[Secure-testing-commits] r3954 - data/CVE

Joey Hess joeyh at costa.debian.org
Mon May 15 09:14:28 UTC 2006


Author: joeyh
Date: 2006-05-15 09:14:23 +0000 (Mon, 15 May 2006)
New Revision: 3954

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-14 17:37:28 UTC (rev 3953)
+++ data/CVE/list	2006-05-15 09:14:23 UTC (rev 3954)
@@ -1,3 +1,37 @@
+CVE-2006-2358 (Multiple cross-site scripting (XSS) vulnerabilities in various scripts ...)
+	TODO: check
+CVE-2006-2357 (Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 ...)
+	TODO: check
+CVE-2006-2356 (NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 ...)
+	TODO: check
+CVE-2006-2355 (Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional ...)
+	TODO: check
+CVE-2006-2354 (NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch ...)
+	TODO: check
+CVE-2006-2353 (NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 ...)
+	TODO: check
+CVE-2006-2352 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch ...)
+	TODO: check
+CVE-2006-2351 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch ...)
+	TODO: check
+CVE-2006-2350 (SQL injection vulnerability in the inc/elementz.php script in AliPAGER ...)
+	TODO: check
+CVE-2006-2349 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...)
+	TODO: check
+CVE-2006-2348 (Cross-site scripting (XSS) vulnerability in form_grupo.html in ...)
+	TODO: check
+CVE-2006-2347 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...)
+	TODO: check
+CVE-2006-2346 (vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows ...)
+	TODO: check
+CVE-2006-2345 (Cross-site scripting (XSS) vulnerability in inc/elementz.php in ...)
+	TODO: check
+CVE-2006-2344 (SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with ...)
+	TODO: check
+CVE-2006-2343 (Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine ...)
+	TODO: check
+CVE-2006-2342 (IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote ...)
+	TODO: check
 CVE-2006-XXXX [dovecot information disclosure: list .. directory]
 	- dovecot 1.0.beta8-1 (low)
 	[sarge] - dovecot <not-affected> (vulnerability introduced in 1.0)
@@ -209,8 +243,8 @@
 	NOT-FOR-US: Fujitsu NetShelter/FW
 CVE-2006-2239 (SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows ...)
 	NOT-FOR-US: Newsadmin
-CVE-2006-2238
-	RESERVED
+CVE-2006-2238 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote ...)
+	TODO: check
 CVE-2006-2237 (The web interface for AWStats 6.4 and 6.5, when statistics updates are ...)
 	- awstats 6.5-2 (bug #365909; medium)
 CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) ...)
@@ -333,7 +367,7 @@
 	NOT-FOR-US: zenphoto
 CVE-2006-2185
 	RESERVED
-CVE-2006-2184 (Cross-site scripting (XSS) vulnerability in search.php in PHPKB ...)
+CVE-2006-2184 (** DISPUTED ** ...)
 	NOT-FOR-US: PHPKB Knowledge Base
 CVE-2006-2183 (Untrusted search path vulnerability in Truecrypt 4.1, when running ...)
 	NOT-FOR-US: Truecrypt
@@ -773,7 +807,7 @@
 CVE-2006-1986 (Apple Safari 2.0.3 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Apple Safari
 	NOTE: PoC exploit does not work with konqueror 4:3.5.2-2
-CVE-2006-1985 (Heap-based buffer overflow in BOMArchiveHelper 10.4 (6.3) Build 312, ...)
+CVE-2006-1985 (Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build ...)
 	NOT-FOR-US: BOMArchiveHelper
 CVE-2006-1984 (Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X ...)
 	NOT-FOR-US: Mac OS X
@@ -1089,7 +1123,7 @@
 	RESERVED
 CVE-2006-1855
 	RESERVED
-CVE-2006-1854 (Multiple cross-site scripting (XSS) vulnerabilities in BluePay Manager ...)
+CVE-2006-1854 (** DISPUTED ** ...)
 	NOT-FOR-US: BluePay Manager
 CVE-2006-1853 (Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier ...)
 	NOT-FOR-US: ModernBill
@@ -1885,7 +1919,7 @@
 	NOT-FOR-US: VSNS Lemon 
 CVE-2006-1553 (SQL injection vulnerability in functions/final_functions.php in VSNS ...)
 	NOT-FOR-US: VSNS Lemon 
-CVE-2006-1552 (ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to ...)
+CVE-2006-1552 (Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows ...)
