[Secure-testing-commits] r3413 - data/CVE
Joey Hess
joeyh at costa.debian.org
Fri Feb 3 09:14:24 UTC 2006
Author: joeyh
Date: 2006-02-03 09:14:17 +0000 (Fri, 03 Feb 2006)
New Revision: 3413
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-02 09:14:17 UTC (rev 3412)
+++ data/CVE/list 2006-02-03 09:14:17 UTC (rev 3413)
@@ -1,3 +1,73 @@
+CVE-2006-0530 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...)
+ TODO: check
+CVE-2006-0529 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...)
+ TODO: check
+CVE-2006-0528 (GNOME Evolution allows remote attackers to cause a denial of service ...)
+ TODO: check
+CVE-2006-0527 (Unspecified vulnerability in Berkeley Internet Name Domain (BIND) on ...)
+ TODO: check
+CVE-2006-0526 (The default configuration of the America Online (AOL) client software ...)
+ TODO: check
+CVE-2006-0525 (Multiple unspecified Adobe products install a large number of .EXE and ...)
+ TODO: check
+CVE-2006-0524 (Cross-site scripting (XSS) vulnerability in ashnews.php in Derek ...)
+ TODO: check
+CVE-2006-0523 (SQL injection vulnerability in global.php in MyBB before 1.03 allows ...)
+ TODO: check
+CVE-2006-0522 (SQL injection vulnerability in the Authentication Servlet in Symantec ...)
+ TODO: check
+CVE-2006-0521 (Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM ...)
+ TODO: check
+CVE-2006-0520 (SQL injection vulnerability index.php in Dragoran Portal module 1.3 ...)
+ TODO: check
+CVE-2006-0519 (SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows ...)
+ TODO: check
+CVE-2006-0518 (Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e ...)
+ TODO: check
+CVE-2006-0517 (Multiple SQL injection vulnerabilities in ...)
+ TODO: check
+CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...)
+ TODO: check
+CVE-2006-0515
+ RESERVED
+CVE-2006-0514
+ RESERVED
+CVE-2006-0513
+ RESERVED
+CVE-2006-0512 (PADL MigrationTools 46 creates temporary files insecurely, which ...)
+ TODO: check
+CVE-2006-0511 (** DISPUTED ** Blackboard Academic Suite 6.0 and earlier does not ...)
+ TODO: check
+CVE-2006-0510 (SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 ...)
+ TODO: check
+CVE-2006-0509 (Multiple cross-site scripting (XSS) vulnerabilities in clients.php in ...)
+ TODO: check
+CVE-2006-0508 (Easy CMS stores the images directory under the web document root with ...)
+ TODO: check
+CVE-2006-0507 (Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow ...)
+ TODO: check
+CVE-2006-0506 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-klaN ...)
+ TODO: check
+CVE-2006-0505 (zbattle.net Zbattle client 1.09 SR-1 beta allows remote attackers to ...)
+ TODO: check
+CVE-2006-0504 (Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 ...)
+ TODO: check
+CVE-2006-0503 (IMAP service in MailEnable Professional Edition before 1.72 allows ...)
+ TODO: check
+CVE-2006-0502 (PHP remote file inclusion vulnerability in loginout.php in FarsiNews ...)
+ TODO: check
+CVE-2006-0501 (Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows ...)
+ TODO: check
+CVE-2006-0500 (MyCO Guestbook 1.0 admin directory under the web document root with ...)
+ TODO: check
+CVE-2006-0499 (Cross-site scripting (XSS) vulnerability in rlink.php in Rlink 1.0.0 ...)
+ TODO: check
+CVE-2005-4709 (The popSubjectContext method in the SecurityAssociation class in JBoss ...)
+ TODO: check
+CVE-2005-4708 (Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute ...)
+ TODO: check
+CVE-2003-1292 (PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 ...)
+ TODO: check
CVE-2006-0498 (Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before ...)
TODO: check
CVE-2006-0497 (Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow ...)
