[Secure-testing-commits] r4813 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Thu Oct 5 19:12:18 UTC 2006
Author: stef-guest
Date: 2006-10-05 19:12:16 +0000 (Thu, 05 Oct 2006)
New Revision: 4813
Modified:
data/CVE/list
Log:
many NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-05 18:44:54 UTC (rev 4812)
+++ data/CVE/list 2006-10-05 19:12:16 UTC (rev 4813)
@@ -1,17 +1,17 @@
CVE-2006-5167 (Multiple PHP remote file inclusion vulnerabilities in BasiliX 1.1.1 ...)
- TODO: check
+ NOT-FOR-US: BasiliX
CVE-2006-5166 (PHP remote file inclusion vulnerability in functions.php in PHP Web ...)
- TODO: check
+ NOT-FOR-US: PHP Web Scripts Easy Banner Free
CVE-2006-5165 (PHP remote file inclusion vulnerability in inc/functions.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Skrypty PPA Gallery
CVE-2006-5164 (Multiple cross-site scripting (XSS) vulnerabilities in cart.php in Sum ...)
- TODO: check
+ NOT-FOR-US: digiSHOP
CVE-2006-5163 (IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2006-5162 (wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-5161 (IBM Client Security Password Manager stores and distributes saved ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2006-5160 (** DISPUTED ** ...)
TODO: check
CVE-2006-5159 (** DISPUTED ** ...)
@@ -19,33 +19,33 @@
CVE-2006-5158 (Unspecified vulnerability in NFS lockd in the kernel in SUSE Linux 9.2 ...)
TODO: check
CVE-2006-5157 (Format string vulnerability in the ActiveX control (ATXCONSOLE.OCX) in ...)
- TODO: check
+ NOT-FOR-US: TrendMicro OfficeScan
CVE-2006-5156 (Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2006-5155 (PHP remote file inclusion vulnerability in core/pdf.php in VideoDB ...)
- TODO: check
+ NOT-FOR-US: VideoDB
CVE-2006-5154 (PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 ...)
- TODO: check
+ NOT-FOR-US: DeluxeBB
CVE-2006-5153 (The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal ...)
- TODO: check
+ NOT-FOR-US: Kerio Personal Firewall
CVE-2006-5152 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-5151 (Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2006-5150 (SQL injection vulnerability in the reports system in OpenBiblio before ...)
- TODO: check
+ NOT-FOR-US: OpenBiblio
CVE-2006-5149 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
- TODO: check
+ NOT-FOR-US: OpenBiblio
CVE-2006-5148 (Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b ...)
- TODO: check
+ NOT-FOR-US: Forum82
CVE-2006-5147 (PHP remote file inclusion vulnerability in wamp_dir/setup/yesno.phtml ...)
- TODO: check
+ NOT-FOR-US: VAMP Webmail
CVE-2006-5146 (Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow ...)
- TODO: check
+ NOT-FOR-US: Yblog
CVE-2006-5145 (Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow ...)
- TODO: check
+ NOT-FOR-US: OlateDownload
CVE-2006-5144 (Cross-site scripting (XSS) vulnerability in userupload.php in ...)
- TODO: check
+ NOT-FOR-US: OlateDownload
CVE-2006-XXXX [unspecified libgsf security issue (IDEF1622)]
- libgsf 1.14.2-1
CVE-2006-5143
@@ -53,143 +53,143 @@
CVE-2006-5142
RESERVED
CVE-2006-5141 (PHP remote file inclusion vulnerability in script.php in Kevin A. ...)
- TODO: check
+ NOT-FOR-US: Open Geo Targeting (aka geotarget)
CVE-2006-5140 (SQL injection vulnerability in display.php in Lappy512 PHP Krazy Image ...)
- TODO: check
+ NOT-FOR-US: Image Host Script (phpkimagehost)
CVE-2006-5139 (Unspecified vulnerability in MkPortal allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: MkPortal
CVE-2006-5138 (Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Groupee UBB.threads
CVE-2006-5137 (Multiple direct static code injection vulnerabilities in Groupee ...)
- TODO: check
+ NOT-FOR-US: Groupee UBB.threads
CVE-2006-5136 (Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Groupee UBB.threads
CVE-2006-5135 (Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow ...)
- TODO: check
+ NOT-FOR-US: A-Blog
CVE-2006-5134 (Mercury SiteScope 8.2 (8.1.2.0) allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: Mercury SiteScope
CVE-2006-5133 (Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have ...)
- TODO: check
+ NOT-FOR-US: GuildFTPd
CVE-2006-5132 (Multiple PHP remote file inclusion vulnerabilities in phpMyAgenda 3.0 ...)
- TODO: check
+ NOT-FOR-US: phpMyAgenda
CVE-2006-5131 (module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another ...)
