[Secure-testing-commits] r3745 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Tue Apr 4 14:59:02 UTC 2006
Author: jmm-guest
Date: 2006-04-04 14:58:55 +0000 (Tue, 04 Apr 2006)
New Revision: 3745
Modified:
data/CVE/list
Log:
NFUs
mantis sucks
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-04 14:46:23 UTC (rev 3744)
+++ data/CVE/list 2006-04-04 14:58:55 UTC (rev 3745)
@@ -1,45 +1,43 @@
-begin claimed by jmm
CVE-2006-1586 (SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan ...)
- TODO: check
+ NOT-FOR-US: Egypt SiteMan
CVE-2006-1585 (Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote ...)
- TODO: check
+ NOT-FOR-US: MonAlbum
CVE-2006-1584 (Unspecified vulnerability in index.php in Warcraft III Replay Parser ...)
- TODO: check
+ NOT-FOR-US: Warcraft III Replay
CVE-2006-1583 (Cross-site scripting (XSS) vulnerability in index.php in Warcraft III ...)
- TODO: check
+ NOT-FOR-US: Warcraft III Replay
CVE-2006-1582 (Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg ...)
- TODO: check
+ NOT-FOR-US: Blank'N'Berg
CVE-2006-1581 (Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 ...)
- TODO: check
+ NOT-FOR-US: Blank'N'Berg
CVE-2006-1580 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 ...)
- TODO: check
+ NOT-FOR-US: Bugzero
CVE-2006-1579 (SQL injection vulnerability in topics.php in Dynamic Bulletin Board ...)
- TODO: check
+ NOT-FOR-US: Dynamic Bulletin Board System
CVE-2006-1578 (Multiple SQL injection vulnerabilities in Keystone Digital Library ...)
- TODO: check
+ NOT-FOR-US: Keystone Digital Library Suite
CVE-2006-1577 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ - mantis <unfixed>
CVE-2006-1576 (Direct static code injection vulnerability in QLnews 1.2 allows remote ...)
- TODO: check
+ NOT-FOR-US: QLnews
CVE-2006-1575 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
- TODO: check
+ NOT-FOR-US: QLnews
CVE-2006-1574 (Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, ...)
- TODO: check
+ NOT-FOR-US: Groupmax World Wide Web et. al.
CVE-2006-1573 (PHP remote file inclusion vulnerability in index.php in MediaSlash ...)
- TODO: check
+ NOT-FOR-US: MediaSlash Gallery
CVE-2006-1572 (SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote ...)
- TODO: check
+ NOT-FOR-US: Oxygen
CVE-2006-1571 (Multiple SQL injection vulnerabilities in loginprocess.php in ...)
- TODO: check
+ NOT-FOR-US: qliteNews
CVE-2006-1570 (Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 ...)
- TODO: check
+ NOT-FOR-US: Esqlanelapse
CVE-2006-1569 (Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote ...)
- TODO: check
+ NOT-FOR-US: RedCMS
CVE-2006-1568 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
- TODO: check
+ NOT-FOR-US: RedCMS
CVE-2006-1567 (Cross-site scripting (XSS) vulnerability in searchresults.asp in ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: SiteSearch Indexer
CVE-2006-1566 (Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in ...)
- libtunepimp 0.4.2-3 (bug #359241; low)
[sarge] - libtunepimp <not-affected> (rpath not set to /tmp in Sarge)
@@ -49,6 +47,7 @@
CVE-2006-1564 (Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for ...)
- subversion 1.3.0-5 (bug #359234; low)
[sarge] - subversion <not-affected> (No rpaths set in Sarge)
+begin claimed by jmm
CVE-2006-1563 (Direct static code injection vulnerability in config.php in vscripts ...)
TODO: check
CVE-2006-1562 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
@@ -77,6 +76,7 @@
RESERVED
CVE-2006-1549
RESERVED
+end claimed by jmm
CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 ...)
NOT-FOR-US: BEA WebLogic
CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...)
More information about the Secure-testing-commits
mailing list