[Secure-testing-commits] r3954 - data/CVE
Joey Hess
joeyh at costa.debian.org
Mon May 15 09:14:28 UTC 2006
Author: joeyh
Date: 2006-05-15 09:14:23 +0000 (Mon, 15 May 2006)
New Revision: 3954
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-14 17:37:28 UTC (rev 3953)
+++ data/CVE/list 2006-05-15 09:14:23 UTC (rev 3954)
@@ -1,3 +1,37 @@
+CVE-2006-2358 (Multiple cross-site scripting (XSS) vulnerabilities in various scripts ...)
+ TODO: check
+CVE-2006-2357 (Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 ...)
+ TODO: check
+CVE-2006-2356 (NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 ...)
+ TODO: check
+CVE-2006-2355 (Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional ...)
+ TODO: check
+CVE-2006-2354 (NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch ...)
+ TODO: check
+CVE-2006-2353 (NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 ...)
+ TODO: check
+CVE-2006-2352 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch ...)
+ TODO: check
+CVE-2006-2351 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch ...)
+ TODO: check
+CVE-2006-2350 (SQL injection vulnerability in the inc/elementz.php script in AliPAGER ...)
+ TODO: check
+CVE-2006-2349 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...)
+ TODO: check
+CVE-2006-2348 (Cross-site scripting (XSS) vulnerability in form_grupo.html in ...)
+ TODO: check
+CVE-2006-2347 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...)
+ TODO: check
+CVE-2006-2346 (vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows ...)
+ TODO: check
+CVE-2006-2345 (Cross-site scripting (XSS) vulnerability in inc/elementz.php in ...)
+ TODO: check
+CVE-2006-2344 (SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with ...)
+ TODO: check
+CVE-2006-2343 (Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine ...)
+ TODO: check
+CVE-2006-2342 (IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote ...)
+ TODO: check
CVE-2006-XXXX [dovecot information disclosure: list .. directory]
- dovecot 1.0.beta8-1 (low)
[sarge] - dovecot <not-affected> (vulnerability introduced in 1.0)
@@ -209,8 +243,8 @@
NOT-FOR-US: Fujitsu NetShelter/FW
CVE-2006-2239 (SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows ...)
NOT-FOR-US: Newsadmin
-CVE-2006-2238
- RESERVED
+CVE-2006-2238 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote ...)
+ TODO: check
CVE-2006-2237 (The web interface for AWStats 6.4 and 6.5, when statistics updates are ...)
- awstats 6.5-2 (bug #365909; medium)
CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) ...)
@@ -333,7 +367,7 @@
NOT-FOR-US: zenphoto
CVE-2006-2185
RESERVED
-CVE-2006-2184 (Cross-site scripting (XSS) vulnerability in search.php in PHPKB ...)
+CVE-2006-2184 (** DISPUTED ** ...)
NOT-FOR-US: PHPKB Knowledge Base
CVE-2006-2183 (Untrusted search path vulnerability in Truecrypt 4.1, when running ...)
NOT-FOR-US: Truecrypt
@@ -773,7 +807,7 @@
CVE-2006-1986 (Apple Safari 2.0.3 allows remote attackers to cause a denial of ...)
NOT-FOR-US: Apple Safari
NOTE: PoC exploit does not work with konqueror 4:3.5.2-2
-CVE-2006-1985 (Heap-based buffer overflow in BOMArchiveHelper 10.4 (6.3) Build 312, ...)
+CVE-2006-1985 (Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build ...)
NOT-FOR-US: BOMArchiveHelper
CVE-2006-1984 (Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X ...)
NOT-FOR-US: Mac OS X
@@ -1089,7 +1123,7 @@
RESERVED
CVE-2006-1855
RESERVED
-CVE-2006-1854 (Multiple cross-site scripting (XSS) vulnerabilities in BluePay Manager ...)
+CVE-2006-1854 (** DISPUTED ** ...)
NOT-FOR-US: BluePay Manager
CVE-2006-1853 (Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier ...)
NOT-FOR-US: ModernBill
@@ -1885,7 +1919,7 @@
NOT-FOR-US: VSNS Lemon
CVE-2006-1553 (SQL injection vulnerability in functions/final_functions.php in VSNS ...)
NOT-FOR-US: VSNS Lemon
-CVE-2006-1552 (ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to ...)
+CVE-2006-1552 (Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows ...)
