[Secure-testing-commits] r4426 - data/CVE

Joey Hess joeyh at costa.debian.org
Thu Jul 20 09:14:40 UTC 2006 

Author: joeyh
Date: 2006-07-20 09:14:36 +0000 (Thu, 20 Jul 2006)
New Revision: 4426

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-07-20 03:12:17 UTC (rev 4425)
+++ data/CVE/list	2006-07-20 09:14:36 UTC (rev 4426)
@@ -1,3 +1,29 @@
+CVE-2006-3737 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2006-3736 (PHP remote file inclusion vulnerability in core/videodb.class.xml.php ...)
+	TODO: check
+CVE-2006-3735 (Multiple PHP remote file inclusion vulnerabilities in Mail2Forum ...)
+	TODO: check
+CVE-2006-3734 (Multiple unspecified vulnerabilities in the Command Line Interface ...)
+	TODO: check
+CVE-2006-3733 (Unspecified vulnerability in a component of the JBoss web application ...)
+	TODO: check
+CVE-2006-3732 (Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
+	TODO: check
+CVE-2006-3731 (Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted ...)
+	TODO: check
+CVE-2006-3730 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
+	TODO: check
+CVE-2006-3729 (DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office ...)
+	TODO: check
+CVE-2006-3728 (Unspecified vulnerability in the kernel in Solaris 10 with patch ...)
+	TODO: check
+CVE-2006-3727 (Multiple SQL injection vulnerabilities in Eskolar CMS 0.9.0.0 allow ...)
+	TODO: check
+CVE-2006-3726 (Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th ...)
+	TODO: check
+CVE-2006-3725 (Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a ...)
+	TODO: check
 CVE-2006-3724 (Unspecified vulnerability in JD Edwards HTML Server for Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2006-3723 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle ...)
@@ -272,8 +298,8 @@
 	- webauth 3.5.2-1
 CVE-2006-3590 (Unspecified vulnerability in mso.dll, as used by Microsoft PowerPoint ...)
 	NOT-FOR-US: Microsoft PowerPoint
-CVE-2006-3589
-	RESERVED
+CVE-2006-3589 (vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure ...)
+	TODO: check
 CVE-2006-3588 (Unspecified vulnerability in Macromedia Flash Player 8.0.24.0 allows ...)
 	NOT-FOR-US: Macromedia Flash Player 8
 CVE-2006-3587 (Unspecified vulnerability in Macromedia Flash Player 8.0.24.0 allows ...)
@@ -513,6 +539,7 @@
 CVE-2006-3470 (The Dell Openmanage CD launches X11 and SSH daemons that do not ...)
 	NOT-FOR-US: Dell Openmanage CD
 CVE-2006-3469 (Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and ...)
+	{DSA-1112}
 	TODO: check
 CVE-2006-3468 (Linux kernel 2.6.x, when using both NFS and EXT3, allows remote ...)
 	TODO: check
@@ -534,7 +561,7 @@
 	RESERVED
 CVE-2006-3459
 	RESERVED
-CVE-2006-3486 (Off-by-one buffer overflow in the ...)
+CVE-2006-3486 (** DISPUTED ** ...)
 	- mysql-dfsg-5.0 <unfixed> (unimportant)
 	[sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable code not present)
 	[sarge] - mysql-dfsg <not-affected> (Vulnerable code not present)
@@ -755,6 +782,7 @@
 CVE-2006-XXXX [trac: reStructuredText breach of privacy and denial of service]
 	- trac 0.9.6-1
 CVE-2006-3458 (Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does ...)
+	{DSA-1113}
 	- zope2.7 <removed> (bug #377285; medium)
 	- zope2.8 2.8.7-2 (bug #377277; medium)
 	- zope2.9 2.9.3-3 (bug #377286; medium)
@@ -1310,6 +1338,7 @@
 	- gnupg 1.4.3-2 (bug #375052; low)
 	- gnupg2 1.9.20-1.1 (bug #375053; low)
 CVE-2006-3081 (mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x ...)
+	{DSA-1112}
 	- mysql-server-5.0 5.0.19-1 (bug #373913; high)
 CVE-2006-3100 [termnetd buffer overflow]
 	RESERVED

More information about the Secure-testing-commits mailing list