[Secure-testing-commits] r4801 - data/CVE
Joey Hess
joeyh at costa.debian.org
Tue Oct 3 09:14:24 UTC 2006
Author: joeyh
Date: 2006-10-03 09:14:22 +0000 (Tue, 03 Oct 2006)
New Revision: 4801
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-02 21:14:19 UTC (rev 4800)
+++ data/CVE/list 2006-10-03 09:14:22 UTC (rev 4801)
@@ -1,3 +1,91 @@
+CVE-2006-5143
+ RESERVED
+CVE-2006-5142
+ RESERVED
+CVE-2006-5141 (PHP remote file inclusion vulnerability in script.php in Kevin A. ...)
+ TODO: check
+CVE-2006-5140 (SQL injection vulnerability in display.php in Lappy512 PHP Krazy Image ...)
+ TODO: check
+CVE-2006-5139 (Unspecified vulnerability in MkPortal allows remote attackers to ...)
+ TODO: check
+CVE-2006-5138 (Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain ...)
+ TODO: check
+CVE-2006-5137 (Multiple direct static code injection vulnerabilities in Groupee ...)
+ TODO: check
+CVE-2006-5136 (Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in ...)
+ TODO: check
+CVE-2006-5135 (Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow ...)
+ TODO: check
+CVE-2006-5134 (Mercury SiteScope 8.2 (8.1.2.0) allows remote authenticated users to ...)
+ TODO: check
+CVE-2006-5133 (Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have ...)
+ TODO: check
+CVE-2006-5132 (Multiple PHP remote file inclusion vulnerabilities in phpMyAgenda 3.0 ...)
+ TODO: check
+CVE-2006-5131 (module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another ...)
+ TODO: check
+CVE-2006-5130 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...)
+ TODO: check
+CVE-2006-5129 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...)
+ TODO: check
+CVE-2006-5128 (SQL injection vulnerability in index.php in Bartels Schoene ConPresso ...)
+ TODO: check
+CVE-2006-5127 (Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ...)
+ TODO: check
+CVE-2006-5126 (PHP remote file inclusion vulnerability in index.php in John Himmelman ...)
+ TODO: check
+CVE-2006-5125 (Directory traversal vulnerability in window.php, possibly used by ...)
+ TODO: check
+CVE-2006-5124 (Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim ...)
+ TODO: check
+CVE-2006-5123 (Multiple PHP remote file inclusion vulnerabilities in Albrecht ...)
+ TODO: check
+CVE-2006-5122 (Multiple cross-site scripting (XSS) vulnerabilities in Mercury ...)
+ TODO: check
+CVE-2006-5121 (SQL injection vulnerability in modules/Downloads/admin.php in the ...)
+ TODO: check
+CVE-2006-5120 (Multiple cross-site scripting (XSS) vulnerabilities in Scott Metoyer ...)
+ TODO: check
+CVE-2006-5119 (Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart 1.3.5 ...)
+ TODO: check
+CVE-2006-5118 (PHP remote file inclusion vulnerability in index.php3 in the PDD ...)
+ TODO: check
+CVE-2006-5117 (phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web ...)
+ TODO: check
+CVE-2006-5116 (Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.1-rc1 ...)
+ TODO: check
+CVE-2006-5115 (Directory traversal vulnerability in kgcall.php in KGB 1.87 allows ...)
+ TODO: check
+CVE-2006-5114 (Multiple cross-site scripting (XSS) vulnerabilities in wgate in SAP ...)
+ TODO: check
+CVE-2006-5113 (Directory traversal vulnerability in common.php in Yuuki Yoshizawa ...)
+ TODO: check
+CVE-2006-5112 (Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote ...)
+ TODO: check
+CVE-2006-5111 (The libksba library 0.9.12 and possibly other versions, as used by ...)
+ TODO: check
+CVE-2006-5110 (Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice ...)
+ TODO: check
+CVE-2006-5109 (Devellion CubeCart 2.0.x allows remote attackers to obtain sensitive ...)
