[Secure-testing-commits] r4337 - data/CVE

Joey Hess joeyh at costa.debian.org
Wed Jul 5 21:14:27 UTC 2006 

Author: joeyh
Date: 2006-07-05 21:14:24 +0000 (Wed, 05 Jul 2006)
New Revision: 4337

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-07-05 20:56:55 UTC (rev 4336)
+++ data/CVE/list	2006-07-05 21:14:24 UTC (rev 4337)
@@ -1,3 +1,35 @@
+CVE-2006-3350
+	RESERVED
+CVE-2006-3349 (Multiple SQL injection vulnerabilities in SmS Script allow remote ...)
+	TODO: check
+CVE-2006-3348 (Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 ...)
+	TODO: check
+CVE-2006-3347 (SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP ...)
+	TODO: check
+CVE-2006-3346 (SQL injection vulnerability in tree.php in MyNewsGroups 0.6 allows ...)
+	TODO: check
+CVE-2006-3345 (Cross-site scripting (XSS) vulnerability in AliPAGER, possibly 1.5 and ...)
+	TODO: check
+CVE-2006-3344 (Siemens Speedstream Wireless Router 2624 allows local users to bypass ...)
+	TODO: check
+CVE-2006-3343 (PHP remote file inclusion vulnerability in recipe/cookbook.php in ...)
+	TODO: check
+CVE-2006-3342 (Cross-site scripting (XSS) vulnerability in index.php in Arctic 1.0.2 ...)
+	TODO: check
+CVE-2006-3341 (SQL injection vulnerability in annonces-p-f.php in MyAds module 2.04jp ...)
+	TODO: check
+CVE-2006-3340 (Multiple PHP remote file inclusion vulnerabilities in Pearl For Mambo ...)
+	TODO: check
+CVE-2006-3339 (secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows ...)
+	TODO: check
+CVE-2006-3338 (Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.6.2-#156 ...)
+	TODO: check
+CVE-2006-3337 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2006-3336
+	RESERVED
+CVE-2006-3335 (Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, ...)
+	TODO: check
 CVE-2006-3334 (Buffer overflow in the png_decompress_chunk function in pngrutil.c in ...)
 	TODO: check
 CVE-2006-3333 (Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum ...)
@@ -173,7 +205,7 @@
 	- hashcash 1.21
 CVE-2006-3250 (Heap-based buffer overflow in Windows Live Messenger 8.0 allows ...)
 	TODO: check
-CVE-2006-3249 (SQL injection vulnerability in search.php in Phorum 5.1.14 and earlier ...)
+CVE-2006-3249 (** DISPUTED ** ...)
 	TODO: check
 CVE-2006-3248 (SQL injection vulnerability in calendar.php in Codewalkers PHP Event ...)
 	TODO: check
@@ -440,7 +472,7 @@
 	RESERVED
 CVE-2006-3118 (spread uses a temporary file with a static filename based on the port ...)
 	TODO: check
-CVE-2006-3117 (Heap-based buffer overflow in OpenOffice.org 1.1.x up to 1.1.5 and ...)
+CVE-2006-3117 (Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up ...)
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
 CVE-2006-3116 (Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.4 ...)
@@ -824,8 +856,8 @@
 	RESERVED
 CVE-2006-2936
 	RESERVED
-CVE-2006-2935
-	RESERVED
+CVE-2006-2935 (The dvd_read_bca function in the DVD handling code in ...)
+	TODO: check
 CVE-2006-2934 (SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux ...)
 	TODO: check
 CVE-2006-2933
@@ -879,8 +911,8 @@
 	NOT-FOR-US: SelectaPix
 CVE-2006-2911 (SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 ...)
 	NOT-FOR-US: CMS Mundo
-CVE-2006-2910
-	RESERVED
+CVE-2006-2910 (Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other ...)
+	TODO: check
 CVE-2006-2909 (Stack-based buffer overflow in the info tip shell extension ...)
 	NOT-FOR-US: PicoZip
 CVE-2006-2908 (The domecode function in inc/functions_post.php in MyBulletinBoard ...)
@@ -2529,10 +2561,10 @@
 CVE-2006-2200 (Stack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to ...)
 	- libmms 0.2-5 (bug #374577; medium)
 	- mimms 2.0.0-1 (bug #374577; medium)
-CVE-2006-2199 (Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x up ...)
+CVE-2006-2199 (Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka ...)
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
-CVE-2006-2198 (OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows ...)
+CVE-2006-2198 (OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before ...)
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
 CVE-2006-2197 (Integer overflow in wv2 before 0.2.3 might allow context-dependent ...)
@@ -2544,8 +2576,8 @@
 CVE-2006-2195 (Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before ...)
 	{DSA-1099-1 DSA-1098-1}
 	- horde3 3.1.1-3
-CVE-2006-2194
-	RESERVED
+CVE-2006-2194 (The winbind plugin in pppd for ppp 2.4.4 and earlier does not check ...)
+	TODO: check
 CVE-2006-2193 (Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff ...)
 	{DSA-1091-1}
 	- tiff 3.8.2-4 (bug #371064; medium)
@@ -4422,10 +4454,10 @@
 	RESERVED
 CVE-2006-1471 (Format string vulnerability in the CF_syslog function launchd in Apple ...)
 	TODO: check
-CVE-2006-1470 (OpenLDAP Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to ...)
+CVE-2006-1470 (OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers ...)
 	- openldap2 <not-affected> (Vulnerable code not present)
 	- openldap2.2 <unfixed> (medium)
-CVE-2006-1469 (Stack-based buffer overflow ImageIO in Apple Mac OS X 10.4 up to ...)
+CVE-2006-1469 (Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to ...)
 	TODO: check
 CVE-2006-1468 (Unspecified vulnerability in Apple File Protocol (AFP) server in Apple ...)
 	TODO: check

More information about the Secure-testing-commits mailing list