[Secure-testing-commits] r3840 - data/CVE

Fri Apr 21 20:32:00 UTC 2006

Author: stef-guest
Date: 2006-04-21 20:31:52 +0000 (Fri, 21 Apr 2006)
New Revision: 3840

Modified:
   data/CVE/list
Log:
new asterisk issue
some NFUs


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-04-21 20:05:44 UTC (rev 3839)
+++ data/CVE/list	2006-04-21 20:31:52 UTC (rev 3840)
@@ -141,27 +141,27 @@
 CVE-2006-1837 (SQL injection vulnerability in archiv2.php in Fuju News 1.0 allows ...)
 	TODO: check
 CVE-2006-1836 (Untrusted search path vulnerability in unspecified components in ...)
-	TODO: check
+	NOT-FOR-US: Symantec LiveUpdate
 CVE-2006-1835 (Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix ...)
-	TODO: check
+	NOT-FOR-US: Calendarix
 CVE-2006-1834 (Integer signedness error in Opera before 8.54 allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2006-1833 (Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the ...)
-	TODO: check
+	NOT-FOR-US: NetBSD
 CVE-2006-1832 (sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the ...)
-	TODO: check
+	NOT-FOR-US: sysinfo
 CVE-2006-1831 (Direct static code injection vulnerability in sysinfo.cgi in sysinfo ...)
-	TODO: check
+	NOT-FOR-US: sysinfo
 CVE-2006-1830 (Sun Java Studio Enterprise 8, when installed as root, creates certain ...)
-	TODO: check
+	NOT-FOR-US: Sun Java Studio Enterprise
 CVE-2006-1829 (EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote ...)
-	TODO: check
+	NOT-FOR-US: EAServer Manager in Sybase EAServer
 CVE-2006-1828 (SQL injection vulnerability in php121language.php in PHP121 1.4 allows ...)
-	TODO: check
+	NOT-FOR-US: PHP121
 CVE-2006-1827 (Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and ...)
-	TODO: check
+	- asterisk <unfixed> (bug filed; medium)
 CVE-2005-4786 (Buffer overflow in the archive decompression library (vrAZMain.dll ...)
-	TODO: check
+	NOT-FOR-US: HAURI anti-virus
 CVE-2006-1826 (Multiple cross-site scripting (XSS) vulnerabilities in Snipe Gallery ...)
 	NOT-FOR-US: Snipe Gallery
 CVE-2006-1825 (Cross-site scripting (XSS) vulnerability in index.php in phpLinks ...)