@@ -215,8 +285,8 @@
NOT-FOR-US: RT Internet Solutions (RTIS) WebAdmin
CVE-2005-4668 (The embedded HSQLDB in ParosProxy before 3.2.7, when running with JDK ...)
NOT-FOR-US: ParoxProxy
-CVE-2006-0433
- RESERVED
+CVE-2006-0433 (Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not ...)
+ TODO: check
CVE-2006-0432 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
NOT-FOR-US: BEA WebLogic
CVE-2006-0431 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
@@ -498,7 +568,7 @@
NOT-FOR-US: Joomla!
CVE-2006-0302 (ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 ...)
NOT-FOR-US: ZyXel hardware
-CVE-2006-0301 (Heap-based buffer overflow in Splash.cc in xpdf allows attackers to ...)
+CVE-2006-0301 (Heap-based buffer overflow in Splash.cc in xpdf, as used in other ...)
- poppler <unfixed>
- tetex-bin 3.0-12
- kdegraphics <unfixed>
@@ -509,22 +579,22 @@
- pdfkit.framework <unfixed>
CVE-2006-0300
RESERVED
-CVE-2006-0299
- RESERVED
-CVE-2006-0298
- RESERVED
-CVE-2006-0297
- RESERVED
-CVE-2006-0296
- RESERVED
-CVE-2006-0295
- RESERVED
-CVE-2006-0294
- RESERVED
-CVE-2006-0293
- RESERVED
-CVE-2006-0292
- RESERVED
+CVE-2006-0299 (The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ...)
+ TODO: check
+CVE-2006-0298 (The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before ...)
+ TODO: check
+CVE-2006-0297 (Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if ...)
+ TODO: check
+CVE-2006-0296 (The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, ...)
+ TODO: check
+CVE-2006-0295 (Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, ...)
+ TODO: check
+CVE-2006-0294 (Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript ...)
+ TODO: check
+CVE-2006-0293 (The function allocation code (js_NewFunction in jsfun.c) in Firefox ...)
+ TODO: check
+CVE-2006-0292 (The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before ...)
+ TODO: check
CVE-2006-0291 (Multiple unspecified vulnerabilities in Oracle Database Server ...)
NOT-FOR-US: Oracle
CVE-2006-0290 (Unspecified vulnerability in Oracle Database Server 9.2.0.7, ...)
@@ -1302,9 +1372,9 @@
CVE-2005-4563 (SQL injection vulnerability in main.php in Enterprise Heart Enterprise ...)
NOT-FOR-US: Enterprise Heart Enterprise Connector
CVE-2005-4562
- RESERVED
+ REJECTED
CVE-2005-4561
- RESERVED
+ REJECTED
CVE-2005-4560 (The Windows Graphical Device Interface library (GDI32.DLL) in ...)
{CVE-2006-0106}
NOT-FOR-US: Microsoft
@@ -1354,8 +1424,7 @@
RESERVED
CVE-2005-4537
RESERVED
-CVE-2005-4536 [libmail-audit-perl: insecure /tmp handling]
- RESERVED
+CVE-2005-4536 (Mail::Audit module in libmail-audit-perl 2.1-5, when logging is ...)
{DSA-960-2 DSA-960-1}
- libmail-audit-perl 2.1-5.1 (bug #344029; medium)
CVE-2005-4535
@@ -2544,7 +2613,8 @@
CVE-2005-3995 (Format string vulnerability in the dosyslog function in the OBEX ...)
NOT-FOR-US: Sobexsrv
NOTE: Checked obexserver source package, not vulnerable
-CVE-2005-3994 (Cross-site scripting (XSS) vulnerability in Atlassian Confluence 2.0.1 ...)
+CVE-2005-3994
+ REJECTED
NOT-FOR-US: Atlassian Confluence
CVE-2005-3993 (Multiple unspecified vulnerabilities in MailEnable Professional 1.6 ...)
NOT-FOR-US: MailEnable
More information about the Secure-testing-commits
mailing list