[Secure-testing-commits] r3831 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Wed Apr 19 17:57:49 UTC 2006
Author: stef-guest
Date: 2006-04-19 17:57:42 +0000 (Wed, 19 Apr 2006)
New Revision: 3831
Modified:
data/CVE/list
Log:
some more NFUs; bugnum
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-19 17:26:00 UTC (rev 3830)
+++ data/CVE/list 2006-04-19 17:57:42 UTC (rev 3831)
@@ -619,7 +619,7 @@
CVE-2006-1591 (Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe ...)
NOT-FOR-US: Microsoft Windows Help
CVE-2006-1590 (Cross-site scripting (XSS) vulnerability in the PrintFreshPage ...)
- - acidbase <unfixed> (bug filed)
+ - acidbase <unfixed> (bug #363548)
- acidlab <unfixed> (bug filed)
CVE-2006-1589 (The elf_load_file function in NetBSD 2.0 through 3.0 allows local ...)
NOT-FOR-US: NetBSD kernel
@@ -712,7 +712,7 @@
CVE-2006-1552 (ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to ...)
NOT-FOR-US: Apple
CVE-2006-1551 (Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX ...)
- TODO: check
+ NOT-FOR-US: PAJAX
CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation ...)
- php4 <unfixed> (bug #361854)
- php5 <unfixed> (bug #361917)
@@ -1022,9 +1022,9 @@
CVE-2006-1438 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP ...)
NOT-FOR-US: aphpkb
CVE-2006-1437 (UPOINT @1 Event Publisher stores sensitive information under the web ...)
- TODO: check
+ NOT-FOR-US: UPOINT
CVE-2006-1436 (Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event ...)
- TODO: check
+ NOT-FOR-US: UPOINT
CVE-2006-1435 (Cross-site scripting (XSS) vulnerability in genmessage.php in ...)
NOT-FOR-US: Accounting Receiving and Inventory Administration (ARIA), different from debian aria
CVE-2006-1434 (Cross-site scripting (XSS) vulnerability in inscription.php in ...)
@@ -2342,6 +2342,7 @@
- mantis <unfixed>
CVE-2006-0839 (The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly ...)
TODO: check
+ NOTE: frag3 is only in 2.4, currently there is 2.3.3 in sid
CVE-2006-0838 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext ...)
NOT-FOR-US: Tivoli
CVE-2006-0837 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable ...)
@@ -2349,35 +2350,35 @@
CVE-2006-0836 (Mozilla Thunderbird 1.5 allows user-complicit attackers to cause an ...)
- mozilla-thunderbird <unfixed>
CVE-2006-0835 (SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar ...)
- TODO: check
+ NOT-FOR-US: MitriDAT Web Calendar
CVE-2006-0834 (Uniden UIP1868P VoIP Telephone and Router has a default password of ...)
- TODO: check
+ NOT-FOR-US: Uniden UIP1868P VoIP Telephone
CVE-2006-0833 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda ...)
- TODO: check
+ NOT-FOR-US: Barracuda Directory
CVE-2006-0832 (Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow ...)
- TODO: check
+ NOT-FOR-US: WPC.easy
CVE-2006-0831 (PHP remote file include vulnerability in index.php in Tasarim Rehberi ...)
- TODO: check
+ NOT-FOR-US: Tasarim Rehberi
CVE-2006-0830 (The scripting engine in Internet Explorer allows remote attackers to ...)
NOT-FOR-US: Microsoft
CVE-2006-0829 (Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows ...)
- TODO: check
+ NOT-FOR-US: E-Blah Platinum
CVE-2006-0828 (Unspecified vulnerability in ESS/ Network Controller and MicroServer ...)
- TODO: check
+ NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
CVE-2006-0827 (Cross-site scripting vulnerability in ESS/ Network Controller and ...)
- TODO: check
+ NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
CVE-2006-0826 (Unspecified vulnerability in ESS/ Network Controller and MicroServer ...)
- TODO: check
+ NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
CVE-2006-0825 (Multiple unspecified vulnerabilities in ESS/ Network Controller and ...)
- TODO: check
+ NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
CVE-2006-0824 (Multiple unspecified vulnerabilities in lib-common.php in Geeklog ...)
- TODO: check
+ NOT-FOR-US: Geeklog
CVE-2006-0823 (Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before ...)
- TODO: check
+ NOT-FOR-US: Geeklog
CVE-2006-0822 (Unspecified vulnerability in EmuLinker Kaillera Server before 0.99.17 ...)
- TODO: check
+ NOT-FOR-US: EmuLinker Kaillera Server
CVE-2006-0821 (SQL injection vulnerability in index.php in BXCP 0.299 allows remote ...)
- TODO: check
+ NOT-FOR-US: BXCP
CVE-2006-0820 (Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 ...)
TODO: check
CVE-2006-0819 (Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source ...)
More information about the Secure-testing-commits
mailing list