[Secure-testing-commits] r4603 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Sun Aug 20 08:56:42 UTC 2006
Author: stef-guest
Date: 2006-08-20 08:56:39 +0000 (Sun, 20 Aug 2006)
New Revision: 4603
Modified:
data/CVE/list
Log:
- rails CVEified
- new lesstif issue (low)
- some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-08-19 11:14:40 UTC (rev 4602)
+++ data/CVE/list 2006-08-20 08:56:39 UTC (rev 4603)
@@ -105,65 +105,65 @@
CVE-2006-4141 (SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 ...)
NOT-FOR-US: Virtual War (VWar)
CVE-2006-4140 (Directory traversal vulnerability in IPCheck Server Monitor 5.3.2.609 ...)
- TODO: check
+ NOT-FOR-US: IPCheck Server Monitor
CVE-2006-4139 (Race condition in Sun Solaris 10 allows attackers to cause a denial of ...)
NOT-FOR-US: Solaris
CVE-2006-4138 (Multiple unspecified vulnerabilities in Microsoft Windows Help File ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-4137 (IBM WebSphere Application Server before 6.1.0.1 allows attackers to ...)
NOT-FOR-US: IBM WebSphere
CVE-2006-4136 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...)
NOT-FOR-US: IBM WebSphere
CVE-2006-4135 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Calendarix
CVE-2006-4134 (Unspecified vulnerability related to a "design flaw" in SAP Internet ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2006-4133 (Buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2006-4132 (ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and ...)
- TODO: check
+ NOT-FOR-US: ArcSoft MMS Composer
CVE-2006-4131 (Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and ...)
- TODO: check
+ NOT-FOR-US: ArcSoft MMS Composer
CVE-2006-4130 (PHP remote file inclusion vulnerability in admin.remository.php in the ...)
- TODO: check
+ NOT-FOR-US: Remository Component (com_remository) for Mambo and Joomla!
CVE-2006-4129 (PHP remote file inclusion vulnerability in admin.webring.docs.php in ...)
- TODO: check
+ NOT-FOR-US: Webring Component (com_webring) for Joomla!
CVE-2006-4128 (Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec ...)
NOT-FOR-US: Symantec VERITAS
CVE-2006-4127 (Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and ...)
- TODO: check
+ NOT-FOR-US: DConnect Daemon (dcd)
CVE-2006-4126 (The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier ...)
- TODO: check
+ NOT-FOR-US: DConnect Daemon (dcd)
CVE-2006-4125 (Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and ...)
- TODO: check
+ NOT-FOR-US: DConnect Daemon (dcd)
CVE-2006-4124 (The libXm library in LessTif 0.95.0 and earlier allows local users to ...)
- TODO: check
+ - lesstif2 <unfixed> (bug #382411; low)
CVE-2006-4123 (PHP remote file inclusion vulnerability in boitenews4/index.php in ...)
- TODO: check
+ NOT-FOR-US: Boite de News
CVE-2006-4122 (Simple one-file guestbook 1.0 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Simple one-file guestbook
CVE-2006-4121 (PHP remote file inclusion vulnerability in owimg.php3 in See-Commerce ...)
- TODO: check
+ NOT-FOR-US: See-Commerce
CVE-2006-4120 (Cross-site scripting (XSS) vulnerability in the Recipe module ...)
- TODO: check
+ NOT-FOR-US: Recipe module (recipe.module) for Drupal
CVE-2006-4119 (SQL injection vulnerability in gc.php in GeheimChaos 0.5 and earlier ...)
- TODO: check
+ NOT-FOR-US: GeheimChaos
CVE-2006-4118 (Multiple SQL injection vulnerabilities in GeheimChaos 0.5 and earlier ...)
- TODO: check
+ NOT-FOR-US: GeheimChaos
CVE-2006-4117 (The squeue_drain function in Sun Solaris 10, possibly only when run on ...)
NOT-FOR-US: Solaris
CVE-2006-4116 (Multiple stack-based buffer overflows in Lhaz before 1.32 allow ...)
- TODO: check
+ NOT-FOR-US: Lhaz
CVE-2006-4115 (PHP remote file inclusion vulnerability in common.inc.php in PgMarket ...)
- TODO: check
+ NOT-FOR-US: PgMarket
CVE-2006-4114 (SQL injection vulnerability in view_com.php in Nicolas Grandjean ...)
- TODO: check
+ NOT-FOR-US: PHPMyRing
CVE-2006-4113 (PHP remote file inclusion vulnerability in genpage-cgi.php in Brian ...)
- TODO: check
+ NOT-FOR-US: hitweb
CVE-2006-4112 (Unspecified vulnerability in the "dependency resolution mechanism" in ...)
- TODO: check
+ - rails 1.1.6-1 (bug #382255; medium)
CVE-2006-4111 (Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby ...)
- TODO: check
+ - rails 1.1.5-1 (bug #382255; medium)
CVE-2006-4110 (Apache 2.2.2, when running on Windows, allows remote attackers to read ...)
NOT-FOR-US: Apache on Windows only
CVE-2006-4109 (Cross-site scripting (XSS) vulnerability in Bibliography ...)
@@ -177,7 +177,7 @@
CVE-2006-4105 (Cross-site scripting (XSS) vulnerability in Fill Threads Database ...)
TODO: check
CVE-2006-4104 (Cross-site scripting (XSS) vulnerability in admin.cgi in ...)
- TODO: check
+ NOT-FOR-US: mojoGallery
CVE-2006-4103 (PHP remote file inclusion vulnerability in article-raw.php in Jason ...)
TODO: check
CVE-2006-4102 (PHP remote file inclusion vulnerability in tpl.inc.php in Falko Timme ...)
@@ -256,8 +256,6 @@
- gnutls11 <unfixed> (medium)
- gnutls12 1.2.11-3 (medium)
- gnutls13 1.4.2-1 (medium)
-CVE-2006-XXXX [unspecified vulnerability in ruby on rails]
- - rails 1.1.6-1 (bug #382255; medium)
CVE-2006-4071 (Sign extension vulnerability in the createBrushIndirect function in ...)
NOT-FOR-US: Microsoft
CVE-2006-4070 (Format string vulnerability in Imendio Planner 0.13 allows ...)
More information about the Secure-testing-commits
mailing list