[Secure-testing-commits] r4316 - data/CVE
Joey Hess
joeyh at costa.debian.org
Thu Jun 29 09:14:31 UTC 2006
Author: joeyh
Date: 2006-06-29 09:14:29 +0000 (Thu, 29 Jun 2006)
New Revision: 4316
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-06-29 07:08:20 UTC (rev 4315)
+++ data/CVE/list 2006-06-29 09:14:29 UTC (rev 4316)
@@ -1,3 +1,169 @@
+CVE-2006-3310
+ RESERVED
+CVE-2006-3309 (SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal ...)
+ TODO: check
+CVE-2006-3308 (Unspecified vulnerability in the wpprop code for Project EROS ...)
+ TODO: check
+CVE-2006-3307 (Multiple SQL injection vulnerabilities in Project EROS bbsengine ...)
+ TODO: check
+CVE-2006-3306 (Cross-site scripting (XSS) vulnerability in the preparestring funtion ...)
+ TODO: check
+CVE-2006-3305 (Multiple cross-site scripting (XSS) vulnerabilities in UebiMiau ...)
+ TODO: check
+CVE-2006-3304 (SQL injection vulnerability in cp.php in DeluxeBB 1.07 and earlier ...)
+ TODO: check
+CVE-2006-3303 (Multiple cross-site scripting (XSS) vulnerabilities in pm.php in ...)
+ TODO: check
+CVE-2006-3302 (PHP remote file inclusion vulnerability in mod_cbsms.php in CBSMS ...)
+ TODO: check
+CVE-2006-3301 (Multiple cross-site scripting (XSS) vulnerabilities in phpQLAdmin ...)
+ TODO: check
+CVE-2006-3300 (PHP remote file inclusion vulnerability in sms_config/gateway.php in ...)
+ TODO: check
+CVE-2006-3299 (Cross-site scripting (XSS) vulnerability in index.php in Usenet Script ...)
+ TODO: check
+CVE-2006-3298 (Yahoo! Messenger 7.5.0.814 and 7.0.438 allows remote attackers to ...)
+ TODO: check
+CVE-2006-3297 (Cross-site scripting (XSS) vulnerability in error.php in UebiMiau ...)
+ TODO: check
+CVE-2006-3296 (SQL injection vulnerability in view.php in Open Guestbook 0.5 allows ...)
+ TODO: check
+CVE-2006-3295 (Cross-site scripting (XSS) vulnerability in header.php in Open ...)
+ TODO: check
+CVE-2006-3294 (PHP remote file inclusion vulnerability in mod_cbsms_messages.php in ...)
+ TODO: check
+CVE-2006-3293 (parse_notice (TiCPU) in EnergyMech (emech) before 3.0.2 allows remote ...)
+ TODO: check
+CVE-2006-3292 (SQL injection vulnerability in the Search gadget in Jaws 0.6.2 allows ...)
+ TODO: check
+CVE-2006-3291 (The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on ...)
+ TODO: check
+CVE-2006-3290 (HTTP server in Cisco Wireless Control System (WCS) for Linux and ...)
+ TODO: check
+CVE-2006-3289 (Cross-site scripting (XSS) vulnerability in the login page of the HTTP ...)
+ TODO: check
+CVE-2006-3288 (Unspecified vulnerability in the TFTP server in Cisco Wireless Control ...)
+ TODO: check
+CVE-2006-3287 (Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and ...)
+ TODO: check
+CVE-2006-3286 (The internal database in Cisco Wireless Control System (WCS) for Linux ...)
+ TODO: check
+CVE-2006-3285 (The internal database in Cisco Wireless Control System (WCS) for Linux ...)
+ TODO: check
+CVE-2006-3284 (Cross-site scripting (XSS) vulnerability in Dating Agent PRO 4.7.1 ...)
+ TODO: check
+CVE-2006-3283 (SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote ...)
+ TODO: check
+CVE-2006-3282 (requirements.php in Dating Agent PRO 4.7.1 allows remote attackers to ...)
+ TODO: check
+CVE-2006-3281 (Microsoft Internet Explorer 6.0 allows remote user-complicit attackers ...)
+ TODO: check
+CVE-2006-3280 (Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows ...)
+ TODO: check
+CVE-2006-3279 (Cross-site scripting (XSS) vulnerability in aeDating 4.1 allows remote ...)
+ TODO: check
+CVE-2006-3278 (Cross-site scripting (XSS) vulnerability in H-Sphere 2.5.1 Beta 1 and ...)
+ TODO: check
+CVE-2006-3277 (Unspecified vulnerability in the SMTP service of MailEnable Standard ...)
+ TODO: check
+CVE-2006-3276 (Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and ...)
+ TODO: check
+CVE-2006-3275 (SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and ...)
+ TODO: check
+CVE-2006-3274 (Directory traversal vulnerability in Webmin before 1.280, when run on ...)
+ TODO: check
+CVE-2006-3273 (Cross-site scripting (XSS) vulnerability in menu.php in Some Chess 1.5 ...)
