[Secure-testing-commits] r4533 - data/CVE
Joey Hess
joeyh at costa.debian.org
Wed Aug 9 09:15:02 UTC 2006
Author: joeyh
Date: 2006-08-09 09:14:59 +0000 (Wed, 09 Aug 2006)
New Revision: 4533
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-08-08 21:14:31 UTC (rev 4532)
+++ data/CVE/list 2006-08-09 09:14:59 UTC (rev 4533)
@@ -1,4 +1,20 @@
-CVE-2006-4018 [clamav code execution through upx compressed files]
+CVE-2006-4026 (PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows ...)
+ TODO: check
+CVE-2006-4025 (SQL injection vulnerability in profile.php in XennoBB 2.1.0 and ...)
+ TODO: check
+CVE-2006-4024 (The FESTAHES_Load function in pce/hes.c in Festalon 0.5.0 through ...)
+ TODO: check
+CVE-2006-4023 (The ip2long function in PHP 5.1.4 and earlier may incorrectly validate ...)
+ TODO: check
+CVE-2006-4022 (Intel 2100 PRO/Wireless Network Connection driver PROSet before ...)
+ TODO: check
+CVE-2006-4021
+ RESERVED
+CVE-2006-4020 (scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows ...)
+ TODO: check
+CVE-2006-4019
+ RESERVED
+CVE-2006-4018 (Heap-based buffer overflow in the pefromupx function in Clam AntiVirus ...)
- clamav 0.88.4-1 (high; bug #382004; bug #382007)
CVE-2006-4017 (Cross-site scripting (XSS) vulnerability in the search module in Inter ...)
TODO: check
@@ -321,26 +337,26 @@
RESERVED
CVE-2006-3863
RESERVED
-CVE-2006-3862
- RESERVED
-CVE-2006-3861
- RESERVED
+CVE-2006-3862 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through ...)
+ TODO: check
+CVE-2006-3861 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before ...)
+ TODO: check
CVE-2006-3860
RESERVED
CVE-2006-3859
RESERVED
-CVE-2006-3858
- RESERVED
-CVE-2006-3857
- RESERVED
-CVE-2006-3856
- RESERVED
-CVE-2006-3855
- RESERVED
+CVE-2006-3858 (IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before ...)
+ TODO: check
+CVE-2006-3857 (Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before ...)
+ TODO: check
+CVE-2006-3856 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before ...)
+ TODO: check
+CVE-2006-3855 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) allows ...)
+ TODO: check
CVE-2006-3854
RESERVED
-CVE-2006-3853
- RESERVED
+CVE-2006-3853 (Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 ...)
+ TODO: check
CVE-2006-3852 (Cross-site scripting (XSS) vulnerability in index.php in Micro ...)
NOT-FOR-US: Micro GuestBook
CVE-2006-3851 (SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and ...)
@@ -860,10 +876,10 @@
RESERVED
CVE-2006-3650
RESERVED
-CVE-2006-3649
- RESERVED
-CVE-2006-3648
- RESERVED
+CVE-2006-3649 (Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK ...)
+ TODO: check
+CVE-2006-3648 (Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and ...)
+ TODO: check
CVE-2006-3647
RESERVED
CVE-2006-3646
@@ -872,20 +888,20 @@
RESERVED
CVE-2006-3644
RESERVED
-CVE-2006-3643
- RESERVED
+CVE-2006-3643 (Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and ...)
+ TODO: check
CVE-2006-3642
RESERVED
CVE-2006-3641
RESERVED
-CVE-2006-3640
- RESERVED
-CVE-2006-3639
- RESERVED
-CVE-2006-3638
- RESERVED
-CVE-2006-3637
- RESERVED
+CVE-2006-3640 (Microsoft Internet Explorer 5.01 and 6 allows certain script to ...)
+ TODO: check
+CVE-2006-3639 (Microsoft Internet Explorer 5.01 and 6 does not properly identify the ...)
+ TODO: check
+CVE-2006-3638 (Microsoft Internet Explorer 5.01 and 6 does not properly handle ...)
+ TODO: check
+CVE-2006-3637 (Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle ...)
+ TODO: check
CVE-2006-3636
RESERVED
CVE-2006-3635
@@ -996,7 +1012,7 @@
- linux-2.6 2.6.17-4 (high)
CVE-2006-XXXX [insufficient form variable escaping]
- webauth 3.5.2-1
-CVE-2006-3590 (Unspecified vulnerability in mso.dll, as used by Microsoft PowerPoint ...)
+CVE-2006-3590 (mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows ...)
NOT-FOR-US: Microsoft PowerPoint
CVE-2006-3589 (vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure ...)
NOT-FOR-US: VMware
@@ -1004,14 +1020,14 @@
NOT-FOR-US: Macromedia Flash Player 8
CVE-2006-3587 (Unspecified vulnerability in Macromedia Flash Player 8.0.24.0 allows ...)
NOT-FOR-US: Macromedia Flash Player 8
-CVE-2006-3586
- RESERVED
-CVE-2006-3585
- RESERVED
-CVE-2006-3584
- RESERVED
-CVE-2006-3583
- RESERVED
+CVE-2006-3586 (SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote ...)
