[Secure-testing-commits] r4535 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Wed Aug 9 16:23:28 UTC 2006
Author: stef-guest
Date: 2006-08-09 16:23:25 +0000 (Wed, 09 Aug 2006)
New Revision: 4535
Modified:
data/CVE/list
Log:
- CVE-2006-4024: festalon not-affected
- CVE-2006-3990: savant2 is included in egroupware (medium)
- some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-08-09 15:45:50 UTC (rev 4534)
+++ data/CVE/list 2006-08-09 16:23:25 UTC (rev 4535)
@@ -1,13 +1,13 @@
CVE-2006-4026 (PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows ...)
- TODO: check
+ NOT-FOR-US: SAPID CMS
CVE-2006-4025 (SQL injection vulnerability in profile.php in XennoBB 2.1.0 and ...)
- TODO: check
+ NOT-FOR-US: XennoBB
CVE-2006-4024 (The FESTAHES_Load function in pce/hes.c in Festalon 0.5.0 through ...)
- TODO: check
+ - festalon <not-affected> (vuln. code introduced in 0.5.0)
CVE-2006-4023 (The ip2long function in PHP 5.1.4 and earlier may incorrectly validate ...)
TODO: check
CVE-2006-4022 (Intel 2100 PRO/Wireless Network Connection driver PROSet before ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2006-4021
RESERVED
CVE-2006-4020 (scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows ...)
@@ -19,7 +19,7 @@
CVE-2006-4017 (Cross-site scripting (XSS) vulnerability in the search module in Inter ...)
TODO: check
CVE-2006-4016 (Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS ...)
- TODO: check
+ NOT-FOR-US: toendaCMS
CVE-2006-4015 (Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with ...)
NOT-FOR-US: Hewlett-Packard
CVE-2006-4014 (Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control ...)
@@ -27,7 +27,7 @@
CVE-2006-4013 (Multiple directory traversal vulnerabilities in Symantec Brightmail ...)
NOT-FOR-US: Symantec
CVE-2006-4012 (Multiple PHP remote file inclusion vulnerabilities in circeOS SaveWeb ...)
- TODO: check
+ NOT-FOR-US: circeOS SaveWeb
CVE-2006-4011 (PHP remote file inclusion vulnerability in ...)
TODO: check
CVE-2006-4010 (SQL injection vulnerability in war.php in Virtual War (Vwar) 1.5.0 and ...)
@@ -55,23 +55,23 @@
CVE-2006-3999 (ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier ...)
NOT-FOR-US: ISS BlackICE
CVE-2006-3998 (PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka ...)
- TODO: check
+ NOT-FOR-US: WoWRoster
CVE-2006-3997 (PHP remote file inclusion vulnerability in hsList.php in WoWRoster ...)
- TODO: check
+ NOT-FOR-US: WoWRoster
CVE-2006-3996 (SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and ...)
- TODO: check
+ NOT-FOR-US: ATutor
CVE-2006-3995 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
- TODO: check
+ NOT-FOR-US: UHP (User Home Pages) 0.5 component (aka com_uhp) for Mambo
CVE-2006-3994 (SQL injection vulnerability in the u2u_send_recp function in ...)
- TODO: check
+ NOT-FOR-US: XMB (aka extreme message board)
CVE-2006-3993 (PHP remote file inclusion vulnerability in copyright.php in Olaf ...)
- TODO: check
+ NOT-FOR-US: The Search Engine Project
CVE-2006-3992 (Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2006-3991 (PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh ...)
- TODO: check
+ NOT-FOR-US: Voodoo chat
CVE-2006-3990 (Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones ...)
- TODO: check
+ - egroupware <unfixed> (bug filed; medium)
CVE-2006-3989 (PHP remote file inclusion vulnerability in index.php in Knusperleicht ...)
NOT-FOR-US: Knusperleicht
CVE-2006-3988 (PHP remote file inclusion vulnerability in index.php in Knusperleicht ...)
@@ -109,7 +109,7 @@
CVE-2006-3972 (Directory traversal vulnerability in ...)
NOT-FOR-US: Ajax Chat
CVE-2006-3971 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Ajax Chat
CVE-2006-XXXX [unspecified security issues in steam]
- steam 2.2.16-1
CVE-2006-XXXX [Buffer overflow in XML::Parser::Expat triggered by utf8]
@@ -338,25 +338,25 @@
CVE-2006-3863
RESERVED
CVE-2006-3862 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3861 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3860
RESERVED
CVE-2006-3859
RESERVED
CVE-2006-3858 (IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3857 (Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3856 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3855 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) allows ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3854
RESERVED
CVE-2006-3853 (Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3852 (Cross-site scripting (XSS) vulnerability in index.php in Micro ...)
NOT-FOR-US: Micro GuestBook
CVE-2006-3851 (SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and ...)
@@ -621,17 +621,17 @@
CVE-2006-3763 (SQL injection vulnerability in category.php in Diesel Joke Site allows ...)
TODO: check
CVE-2006-3762 (The Touch Control ActiveX control 2.0.0.55 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Touch Control ActiveX control
CVE-2006-3761 (Cross-site scripting (XSS) vulnerability in inc/function_post.php in ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-3760 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-3759 (Unspecified vulnerability in MyBB (aka MyBulletinBoard) 1.1.4, related ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-3758 (inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-3757 (index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Zen Cart
CVE-2006-3756 (Cross-site scripting (XSS) vulnerability in Geeklog 1.4.0sr4 and ...)
TODO: check
CVE-2006-3755 (PHP remote file inclusion vulnerability in ...)
More information about the Secure-testing-commits
mailing list