+ TODO: check
+CVE-2006-3272 (Cross-site request forgery (CSRF) vulnerability in menu.php in Some ...)
+ TODO: check
+CVE-2006-3271 (Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow ...)
+ TODO: check
+CVE-2006-3270 (SQL injection vulnerability in cms_admin.php in THoRCMS 1.3.1 allows ...)
+ TODO: check
+CVE-2006-3269 (PHP remote file inclusion vulnerability in includes/functions_cms.php ...)
+ TODO: check
+CVE-2006-3268
+ RESERVED
+CVE-2006-3267 (SQL injection vulnerability in index.php in Infinite Core Technologies ...)
+ TODO: check
+CVE-2006-3266 (Multiple PHP remote file inclusion vulnerabilities in Bee-hive Lite ...)
+ TODO: check
+CVE-2006-3265 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2006-3264 (Cross-site scripting (XSS) vulnerability in mclient.cgi in Namo ...)
+ TODO: check
+CVE-2006-3263 (SQL injection vulnerability in the Weblinks module (weblinks.php) in ...)
+ TODO: check
+CVE-2006-3262 (SQL injection vulnerability in the Weblinks module (weblinks.php) in ...)
+ TODO: check
+CVE-2006-3261 (Cross-site scripting (XSS) vulnerability in Trend Micro Control ...)
+ TODO: check
+CVE-2006-3260 (Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 ...)
+ TODO: check
+CVE-2006-3259 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 ...)
+ TODO: check
+CVE-2006-3258 (Multiple cross-site scripting (XSS) vulnerabilities in index.html in ...)
+ TODO: check
+CVE-2006-3257 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 ...)
+ TODO: check
+CVE-2006-3256 (SQL injection vulnerability in report.php in Woltlab Burning Board ...)
+ TODO: check
+CVE-2006-3255 (SQL injection vulnerability in showmods.php in Woltlab Burning Board ...)
+ TODO: check
+CVE-2006-3254 (SQL injection vulnerability in newthread.php in Woltlab Burning Board ...)
+ TODO: check
+CVE-2006-3253 (Cross-site scripting (XSS) vulnerability in member.php in vBulletin ...)
+ TODO: check
+CVE-2006-3252 (Buffer overflow in the Online Registration Facility for Algorithmic ...)
+ TODO: check
+CVE-2006-3251 (Heap-based buffer overflow in the array_push function in hashcash.c ...)
+ TODO: check
+CVE-2006-3250 (Heap-based buffer overflow in Windows Live Messenger 8.0 allows ...)
+ TODO: check
+CVE-2006-3249 (SQL injection vulnerability in search.php in Phorum 5.1.14 and earlier ...)
+ TODO: check
+CVE-2006-3248 (SQL injection vulnerability in calendar.php in Codewalkers PHP Event ...)
+ TODO: check
+CVE-2006-3247 (Multiple cross-site scripting (XSS) vulnerabilities in show.php in ...)
+ TODO: check
+CVE-2006-3246 (Cross-site scripting (XSS) vulnerability in show.php in GL-SH Deaf ...)
+ TODO: check
+CVE-2006-3245 (Multiple cross-site scripting (XSS) vulnerabilities in activatemember ...)
+ TODO: check
+CVE-2006-3244 (Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier ...)
+ TODO: check
+CVE-2006-3243 (SQL injection vulnerability in usercp.php in MyBB (MyBulletinBoard) ...)
+ TODO: check
+CVE-2006-3242 (Stack-based buffer overflow in the browse_get_namespace function in ...)
+ TODO: check
+CVE-2006-3241 (Cross-site scripting (XSS) vulnerability in messages.php in XennoBB ...)
+ TODO: check
+CVE-2006-3240 (Cross-site scripting (XSS) vulnerability in classes/ui.class.php in ...)
+ TODO: check
+CVE-2006-3239 (SQL injection vulnerability in message.php in VBZooM 1.11 and earlier ...)
+ TODO: check
+CVE-2006-3238 (Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier ...)
+ TODO: check
+CVE-2006-3237 (Cross-site scripting (XSS) vulnerability in index.php in Enterprise ...)
+ TODO: check
+CVE-2006-3236 (Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier ...)
+ TODO: check
+CVE-2006-3235 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2006-3234 (Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 ...)
+ TODO: check
+CVE-2006-3233 (Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in ...)
+ TODO: check
+CVE-2006-3232 (Unspecified vulnerability in IBM WebSphere Application Server before ...)
+ TODO: check
+CVE-2006-3231 (Unspecified vulnerability in IBM WebSphere Application Server before ...)
+ TODO: check
+CVE-2006-3230 (Cross-site scripting (XSS) vulnerability in index.tmpl in Azureus ...)
+ TODO: check
+CVE-2006-3229 (Cross-site scripting (XSS) vulnerability in OpenWebMail (OWM) 2.52, ...)
+ TODO: check
+CVE-2006-3228 (Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including ...)
+ TODO: check
CVE-2006-3227 (Interpretation conflict between Internet Explorer and other web ...)
