[Secure-testing-commits] r3750 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Tue Apr 4 17:57:13 UTC 2006
Author: stef-guest
Date: 2006-04-04 17:57:07 +0000 (Tue, 04 Apr 2006)
New Revision: 3750
Modified:
data/CVE/list
Log:
some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-04 16:30:26 UTC (rev 3749)
+++ data/CVE/list 2006-04-04 17:57:07 UTC (rev 3750)
@@ -367,84 +367,82 @@
RESERVED
CVE-2006-1433
RESERVED
-
-begin claimed by stef-guest
-
CVE-2006-1432 (fusionZONE couponZONE 4.2 allows remote attackers to obtain the full ...)
- TODO: check
+ NOT-FOR-US: fusionZONE couponZONE
CVE-2006-1431 (Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE ...)
- TODO: check
+ NOT-FOR-US: fusionZONE couponZONE
CVE-2006-1430 (Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx HMS ...)
- TODO: check
+ NOT-FOR-US: CONTROLzx HMS
CVE-2006-1429 (Cross-site scripting (XSS) vulnerability in accountlogon.cfm in ...)
- TODO: check
+ NOT-FOR-US: classifiedZONE
CVE-2006-1428 (Multiple cross-site scripting (XSS) vulnerabilities in phpCOIN 1.2.2 ...)
- TODO: check
+ NOT-FOR-US: phpCOIN
CVE-2006-1427 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP ...)
- TODO: check
+ NOT-FOR-US: WebAPP
CVE-2006-1426 (Multiple SQL injection vulnerabilities in Pixel Motion Blog allow ...)
- TODO: check
+ NOT-FOR-US: Blog Pixel Motion
CVE-2006-1425 (Cross-site scripting (XSS) vulnerability in track.php in phpmyfamily ...)
- TODO: check
+ NOT-FOR-US: phpmyfamily
CVE-2006-1424 (Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 ...)
- TODO: check
+ NOT-FOR-US: ConfTool
CVE-2006-1423 (SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 ...)
- TODO: check
+ NOT-FOR-US: UBB.threads
CVE-2006-1422 (SQL injection vulnerability in details_view.php in PHP Booking Calendar ...)
- TODO: check
+ NOT-FOR-US: PHP Booking Calendar
CVE-2006-1421 (Multiple SQL injection vulnerabilities in akocomment.php in AkoComment ...)
- TODO: check
+ NOT-FOR-US: AkoComment
CVE-2006-1420 (SQL injection vulnerability in print.php in SaphpLesson 2.0 allows ...)
- TODO: check
+ NOT-FOR-US: SaphpLesson
CVE-2006-1419 (SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 ...)
- TODO: check
+ NOT-FOR-US: nuked-klan
CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in Caloris ...)
- TODO: check
+ NOT-FOR-US: Caloris Planitia E-School Management
CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Caloris ...)
- TODO: check
+ NOT-FOR-US: Caloris Planitia Online Quiz System
CVE-2006-1416 (Cross-site scripting (XSS) vulnerability in afmsearch.aspx in Absolute ...)
- TODO: check
+ NOT-FOR-US: Absolute FAQ Manager .NET
CVE-2006-1415 (Cross-site scripting (XSS) vulnerability in iforget.aspx in dotNetBB ...)
- TODO: check
+ NOT-FOR-US: dotNetBB
CVE-2006-1414 (Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in ...)
- TODO: check
+ NOT-FOR-US: Toast Forums
CVE-2006-1413 (Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro ...)
- TODO: check
+ NOT-FOR-US: EZHomepagePro
CVE-2006-1412 (TFT Gallery 0.10 stores sensitive information under the web root with ...)
- TODO: check
+ NOT-FOR-US: TFT Gallery
CVE-2006-1411 (Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE ...)
- TODO: check
+ NOT-FOR-US: Absolute Image Gallery
CVE-2006-1410 (Multiple cross-site scripting (XSS) vulnerabilities in XIGLA Absolute ...)
- TODO: check
+ NOT-FOR-US: XIGLA Absolute Live Support
CVE-2006-1409 (Buffer overflow in Vavoom 1.19.1 and earlier allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Vavoom
+ NOTE: code in prboom and lxdoom looks completely different
CVE-2006-1408 (Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Vavoom
+ NOTE: code in prboom and lxdoom looks completely different
CVE-2006-1407 (Multiple cross-site scripting (XSS) vulnerabilities in Helm Web ...)
- TODO: check
+ NOT-FOR-US: Helm Web Hosting Control Panel
CVE-2006-1406 (Multiple cross-site scripting (XSS) vulnerabilities in wbadmlog.aspx ...)
- TODO: check
+ NOT-FOR-US: uniForum
CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in ...)
- TODO: check
+ NOT-FOR-US: SweetSuite.NET Content Management System
CVE-2006-1404 (Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in ...)
- TODO: check
+ NOT-FOR-US: BlankOL
CVE-2006-1403 (Format string vulnerability in the PrintString function in ...)
- TODO: check
-
-end claimed by stef-guest
-
+ NOT-FOR-US: csDoom
+ NOTE: prboom, lxdoom not affected
CVE-2006-1402 (Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: csDoom
+ NOTE: prboom, lxdoom not affected
CVE-2006-1401 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...)
- TODO: check
+ NOT-FOR-US: Calendar Express
CVE-2006-1400 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Metisware Instructor
CVE-2006-1399 (Cross-site scripting (XSS) vulnerability in searchresult.php in ...)
- TODO: check
+ NOT-FOR-US: Meeting Reserve
CVE-2006-1398 (Cross-site scripting (XSS) vulnerability in guestbook.php in G-Book ...)
- TODO: check
+ NOT-FOR-US: G-Book
CVE-2006-1397 (Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew ...)
- TODO: check
+ NOT-FOR-US: phpAdsNew
CVE-2005-4747 (Cross-site scripting (XSS) vulnerability in WebHost Automation Ltd ...)
TODO: check
CVE-2005-4746 (Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote ...)
@@ -29696,15 +29694,15 @@
CVE-2000-0693 (pgxconfig in the Raptor GFX configuration tool uses a relative path ...)
TODO: check
CVE-2000-0685 (BEA WebLogic 5.1.x does not properly restrict access to the ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2000-0684 (BEA WebLogic 5.1.x does not properly restrict access to the ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2000-0683 (BEA WebLogic 5.1.x allows remote attackers to read source code for ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2000-0682 (BEA WebLogic 5.1.x allows remote attackers to read source code for ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2000-0681 (Buffer overflow in BEA WebLogic server proxy plugin allows remote ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2000-0679 (The CVS 1.10.8 client trusts pathnames that are provided by the CVS ...)
TODO: check
CVE-2000-0678 (PGP 5.5.x through 6.5.3 does not properly check if an Additional ...)
@@ -29966,9 +29964,9 @@
CVE-2000-0501 (Race condition in MDaemon 2.8.5.0 POP server allows local users to ...)
TODO: check
CVE-2000-0500 (The default configuration of BEA WebLogic 5.1.0 allows a remote ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2000-0499 (The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2000-0498 (Unify eWave ServletExec allows a remote attacker to view source code ...)
TODO: check
CVE-2000-0497 (IBM WebSphere server 3.0.2 allows a remote attacker to view source ...)
@@ -33021,7 +33019,7 @@
CVE-2002-0108 (Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote ...)
TODO: check
CVE-2002-0106 (BEA Systems Weblogic Server 6.1 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2002-0105 (CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating ...)
TODO: check
CVE-2002-0104 (AFTPD 5.4.4 allows remote attackers to gain sensitive information via ...)
More information about the Secure-testing-commits
mailing list