+ TODO: check
+CVE-2006-3585 (Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 ...)
+ TODO: check
+CVE-2006-3584 (Dynamic variable evaluation vulnerability in index.php in Jetbox CMS ...)
+ TODO: check
+CVE-2006-3583 (Sessiln fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers ...)
+ TODO: check
CVE-2006-3582 (Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and ...)
- adplug 2.0.1-1 (bug #378279; medium)
CVE-2006-3581 (Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and ...)
@@ -1251,10 +1267,10 @@
CVE-2006-3465 (Unspecified vulnerability in the custom tag support for the TIFF ...)
{DSA-1137-1}
- tiff 3.8.2-6
-CVE-2006-3464 (Multiple unspecified vulnerabilities in the TIFF library (libtiff) ...)
+CVE-2006-3464 (TIFF library (libtiff) before 3.8.2 allows context-dependent attackers ...)
{DSA-1137-1}
- tiff 3.8.2-6
-CVE-2006-3463 (The TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short ...)
+CVE-2006-3463 (The EstimateStripByteCounts function in TIFF library (libtiff) before ...)
{DSA-1137-1}
- tiff 3.8.2-6
CVE-2006-3462 (Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library ...)
@@ -1263,7 +1279,7 @@
CVE-2006-3461 (Heap-based buffer overflow in the PixarLog decoder in the TIFF library ...)
{DSA-1137-1}
- tiff 3.8.2-6
-CVE-2006-3460 (Heap-based buffer overflow in the TIFF library (libtiff) before 3.8.2 ...)
+CVE-2006-3460 (Heap-based buffer overflow in the JPEG decoder in the TIFF library ...)
{DSA-1137-1}
- tiff 3.8.2-6
CVE-2006-3459 (Multiple stack-based buffer overflows in the TIFF library (libtiff) ...)
@@ -1286,12 +1302,12 @@
NOT-FOR-US: Adobe acrobat
CVE-2006-3452 (Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure ...)
NOT-FOR-US: Adobe acrobat
-CVE-2006-3451
- RESERVED
-CVE-2006-3450
- RESERVED
-CVE-2006-3449
- RESERVED
+CVE-2006-3451 (Microsoft Internet Explorer does not properly handle chained Cascading Style ...)
+ TODO: check
+CVE-2006-3450 (Unspecified vulnerability in Microsoft Internet Explorer 6 allows ...)
+ TODO: check
+CVE-2006-3449 (Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, ...)
+ TODO: check
CVE-2006-3448
RESERVED
CVE-2006-3447
@@ -1300,20 +1316,20 @@
RESERVED
CVE-2006-3445
RESERVED
-CVE-2006-3444
- RESERVED
-CVE-2006-3443
- RESERVED
+CVE-2006-3444 (Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
+ TODO: check
+CVE-2006-3443 (Untrusted search path vulnerability in Winlogon in Microsoft Windows ...)
+ TODO: check
CVE-2006-3442
RESERVED
-CVE-2006-3441
- RESERVED
-CVE-2006-3440
- RESERVED
-CVE-2006-3439
- RESERVED
-CVE-2006-3438
- RESERVED
+CVE-2006-3441 (Buffer overflow in the DNS Client service in Microsoft Windows 2000 ...)
+ TODO: check
+CVE-2006-3440 (Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP ...)
+ TODO: check
+CVE-2006-3439 (Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, ...)
+ TODO: check
+CVE-2006-3438 (Unspecified vulnerability in Microsoft Hyperlink Object Library ...)
+ TODO: check
CVE-2006-3437
RESERVED
CVE-2006-3436
@@ -1649,7 +1665,7 @@
NOT-FOR-US: Dating Agent PRO
CVE-2006-3282 (requirements.php in Dating Agent PRO 4.7.1 allows remote attackers to ...)
NOT-FOR-US: Dating Agent PRO
-CVE-2006-3281 (Microsoft Internet Explorer 6.0 allows remote user-complicit attackers ...)
+CVE-2006-3281 (Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2006-3280 (Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows ...)
NOT-FOR-US: Microsoft Internet Explorer
@@ -1993,8 +2009,8 @@
NOT-FOR-US: phpRaid
CVE-2006-3115 (SQL injection vulnerability in view.php in phpRaid 3.0.4, and possibly ...)
NOT-FOR-US: phpRaid
-CVE-2006-3114
- RESERVED
+CVE-2006-3114 (PC Tools AntiVirus 2.1.0.51 uses insecure default permissions on the ...)
+ TODO: check
CVE-2006-3113 (Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and ...)
NOTE: MFSA-2006-46
- mozilla <not-affected> (mozilla 1.7 not affected)
@@ -2117,7 +2133,7 @@
NOT-FOR-US: 5 Star Review
CVE-2006-3060 (Cross-site scripting (XSS) vulnerability in P.A.I.D 2.2 allows remote ...)
NOT-FOR-US: P.A.I.D
-CVE-2006-3059 (Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote ...)
+CVE-2006-3059 (Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows ...)
NOT-FOR-US: Microsoft Excel
CVE-2006-3058
RESERVED
More information about the Secure-testing-commits
mailing list