NOT-FOR-US: Internet Explorer
CVE-2006-3226 (Cisco Secure Access Control Server (ACS) 4.x for Windows uses the ...)
@@ -6,8 +172,8 @@
NOT-FOR-US: Sun ONE Application Server
CVE-2006-3224 (Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote ...)
NOT-FOR-US: Apple Safari
-CVE-2006-3223
- RESERVED
+CVE-2006-3223 (Format string vulnerability in CA Integrated Threat Management (ITM), ...)
+ TODO: check
CVE-2006-3222 (The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 ...)
NOT-FOR-US: Fortinet FortiOS
CVE-2006-3221 (SQL injection vulnerability in index.php in DataLife Engine 4.1 and ...)
@@ -186,8 +352,8 @@
TODO: check
CVE-2006-3135
RESERVED
-CVE-2006-3134
- RESERVED
+CVE-2006-3134 (Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by ...)
+ TODO: check
CVE-2006-3133
RESERVED
CVE-2006-3132 (Cross-site scripting (XSS) vulnerability in qtofm.php4 in ...)
@@ -438,8 +604,8 @@
NOT-FOR-US: phpBannerExchange
CVE-2006-3012 (SQL injection vulnerability in phpBannerExchange before 2.0 Update 6 ...)
NOT-FOR-US: phpBannerExchange
-CVE-2006-3011
- RESERVED
+CVE-2006-3011 (The error_log function in PHP 5.1.4 and 4.4.2 allows local users to ...)
+ TODO: check
CVE-2003-1303 (Buffer overflow in the imap_fetch_overview function in the IMAP ...)
NOT-FOR-US: Microsoft Internet Explore
CVE-2003-1302 (The IMAP functionality in PHP before 4.3.1 allows remote attackers to ...)
@@ -2305,8 +2471,7 @@
NOT-FOR-US: Invision Gallery
CVE-2006-2201 (Unspecified vulnerability in CA Resource Initialization Manager ...)
NOT-FOR-US: CA Resource Initialization Manager
-CVE-2006-2200 [mimms/libmms bufferoverflows in mms / mmsh parsers]
- RESERVED
+CVE-2006-2200 (Stack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to ...)
- libmms 0.2-5 (bug #374577; medium)
- mimms 2.0.0-1 (bug #374577; medium)
CVE-2006-2199
@@ -3635,7 +3800,7 @@
NOT-FOR-US: Jupiter CMS
CVE-2006-1678 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- phpmyadmin 4:2.8.0.3-1 (bug #362567)
-CVE-2006-1677 (MAXdev MD-Pro 1.0.73 and 1.0.72 allows remote attackers to obtain the ...)
+CVE-2006-1677 (MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before ...)
NOT-FOR-US: MAXdev MD-Pro
CVE-2006-1676 (SQL injection vulnerability in the display function in the Topics ...)
NOT-FOR-US: MAXdev MD-Pro
@@ -4198,16 +4363,15 @@
RESERVED
CVE-2006-1472
RESERVED
-CVE-2006-1471
- RESERVED
-CVE-2006-1470 [openldap assert dos]
- RESERVED
+CVE-2006-1471 (Format string vulnerability in launchd in Apple Mac OS X 10.4 up to ...)
+ TODO: check
+CVE-2006-1470 (OpenLDAP Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to ...)
- openldap2 <not-affected> (Vulnerable code not present)
- openldap2.2 <unfixed> (medium)
-CVE-2006-1469
- RESERVED
-CVE-2006-1468
- RESERVED
+CVE-2006-1469 (Stack-based buffer overflow ImageIO in Apple Mac OS X 10.4 up to ...)
+ TODO: check
+CVE-2006-1468 (Unspecified vulnerability in AFP server in Apple Mac OS X 10.4 up to ...)
+ TODO: check
CVE-2006-1467
RESERVED
CVE-2006-1466 (Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects ...)
@@ -5819,7 +5983,7 @@
- thunderbird 1.5.0.2-1 (high)
[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (high)
- xulrunner 1.8.0.1-9
-CVE-2006-0747 (integer underflow in Freetype before 2.2 allows remote attackers to ...)
+CVE-2006-0747 (Integer underflow in Freetype before 2.2 allows remote attackers to ...)
{DSA-1095-1}
- freetype 2.2.1-1 (medium)
CVE-2006-0746 (Certain patches for kpdf do not include all relevant patches from xpdf ...)
@@ -6590,8 +6754,7 @@
- irssi-text <not-affected> (Only 0.8.10rc versions are affected)
CVE-2006-0457 (Race condition in the (1) add_key, (2) request_key, and (3) keyctl ...)
- linux-2.6 <unfixed>
-CVE-2006-0456 [kernel: strlen_user() DoS on s390]
- RESERVED
+CVE-2006-0456 (The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 ...)
{DSA-1103}
- linux-2.6 2.6.16-1
CVE-2006-0455 (gpgv in GnuPG before 1.4.2.1, when using unattended signature ...)
More information about the Secure-testing-commits
mailing list