[Secure-testing-commits] r4387 - data/CVE
Joey Hess
joeyh at costa.debian.org
Fri Jul 14 21:14:23 UTC 2006
Author: joeyh
Date: 2006-07-14 21:14:20 +0000 (Fri, 14 Jul 2006)
New Revision: 4387
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-07-14 08:16:35 UTC (rev 4386)
+++ data/CVE/list 2006-07-14 21:14:20 UTC (rev 4387)
@@ -1,3 +1,127 @@
+CVE-2006-3590 (Unspecified vulnerability in mso.dll, as used by Microsoft PowerPoint ...)
+ TODO: check
+CVE-2006-3589
+ RESERVED
+CVE-2006-3588 (Unspecified vulnerability in Macromedia Flash Player 8.0.24.0 allows ...)
+ TODO: check
+CVE-2006-3587 (Unspecified vulnerability in Macromedia Flash Player 8.0.24.0 allows ...)
+ TODO: check
+CVE-2006-3586
+ RESERVED
+CVE-2006-3585
+ RESERVED
+CVE-2006-3584
+ RESERVED
+CVE-2006-3583
+ RESERVED
+CVE-2006-3582 (Multiple stack-based buffer overflows in AdPlug 2.0 and earlier allow ...)
+ TODO: check
+CVE-2006-3581 (Multiple stack-based buffer overflows in AdPlug 2.0 and earlier allow ...)
+ TODO: check
+CVE-2006-3580 (SQL injection vulnerability in pages.asp in ASP Stats Generator before ...)
+ TODO: check
+CVE-2006-3579 (Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up ...)
+ TODO: check
+CVE-2006-3578 (Directory traversal vulnerability in Fujitsu ServerView 2.50 up to ...)
+ TODO: check
+CVE-2006-3577 (SQL injection vulnerability in index.php in LifeType 1.0.5 allows ...)
+ TODO: check
+CVE-2006-3576 (SQL injection vulnerability in Search.PHP in SenseSites CommonSense ...)
+ TODO: check
+CVE-2006-3575 (Unknown vulnerability in the Buffer Overflow Protection in McAfee ...)
+ TODO: check
+CVE-2006-3574 (Multiple cross-site scripting (XSS) vulnerabilities in Hitachi ...)
+ TODO: check
+CVE-2006-3573 (Format string vulnerability in agl_text.cpp in Milan Mimica Sparklet ...)
+ TODO: check
+CVE-2006-3572 (SQL injection vulnerability in forumthread.php in Papoo 3 RC3 and ...)
+ TODO: check
+CVE-2006-3571 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2006-3570 (Cross-site scripting (XSS) vulnerability in the webform module in ...)
+ TODO: check
+CVE-2006-3569 (Unspecified vulnerability in IBM Data ONTAP 7.1 and 7.1.0.1, when used ...)
+ TODO: check
+CVE-2006-3568 (Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php ...)
+ TODO: check
+CVE-2006-3567 (Cross-site scripting (XSS) vulnerability in the web administration ...)
+ TODO: check
+CVE-2006-3566 (search.results.php in HiveMail 3.1 and earlier allows remote attackers ...)
+ TODO: check
+CVE-2006-3565 (SQL injection vulnerability in search.results.php in HiveMail 3.1 and ...)
+ TODO: check
+CVE-2006-3564 (Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 ...)
+ TODO: check
+CVE-2006-3563 (Cross-site scripting (XSS) vulnerability in gallery/thumb.php in ...)
+ TODO: check
+CVE-2006-3562 (PHP remote file inclusion vulnerabilities in plume cms 1.0.4 allow ...)
+ TODO: check
+CVE-2006-3561 (BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and ...)
+ TODO: check
+CVE-2006-3560 (SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums ...)
+ TODO: check
+CVE-2006-3559 (Multiple SQL injection vulnerabilities in Arif Supriyanto auraCMS 1.62 ...)
+ TODO: check
+CVE-2006-3558 (Multiple cross-site scripting (XSS) vulnerabilities in Arif Supriyanto ...)
+ TODO: check
+CVE-2006-3557 (MT Orumcek Toplist 2.2 stores DB/orumcektoplist.mdb under the web root ...)
+ TODO: check
+CVE-2006-3556 (PHP remote file inclusion vulnerability in extcalendar.php in Mohamed ...)
+ TODO: check
+CVE-2006-3555 (Multiple cross-site scripting (XSS) vulnerabilities in submit.php in ...)