+ TODO: check
+CVE-2006-5108 (Multiple cross-site scripting (XSS) vulnerabilities in Devellion ...)
+ TODO: check
+CVE-2006-5107 (Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x ...)
+ TODO: check
+CVE-2006-5106 (Cross-site scripting (XSS) vulnerability in FacileForms before 1.4.7 ...)
+ TODO: check
+CVE-2006-5105 (Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1 ...)
+ TODO: check
+CVE-2006-5104 (SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x ...)
+ TODO: check
+CVE-2006-5103 (PHP remote file inclusion vulnerability in index2.php in bbsNew 2.0.1 ...)
+ TODO: check
+CVE-2006-5102 (PHP remote file inclusion vulnerability in include/editfunc.inc.php in ...)
+ TODO: check
+CVE-2006-5101 (PHP remote file inclusion vulnerability in include.php in Comdev CSV ...)
+ TODO: check
+CVE-2006-5100 (PHP remote file inclusion vulnerability in parse/parser.php in ...)
+ TODO: check
CVE-2006-5099 (lib/exec/fetch.php in DokuWiki before 2006-03-09e, when ...)
TODO: check
CVE-2006-5098 (lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote ...)
@@ -63,7 +151,7 @@
NOT-FOR-US: eyeOS
CVE-2006-5070 (PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: faceStones Personal
-CVE-2006-5069 (Cross-site scripting (XSS) vulnerability in the Indexed Search 2.9.0 ...)
+CVE-2006-5069 (Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php ...)
TODO: check
CVE-2006-5068 (PHP remote file inclusion vulnerability in admin/index.php in ...)
NOT-FOR-US: BrudaNews
@@ -1533,32 +1621,32 @@
RESERVED
CVE-2006-4400
RESERVED
-CVE-2006-4399
- RESERVED
+CVE-2006-4399 (User interface inconsistency in Workgroup Manager in Apple Mac OS X ...)
+ TODO: check
CVE-2006-4398
RESERVED
-CVE-2006-4397
- RESERVED
+CVE-2006-4397 (Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 ...)
+ TODO: check
CVE-2006-4396
RESERVED
-CVE-2006-4395
- RESERVED
-CVE-2006-4394
- RESERVED
-CVE-2006-4393
- RESERVED
-CVE-2006-4392
- RESERVED
-CVE-2006-4391
- RESERVED
-CVE-2006-4390
- RESERVED
+CVE-2006-4395 (Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X ...)
+ TODO: check
+CVE-2006-4394 (A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, ...)
+ TODO: check
+CVE-2006-4393 (Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 ...)
+ TODO: check
+CVE-2006-4392 (The Mach kernel, as used in operating systems including (1) Mac OS X ...)
+ TODO: check
+CVE-2006-4391 (Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 ...)
+ TODO: check
+CVE-2006-4390 (CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows ...)
+ TODO: check
CVE-2006-4389 (Apple QuickTime before 7.1.3 allows user-assisted remote attackers to ...)
NOT-FOR-US: Apple QuickTime
CVE-2006-4388 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
NOT-FOR-US: Apple QuickTime
-CVE-2006-4387
- RESERVED
+CVE-2006-4387 (Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the ...)
+ TODO: check
CVE-2006-4386 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
NOT-FOR-US: Apple QuickTime
CVE-2006-4385 (Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
@@ -2550,7 +2638,7 @@
NOT-FOR-US: php-nuke
CVE-2006-3947 (PHP remote file inclusion vulnerability in ...)
NOT-FOR-US: Mambatstaff
-CVE-2006-3946 (The KHTMLParser::popOneBlock function in Apple Safari 2.0.4 on Mac OS ...)
+CVE-2006-3946 (WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote ...)
NOT-FOR-US: Apple Safari 2.0.4
NOTE: konqueror 3.5.x is not affected
NOTE: PoC http://browserfun.blogspot.com/2006/07/mobb-31-safari-khtmlparserpoponeblock.html
More information about the Secure-testing-commits
mailing list