[Secure-testing-commits] r3899 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Sun Apr 30 19:47:48 UTC 2006
Author: stef-guest
Date: 2006-04-30 19:47:36 +0000 (Sun, 30 Apr 2006)
New Revision: 3899
Modified:
data/CVE/list
Log:
gcc issue
amaya issue
new phpbb2 issues
some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-30 19:06:01 UTC (rev 3898)
+++ data/CVE/list 2006-04-30 19:47:36 UTC (rev 3899)
@@ -261,38 +261,36 @@
NOT-FOR-US: AnimeGenesis Gallery
CVE-2006-1903 (Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila ...)
NOT-FOR-US: UserLand Manila
-begin claimed by stef-guest
CVE-2006-1902 (fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 ...)
- TODO: check
+ - gcc-4.1 (bug #356896; low)
CVE-2006-1901 (Mozilla Camino 1.0 and earlier allow remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Mozilla Camino
CVE-2006-1900 (Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya ...)
- TODO: check
+ - amaya <unfixed> (bug #362575; medium)
CVE-2006-1899 (Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog ...)
- TODO: check
+ NOT-FOR-US: Neuron Blog
CVE-2006-1898 (Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper ...)
- TODO: check
+ NOT-FOR-US: Tiny PHP Forum
CVE-2006-1897 (Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for "Script ...)
- TODO: check
+ NOT-FOR-US: Webplus (aka talentsoft) Web+Shop
CVE-2006-1896 (Unspecified vulnerability in phpBB allows remote authenticated users ...)
- TODO: check
+ - phpbb2 <unfixed> (bug filed; medium)
CVE-2006-1895 (Direct static code injection vulnerability in includes/template.php in ...)
- TODO: check
+ - phpbb2 <unfixed> (bug filed; medium)
CVE-2006-1894 (Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived ...)
- TODO: check
+ NOT-FOR-US: RevoBoard / PunBB
CVE-2006-1893 (Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 ...)
- TODO: check
+ NOT-FOR-US: ar-blog
CVE-2006-1892 (avast! 4 Linux Home Edition 1.0.5 allows local users to modify ...)
- TODO: check
+ NOT-FOR-US: avast! 4 Linux Home Edition
CVE-2006-1891 (Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard ...)
- TODO: check
+ NOT-FOR-US: betaboard
CVE-2006-1890 (Multiple PHP remote file inclusion vulnerabilities in myWebland ...)
- TODO: check
+ NOT-FOR-US: myWebland
CVE-2006-1889 (Cross-site scripting (XSS) vulnerability in the search action handler ...)
- TODO: check
+ NOT-FOR-US: Boardsolution
CVE-2006-1888 (phpGraphy 0.9.11 and earlier allows remote attackers to bypass ...)
- TODO: check
-end claimed by stef-guest
+ NOT-FOR-US: phpGraphy
CVE-2006-1887 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security ...)
NOT-FOR-US: Oracle JD Edwards EnterpriseOne
CVE-2006-1886 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
@@ -1877,7 +1875,7 @@
CVE-2006-1248 (Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and ...)
NOT-FOR-US: HP-UX
CVE-2006-1247 (rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows ...)
- TODO: check
+ NOT-FOR-US: AIX
CVE-2006-1246 (Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 ...)
NOT-FOR-US: AIX
CVE-2006-1245 (Buffer overflow in mshtml.dll in Microsoft Internet Explorer ...)
@@ -2987,7 +2985,7 @@
CVE-2006-0751 (Multiple unspecified vulnerabilities in the (1) Filesystem in ...)
TODO: check
CVE-2006-0750 (SQL injection vulnerability in index.php in supersmashbrothers (SSB) ...)
- TODO: check
+ NOT-FOR-US: supersmashbrothers
CVE-2006-0749 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...)
{DSA-1046-1 DSA-1044-1}
- firefox <unfixed> (low)
@@ -3716,7 +3714,7 @@
CVE-2005-4683 (PADL MigrationTools 46, when a failure occurs, stores contents of ...)
- migrationtools 46-2.1 (bug #338920; medium)
CVE-2005-4682 (Cross-site scripting (XSS) vulnerability in error.asp in AudienceView ...)
- TODO: check
+ NOT-FOR-US: AudienceView
CVE-2005-4681 (** DISPUTED ** Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 ...)
TODO: check
CVE-2005-4680 (Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 4.6.9, ...)
@@ -3904,7 +3902,7 @@
{DSA-989-1}
- zoph 0.5-1 (bug #350717)
CVE-2006-0401 (Unspecified vulnerability in Mac OS X before 10.4.6, when running on ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2006-0400 (CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers ...)
NOT-FOR-US: Apple
CVE-2006-0399 (Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes ...)
@@ -7570,9 +7568,9 @@
[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was introduced later)
NOTE: http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-3527?op=file&rev=0&sc=0
CVE-2005-3526 (Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite ...)
- TODO: check
+ NOT-FOR-US: Ipswitch Collaboration Suite
CVE-2005-3525 (Stack-based buffer overflow in an ActiveX control for the installer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2005-3522 (Cross-site scripting (XSS) vulnerability in index.jsp in ManageEngine ...)
NOT-FOR-US: ManageEngine NetflowAnalyzer
CVE-2005-3521 (SQL injection vulnerability in resetcore.php in e107 0.617 through ...)
@@ -8694,7 +8692,7 @@
- ethereal 0.10.13-1 (bug #334880; medium)
NOTE: The ISAKMP issue only affects sid, the other three Woody and Sarge
CVE-2005-3240 (Race condition in Microsoft Internet Explorer allows user-complicit ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2005-3238 (Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option ...)
NOT-FOR-US: Solaris
CVE-2005-3257 (The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and ...)
More information about the Secure-testing-commits
mailing list