+ RESERVED
+CVE-2005-4099
+ RESERVED
+CVE-2005-4098
+ RESERVED
+CVE-2005-4097
+ RESERVED
+CVE-2005-4096
+ RESERVED
+CVE-2004-2650 (Spooler in Apache Foundation James 2.2.0 allows local users to cause a ...)
+ TODO: check
CVE-2005-4095 (Directory traversal vulnerability in connector.php in the ...)
NOT-FOR-US: DoceboLMS
CVE-2005-4094 (connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows ...)
@@ -4,7 +99,7 @@
NOT-FOR-US: DoceboLMS
CVE-2005-4093 (Unspecified vulnerability in Check Point VPN-1 SecureClient NG with ...)
NOT-FOR-US: Check Point
-CVE-2005-4092 (Heap-based buffer overflow in Apple QuickTime Player 7.0.3 and iTunes ...)
+CVE-2005-4092 (** UNVERIFIABLE, PRERELEASE ** ...)
NOT-FOR-US: Apple QuickTime
CVE-2005-4091 (Cross-site scripting (XSS) vulnerability in 1search.cgi in 1-Script ...)
NOT-FOR-US: 1-Script 1-Search
@@ -825,7 +920,7 @@
- phpgroupware 0.9.14.007
CVE-2005-3848 (Memory leak in the icmp_push_reply function in Linux 2.6 before ...)
[sarge] - kernel-source-2.6.8 2.6.8-16sarge2
-CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel before ...)
+CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up ...)
[sarge] - kernel-source-2.6.8 2.6.8-16sarge2
CVE-2005-3849 (Cross-site scripting (XSS) vulnerability in the Search module in ...)
- pmwiki <itp> (bug #330117)
@@ -1403,7 +1498,7 @@
NOT-FOR-US: ATutor
CVE-2005-3562 (Direct code injection vulnerability in ATutor 1.5.1 allows remote ...)
NOT-FOR-US: ATutor
-CVE-2005-3561 (SQL injection vulnerability in password_reminder.php in ATutor before ...)
+CVE-2005-3561 ( ...)
NOT-FOR-US: ATutor
CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite ...)
NOT-FOR-US: Zone Labs
@@ -6193,9 +6288,9 @@
NOT-FOR-US: MailEnable
CVE-2005-2222 (Unknown vulnerability in the HTTPMail service in MailEnable Professional ...)
NOT-FOR-US: MailEnable
-CVE-2005-2221 (** DISPUTED ** Multiple SQL injection vulnerabilities in Dragonfly ...)
+CVE-2005-2221 (** DISPUTED ** ...)
NOT-FOR-US: Dragonfly
-CVE-2005-2220 (** DISPUTED ** Dragonfly Commerce allows remote attackers to change a ...)
+CVE-2005-2220 (** DISPUTED ** ...)
NOT-FOR-US: Dragonfly
CVE-2005-2219 (Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to ...)
NOT-FOR-US: Hosting Controller
@@ -10803,7 +10898,7 @@
NOT-FOR-US: SurgeFTP
CVE-2005-1033 (CubeCart 2.0.6 allows remote attackers to obtain sensitive information ...)
NOT-FOR-US: CubeCart
-CVE-2005-1032 (** DISPUTED ** NOTE: the vendor has disputed this issue. SQL ...)
+CVE-2005-1032 (** DISPUTED ** ...)
NOT-FOR-US: LiteCommerce
CVE-2005-1031 (RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), ...)
NOT-FOR-US: exoops
More information about the Secure-testing-commits
mailing list