+ TODO: check
+CVE-2006-3554 (Directory traversal vulnerability in index.php in MKPortal 1.0.1 Final ...)
+ TODO: check
+CVE-2006-3553 (PlaNet Concept planetNews allows remote attackers to bypass ...)
+ TODO: check
+CVE-2006-3552 (Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and ...)
+ TODO: check
+CVE-2006-3551 (NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and ...)
+ TODO: check
+CVE-2006-3550 (Multiple cross-site scripting (XSS) vulnerabilities in F5 Networks ...)
+ TODO: check
+CVE-2006-3549 (services/go.php in Horde Application Framework 3.0.0 through 3.0.10 ...)
+ TODO: check
+CVE-2006-3548 (Multiple cross-site scripting (XSS) vulnerabilities in Horde ...)
+ TODO: check
+CVE-2006-3547 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-3546 (Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote ...)
+ TODO: check
+CVE-2006-3545 (** DISPUTED ** Microsoft Internet Explorer 7.0 Beta allows remote ...)
+ TODO: check
+CVE-2006-3544 (Multiple SQL injection vulnerabilities in Invision Power Board (IPB) ...)
+ TODO: check
+CVE-2006-3543 (Multiple SQL injection vulnerabilities in Invision Power Board (IPB) ...)
+ TODO: check
+CVE-2006-3542 (Multiple cross-site scripting (XSS) vulnerabilities in Garry Glendown ...)
+ TODO: check
+CVE-2006-3541 (SQL injection vulnerability in Meine Links (aka My Links) in Kyberna ...)
+ TODO: check
+CVE-2006-3540 (Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, ...)
+ TODO: check
+CVE-2006-3539 (Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com ...)
+ TODO: check
+CVE-2006-3538 (Multiple cross-site scripting (XSS) vulnerabilities in demo.php in ...)
+ TODO: check
+CVE-2006-3537 (PHP remote file inclusion vulnerability in index.php in Randshop ...)
+ TODO: check
+CVE-2006-3536 (Direct static code injection vulnerability in code/class_db_text.php ...)
+ TODO: check
+CVE-2006-3535 (Directory traversal vulnerability in Nullsoft SHOUTcast DSP before ...)
+ TODO: check
+CVE-2006-3534 (Directory traversal vulnerability in Nullsoft SHOUTcast DSP before ...)
+ TODO: check
+CVE-2006-3533 (Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.30 RC2 ...)
+ TODO: check
+CVE-2006-3532 (PHP file inclusion vulnerability in includes/edit_new.php in Pivot ...)
+ TODO: check
+CVE-2006-3531 (includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates ...)
+ TODO: check
+CVE-2006-3530 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2003-1304 (EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under ...)
+ TODO: check
CVE-2006-3529 (Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, ...)
NOT-FOR-US: Juniper JUNOS
CVE-2006-3528 (Multiple PHP remote file inclusion vulnerabilities in Simpleboard ...)
@@ -151,10 +275,10 @@
RESERVED
CVE-2006-3454
RESERVED
-CVE-2006-3453
- RESERVED
-CVE-2006-3452
- RESERVED
+CVE-2006-3453 (Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers ...)
+ TODO: check
+CVE-2006-3452 (Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure ...)
+ TODO: check
CVE-2006-3451
RESERVED
CVE-2006-3450
@@ -249,8 +373,7 @@
NOT-FOR-US: QTOFileManager
CVE-2006-3405 (Cross-site scripting (XSS) vulnerability in qtofm.php in ...)
NOT-FOR-US: QTOFileManager
-CVE-2006-3403 [samba tcon dos]
- RESERVED
+CVE-2006-3403 (The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote ...)
- samba <unfixed>
CVE-2006-3402 (SQL injection vulnerability in VirtuaStore 2.0 allows remote attackers ...)
NOT-FOR-US: VirtuaStore
@@ -806,8 +929,8 @@
NOT-FOR-US: Edge eCommerce Shop
CVE-2006-3136 (** DISPUTED ** ...)
NOT-FOR-US: Nucleus
-CVE-2006-3135
- RESERVED
+CVE-2006-3135 (Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and ...)
+ TODO: check
CVE-2006-3134 (Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by ...)
NOT-FOR-US: GraceNote ActiveX Control
CVE-2006-3133
@@ -964,7 +1087,7 @@
NOT-FOR-US: 5 Star Review
CVE-2006-3060 (Cross-site scripting (XSS) vulnerability in P.A.I.D 2.2 allows remote ...)