NOT-FOR-US: Apple
CVE-2006-1551 (Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX ...)
NOT-FOR-US: PAJAX
@@ -2013,7 +2047,7 @@
CVE-2006-1520
RESERVED
CVE-2006-1519
- RESERVED
+ REJECTED
CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in MySQL ...)
- mysql-dfsg-5.0 5.0.21-1 (bug #365939; medium)
- mysql-dfsg-4.1 <unfixed> (bug #365939; medium)
@@ -2160,60 +2194,60 @@
RESERVED
CVE-2006-1466
RESERVED
-CVE-2006-1465
- RESERVED
-CVE-2006-1464
- RESERVED
-CVE-2006-1463
- RESERVED
-CVE-2006-1462
- RESERVED
-CVE-2006-1461
- RESERVED
-CVE-2006-1460
- RESERVED
-CVE-2006-1459
- RESERVED
-CVE-2006-1458
- RESERVED
-CVE-2006-1457
- RESERVED
-CVE-2006-1456
- RESERVED
-CVE-2006-1455
- RESERVED
-CVE-2006-1454
- RESERVED
-CVE-2006-1453
- RESERVED
-CVE-2006-1452
- RESERVED
-CVE-2006-1451
- RESERVED
-CVE-2006-1450
- RESERVED
-CVE-2006-1449
- RESERVED
-CVE-2006-1448
- RESERVED
-CVE-2006-1447
- RESERVED
-CVE-2006-1446
- RESERVED
-CVE-2006-1445
- RESERVED
-CVE-2006-1444
- RESERVED
-CVE-2006-1443
- RESERVED
-CVE-2006-1442
- RESERVED
-CVE-2006-1441
- RESERVED
-CVE-2006-1440
- RESERVED
-CVE-2006-1439
- RESERVED
+CVE-2006-1465 (Buffer overflow in Apple QuickTime 7.1 allows remote attackers to ...)
+ TODO: check
+CVE-2006-1464 (Buffer overflow in Apple QuickTime 7.1 allows remote attackers to ...)
+ TODO: check
+CVE-2006-1463 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote ...)
+ TODO: check
+CVE-2006-1462 (Multiple integer overflows in Apple QuickTime 7.1 allow remote ...)
+ TODO: check
+CVE-2006-1461 (Multiple buffer overflows in Apple QuickTime 7.1 allow remote ...)
+ TODO: check
+CVE-2006-1460 (Multiple buffer overflows in Apple QuickTime 7.1 allow remote ...)
+ TODO: check
+CVE-2006-1459 (Multiple integer overflows in Apple QuickTime 7.1 allow remote ...)
+ TODO: check
+CVE-2006-1458 (Integer overflow in Apple QuickTime Player 7.1 allows remote attackers ...)
+ TODO: check
+CVE-2006-1457 (Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after ...)
+ TODO: check
+CVE-2006-1456 (Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 ...)
+ TODO: check
+CVE-2006-1455 (QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows ...)
+ TODO: check
+CVE-2006-1454 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote ...)
+ TODO: check
+CVE-2006-1453 (Stack-based buffer overflow in Apple QuickTime 7.1 allows remote ...)
+ TODO: check
+CVE-2006-1452 (Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to ...)
+ TODO: check
+CVE-2006-1451 (MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a ...)
+ TODO: check
+CVE-2006-1450 (Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to ...)
+ TODO: check
+CVE-2006-1449 (Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows ...)
+ TODO: check
+CVE-2006-1448 (Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-complicit ...)
+ TODO: check
+CVE-2006-1447 (LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to ...)
+ TODO: check
+CVE-2006-1446 (Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an ...)
+ TODO: check
+CVE-2006-1445 (Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 ...)
+ TODO: check
+CVE-2006-1444 (CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for ...)
+ TODO: check
+CVE-2006-1443 (Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and ...)
+ TODO: check
+CVE-2006-1442 (The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 ...)
+ TODO: check
+CVE-2006-1441 (Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote ...)
+ TODO: check
+CVE-2006-1440 (BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite ...)
+ TODO: check
+CVE-2006-1439 (NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not ...)
+ TODO: check
CVE-2006-1438 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP ...)
NOT-FOR-US: aphpkb
CVE-2006-1437 (UPOINT @1 Event Publisher stores sensitive information under the web ...)
More information about the Secure-testing-commits
mailing list