[Secure-testing-commits] r4129 - data/CVE

Sat Jun 3 19:30:13 UTC 2006

Author: djoume-guest
Date: 2006-06-03 19:30:11 +0000 (Sat, 03 Jun 2006)
New Revision: 4129

Modified:
   data/CVE/list
Log:
* some NFUs
* php curl vulnerability


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-06-03 18:38:56 UTC (rev 4128)
+++ data/CVE/list	2006-06-03 19:30:11 UTC (rev 4129)
@@ -182,19 +182,20 @@
 CVE-2006-2570 (PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 ...)
 	NOT-FOR-US: CaLogic Calendars
 CVE-2006-2569 (SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and ...)
-	TODO: check
+	NOT-FOR-US: Linklist
 CVE-2006-2568 (PHP remote file inclusion vulnerability in addpost_newpoll.php in ...)
-	TODO: check
+	NOT-FOR-US: UBB.threads
 CVE-2006-2567 (Cross-site scripting (XSS) vulnerability in submit_article.php in ...)
-	TODO: check
+	NOT-FOR-US: Alstrasoft Article Manager Pro
 CVE-2006-2566 (Alstrasoft Article Manager Pro 1.6 allows remote attackers to obtain ...)
-	TODO: check
+	NOT-FOR-US: Alstrasoft Article Manager Pro
 CVE-2006-2565 (SQL injection vulnerability in Alstrasoft Article Manager Pro 1.6 ...)
-	TODO: check
+	NOT-FOR-US: Alstrasoft Article Manager Pro
 CVE-2006-2564 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
-	TODO: check
+	NOT-FOR-US: Alstrasoft Article Manager Pro
 CVE-2006-2563 (The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to ...)
-	TODO: check
+	- php4-curl <unfixed> (bug filed)
+	- php5-curl <unfixed> (bug filed)
 CVE-2006-2562 (ZyXEL P-335WT router allows remote attackers to bypass access ...)
 	TODO: check
 CVE-2006-2561 (Edimax BR-6104K router allows remote attackers to bypass access ...)
@@ -2886,7 +2887,7 @@
 CVE-2006-1467
 	RESERVED
 CVE-2006-1466 (Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2006-1465 (Buffer overflow in Apple QuickTime before 7.1 allows remote attackers ...)
 	NOT-FOR-US: Apple
 CVE-2006-1464 (Buffer overflow in Apple QuickTime before 7.1 allows remote attackers ...)


