[Secure-testing-commits] r4602 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Sat Aug 19 11:14:41 UTC 2006
Author: stef-guest
Date: 2006-08-19 11:14:40 +0000 (Sat, 19 Aug 2006)
New Revision: 4602
Modified:
data/CVE/list
Log:
alsaplayer CVEified; some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-08-19 11:05:15 UTC (rev 4601)
+++ data/CVE/list 2006-08-19 11:14:40 UTC (rev 4602)
@@ -101,19 +101,19 @@
CVE-2006-4143 (Netgear FVG318 running firmware 1.0.40 allows remote attackers to ...)
NOT-FOR-US: Netgear
CVE-2006-4142 (SQL injection vulnerability in extra/online.php in Virtual War (VWar) ...)
- TODO: check
+ NOT-FOR-US: Virtual War (VWar)
CVE-2006-4141 (SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 ...)
- TODO: check
+ NOT-FOR-US: Virtual War (VWar)
CVE-2006-4140 (Directory traversal vulnerability in IPCheck Server Monitor 5.3.2.609 ...)
TODO: check
CVE-2006-4139 (Race condition in Sun Solaris 10 allows attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2006-4138 (Multiple unspecified vulnerabilities in Microsoft Windows Help File ...)
TODO: check
CVE-2006-4137 (IBM WebSphere Application Server before 6.1.0.1 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere
CVE-2006-4136 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere
CVE-2006-4135 (** DISPUTED ** ...)
TODO: check
CVE-2006-4134 (Unspecified vulnerability related to a "design flaw" in SAP Internet ...)
@@ -129,7 +129,7 @@
CVE-2006-4129 (PHP remote file inclusion vulnerability in admin.webring.docs.php in ...)
TODO: check
CVE-2006-4128 (Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec ...)
- TODO: check
+ NOT-FOR-US: Symantec VERITAS
CVE-2006-4127 (Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and ...)
TODO: check
CVE-2006-4126 (The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier ...)
@@ -151,7 +151,7 @@
CVE-2006-4118 (Multiple SQL injection vulnerabilities in GeheimChaos 0.5 and earlier ...)
TODO: check
CVE-2006-4117 (The squeue_drain function in Sun Solaris 10, possibly only when run on ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2006-4116 (Multiple stack-based buffer overflows in Lhaz before 1.32 allow ...)
TODO: check
CVE-2006-4115 (PHP remote file inclusion vulnerability in common.inc.php in PgMarket ...)
@@ -165,7 +165,7 @@
CVE-2006-4111 (Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby ...)
TODO: check
CVE-2006-4110 (Apache 2.2.2, when running on Windows, allows remote attackers to read ...)
- TODO: check
+ NOT-FOR-US: Apache on Windows only
CVE-2006-4109 (Cross-site scripting (XSS) vulnerability in Bibliography ...)
TODO: check
CVE-2006-4108 (SQL injection vulnerability in Bibliography (biblio.module) 4.6 before ...)
@@ -207,7 +207,7 @@
CVE-2006-4090 (Cross-site scripting (XSS) vulnerability in Webligo BlogHoster 2.2 ...)
TODO: check
CVE-2006-4089 (Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and ...)
- TODO: check
+ - alsaplayer <unfixed> (medium; bug #382842)
CVE-2006-4088 (Multiple cross-site scripting (XSS) vulnerabilities in CivicSpace ...)
TODO: check
CVE-2006-4087 (Cross-site scripting (XSS) vulnerability in admin.cgi in ...)
@@ -256,8 +256,6 @@
- gnutls11 <unfixed> (medium)
- gnutls12 1.2.11-3 (medium)
- gnutls13 1.4.2-1 (medium)
-CVE-2006-XXXX [AlsaPlayer Multiple Buffer Overflow Vulnerabilities]
- - alsaplayer <unfixed> (medium; bug #382842)
CVE-2006-XXXX [unspecified vulnerability in ruby on rails]
- rails 1.1.6-1 (bug #382255; medium)
CVE-2006-4071 (Sign extension vulnerability in the createBrushIndirect function in ...)
@@ -702,9 +700,9 @@
CVE-2006-3861 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before ...)
NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3860 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3859 (IBM Informix Dynamic Server (IDS) allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3858 (IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before ...)
NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3857 (Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before ...)
@@ -714,7 +712,7 @@
CVE-2006-3855 (The ifx_load_internal function in IBM Informix Dynamic Server (IDS) ...)
NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3854 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC7, ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3853 (Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 ...)
NOT-FOR-US: IBM Informix Dynamic Server
CVE-2006-3852 (Cross-site scripting (XSS) vulnerability in index.php in Micro ...)
More information about the Secure-testing-commits
mailing list