 	NOT-FOR-US: Apple 
 CVE-2006-1551 (Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX ...)
 	NOT-FOR-US: PAJAX
@@ -2013,7 +2047,7 @@
 CVE-2006-1520
 	RESERVED
 CVE-2006-1519
-	RESERVED
+	REJECTED
 CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in MySQL ...)
 	- mysql-dfsg-5.0 5.0.21-1 (bug #365939; medium)
 	- mysql-dfsg-4.1 <unfixed> (bug #365939; medium)
@@ -2160,60 +2194,60 @@
 	RESERVED
 CVE-2006-1466
 	RESERVED
-CVE-2006-1465
-	RESERVED
-CVE-2006-1464
-	RESERVED
-CVE-2006-1463
-	RESERVED
-CVE-2006-1462
-	RESERVED
-CVE-2006-1461
-	RESERVED
-CVE-2006-1460
-	RESERVED
-CVE-2006-1459
-	RESERVED
-CVE-2006-1458
-	RESERVED
-CVE-2006-1457
-	RESERVED
-CVE-2006-1456
-	RESERVED
-CVE-2006-1455
-	RESERVED
-CVE-2006-1454
-	RESERVED
-CVE-2006-1453
-	RESERVED
-CVE-2006-1452
-	RESERVED
-CVE-2006-1451
-	RESERVED
-CVE-2006-1450
-	RESERVED
-CVE-2006-1449
-	RESERVED
-CVE-2006-1448
-	RESERVED
-CVE-2006-1447
-	RESERVED
-CVE-2006-1446
-	RESERVED
-CVE-2006-1445
-	RESERVED
-CVE-2006-1444
-	RESERVED
-CVE-2006-1443
-	RESERVED
-CVE-2006-1442
-	RESERVED
-CVE-2006-1441
-	RESERVED
-CVE-2006-1440
-	RESERVED
-CVE-2006-1439
-	RESERVED
+CVE-2006-1465 (Buffer overflow in Apple QuickTime 7.1 allows remote attackers to ...)
+	TODO: check
+CVE-2006-1464 (Buffer overflow in Apple QuickTime 7.1 allows remote attackers to ...)
+	TODO: check
+CVE-2006-1463 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote ...)
+	TODO: check
+CVE-2006-1462 (Multiple integer overflows in Apple QuickTime 7.1 allow remote ...)
+	TODO: check
+CVE-2006-1461 (Multiple buffer overflows in Apple QuickTime 7.1 allow remote ...)
+	TODO: check
+CVE-2006-1460 (Multiple buffer overflows in Apple QuickTime 7.1 allow remote ...)
+	TODO: check
+CVE-2006-1459 (Multiple integer overflows in Apple QuickTime 7.1 allow remote ...)
+	TODO: check
+CVE-2006-1458 (Integer overflow in Apple QuickTime Player 7.1 allows remote attackers ...)
+	TODO: check
+CVE-2006-1457 (Safari on Apple Mac OS X 10.4.6, when &quot;Open `safe' files after ...)
+	TODO: check
+CVE-2006-1456 (Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 ...)
+	TODO: check
+CVE-2006-1455 (QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows ...)
+	TODO: check
+CVE-2006-1454 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote ...)
+	TODO: check
+CVE-2006-1453 (Stack-based buffer overflow in Apple QuickTime 7.1 allows remote ...)
+	TODO: check
+CVE-2006-1452 (Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to ...)
+	TODO: check
+CVE-2006-1451 (MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a ...)
+	TODO: check
+CVE-2006-1450 (Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to ...)
+	TODO: check
+CVE-2006-1449 (Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows ...)
+	TODO: check
+CVE-2006-1448 (Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-complicit ...)
+	TODO: check
+CVE-2006-1447 (LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to ...)
+	TODO: check
+CVE-2006-1446 (Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an ...)
+	TODO: check
+CVE-2006-1445 (Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 ...)
+	TODO: check
+CVE-2006-1444 (CoreGraphics in Apple Mac OS X 10.4.6, when &quot;Enable access for ...)
+	TODO: check
+CVE-2006-1443 (Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and ...)
+	TODO: check
+CVE-2006-1442 (The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 ...)
+	TODO: check
+CVE-2006-1441 (Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote ...)
+	TODO: check
+CVE-2006-1440 (BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite ...)
+	TODO: check
+CVE-2006-1439 (NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not ...)
+	TODO: check
 CVE-2006-1438 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP ...)
 	NOT-FOR-US: aphpkb
 CVE-2006-1437 (UPOINT @1 Event Publisher stores sensitive information under the web ...)




More information about the Secure-testing-commits mailing list