NOT-FOR-US: P.A.I.D
-CVE-2006-3059 (Unspecified vulnerability in Microsoft Excel allows remote ...)
+CVE-2006-3059 (Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote ...)
NOT-FOR-US: Microsoft Excel
CVE-2006-3058
RESERVED
@@ -1060,7 +1183,7 @@
NOT-FOR-US: phpBannerExchange
CVE-2006-3012 (SQL injection vulnerability in phpBannerExchange before 2.0 Update 6 ...)
NOT-FOR-US: phpBannerExchange
-CVE-2006-3011 (The error_log function in PHP 5.1.4 and 4.4.2 allows local users to ...)
+CVE-2006-3011 (The error_log function in basic_functions.c in PHP 5.1.4 and 4.4.2 ...)
TODO: check
CVE-2003-1303 (Buffer overflow in the imap_fetch_overview function in the IMAP ...)
NOT-FOR-US: Microsoft Internet Explore
@@ -2490,8 +2613,8 @@
NOT-FOR-US: OZJournals
CVE-2006-2389 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
TODO: check
-CVE-2006-2388
- RESERVED
+CVE-2006-2388 (Microsoft Office Excel 2000 through 2004 allows user-complicit ...)
+ TODO: check
CVE-2006-2387
RESERVED
CVE-2006-2386
@@ -3397,7 +3520,7 @@
NOT-FOR-US: dForum
CVE-2006-1992 (mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, ...)
NOT-FOR-US: Microsoft Internet Explorer
-CVE-2006-1991 (The substr_compare function in string.c in PHP 4.4.2 and 5.1.2 allows ...)
+CVE-2006-1991 (The substr_compare function in string.c in PHP 5.1.2 allows ...)
- php4 <not-affected> (substr_compare does not exist in PHP 4.4.2)
- php5 5.1.4-0.1 (bug #365312; medium)
CVE-2006-1990 (Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and ...)
@@ -4618,7 +4741,7 @@
- python2.4 <unfixed>
CVE-2006-1541 (SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and ...)
NOT-FOR-US: EzASPSite
-CVE-2006-1540 (Microsoft Office 2002 (aka Office XP) allows user-complicit attackers ...)
+CVE-2006-1540 (MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 ...)
NOT-FOR-US: Microsoft
CVE-2006-1539 (Multiple buffer overflows in the checkscores function in scores.c in ...)
- bsdgames 2.17-6 (bug #361160)
@@ -5174,24 +5297,24 @@
RESERVED
CVE-2006-1310
RESERVED
-CVE-2006-1309
- RESERVED
-CVE-2006-1308
- RESERVED
+CVE-2006-1309 (Microsoft Excel 2000 through 2004 allows user-complicit attackers to ...)
+ TODO: check
+CVE-2006-1308 (Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows ...)
+ TODO: check
CVE-2006-1307
RESERVED
-CVE-2006-1306
- RESERVED
+CVE-2006-1306 (Microsoft Excel 2000 through 2004 allows user-complicit attackers to ...)
+ TODO: check
CVE-2006-1305
RESERVED
-CVE-2006-1304
- RESERVED
+CVE-2006-1304 (Buffer overflow in Microsoft Excel 2000 through 2003 allows ...)
+ TODO: check
CVE-2006-1303 (Multiple unspecified vulnerabilities in Microsoft Internet Explorer ...)
TODO: check
-CVE-2006-1302
- RESERVED
-CVE-2006-1301
- RESERVED
+CVE-2006-1302 (Buffer overflow in Microsoft Excel 2000 through 2003 allows ...)
+ TODO: check
+CVE-2006-1301 (Microsoft Excel 2000 through 2004 allows user-complicit attackers to ...)
+ TODO: check
CVE-2006-1300 (Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, ...)
TODO: check
CVE-2006-1299
@@ -10662,7 +10785,7 @@
NOT-FOR-US: Microsoft
CVE-2006-0008 (The ShellAbout API call in Korean Input Method Editor (IME) in Korean ...)
NOT-FOR-US: Microsoft
-CVE-2006-0007 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
+CVE-2006-0007 (Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1 ...)
TODO: check
CVE-2006-0006 (Heap-based buffer overflow in the bitmap processing routine in ...)
NOT-FOR-US: Microsoft
More information about the Secure-testing-commits
mailing list