- TODO: check
+ NOT-FOR-US: just another flat file (JAF) CMS
CVE-2006-5130 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...)
- TODO: check
+ NOT-FOR-US: ust another flat file (JAF) CMS
CVE-2006-5129 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...)
- TODO: check
+ NOT-FOR-US: ust another flat file (JAF) CMS
CVE-2006-5128 (SQL injection vulnerability in index.php in Bartels Schoene ConPresso ...)
- TODO: check
+ NOT-FOR-US: ConPresso
CVE-2006-5127 (Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ...)
- TODO: check
+ NOT-FOR-US: ConPresso
CVE-2006-5126 (PHP remote file inclusion vulnerability in index.php in John Himmelman ...)
- TODO: check
+ NOT-FOR-US: PowerPortal
CVE-2006-5125 (Directory traversal vulnerability in window.php, possibly used by ...)
- TODO: check
+ NOT-FOR-US: phpMyWebmin
CVE-2006-5124 (Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim ...)
- TODO: check
+ NOT-FOR-US: phpMyWebmin
CVE-2006-5123 (Multiple PHP remote file inclusion vulnerabilities in Albrecht ...)
- TODO: check
+ NOT-FOR-US: PHProjekt
CVE-2006-5122 (Multiple cross-site scripting (XSS) vulnerabilities in Mercury ...)
- TODO: check
+ NOT-FOR-US: SiteScope
CVE-2006-5121 (SQL injection vulnerability in modules/Downloads/admin.php in the ...)
- TODO: check
+ NOT-FOR-US: PostNuke
CVE-2006-5120 (Multiple cross-site scripting (XSS) vulnerabilities in Scott Metoyer ...)
- TODO: check
+ NOT-FOR-US: Red Mombin
CVE-2006-5119 (Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart 1.3.5 ...)
- TODO: check
+ NOT-FOR-US: Zen Cart
CVE-2006-5118 (PHP remote file inclusion vulnerability in index.php3 in the PDD ...)
- TODO: check
+ NOT-FOR-US: PHPSelect Web Development Division
CVE-2006-5117 (phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web ...)
TODO: check
CVE-2006-5116 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
TODO: check
CVE-2006-5115 (Directory traversal vulnerability in kgcall.php in KGB 1.87 allows ...)
- TODO: check
+ NOT-FOR-US: KGB
CVE-2006-5114 (Multiple cross-site scripting (XSS) vulnerabilities in wgate in SAP ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2006-5113 (Directory traversal vulnerability in common.php in Yuuki Yoshizawa ...)
- TODO: check
+ NOT-FOR-US: Exporia
CVE-2006-5112 (Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote ...)
- TODO: check
+ NOT-FOR-US: NaviCOPA Web Server
CVE-2006-5111 (The libksba library 0.9.12 and possibly other versions, as used by ...)
TODO: check
CVE-2006-5110 (Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice ...)
- TODO: check
+ NOT-FOR-US: PHP Invoice
CVE-2006-5109 (Devellion CubeCart 2.0.x allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: CubeCart
CVE-2006-5108 (Multiple cross-site scripting (XSS) vulnerabilities in Devellion ...)
- TODO: check
+ NOT-FOR-US: CubeCart
CVE-2006-5107 (Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x ...)
- TODO: check
+ NOT-FOR-US: CubeCart
CVE-2006-5106 (Cross-site scripting (XSS) vulnerability in FacileForms before 1.4.7 ...)
- TODO: check
+ NOT-FOR-US: FacileForms for Mambo and Joomla!
CVE-2006-5105 (Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1 ...)
- TODO: check
+ NOT-FOR-US: SyntaxCMS
CVE-2006-5104 (SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2006-5103 (PHP remote file inclusion vulnerability in index2.php in bbsNew 2.0.1 ...)
- TODO: check
+ NOT-FOR-US: bbsNew
CVE-2006-5102 (PHP remote file inclusion vulnerability in include/editfunc.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Newswriter SW
CVE-2006-5101 (PHP remote file inclusion vulnerability in include.php in Comdev CSV ...)
- TODO: check
+ NOT-FOR-US: Comdev CSV Importer
CVE-2006-5100 (PHP remote file inclusion vulnerability in parse/parser.php in ...)
- TODO: check
+ NOT-FOR-US: WEB//NEWS (aka webnews)
CVE-2006-5099 (lib/exec/fetch.php in DokuWiki before 2006-03-09e, when ...)
TODO: check
CVE-2006-5098 (lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote ...)
TODO: check
CVE-2006-5097 (PHP remote file inclusion vulnerability in index.php in net2ftp allows ...)
- TODO: check
+ NOT-FOR-US: net2ftp
CVE-2006-5096 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: VirtueMart
CVE-2006-5095 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: MyPhotos
CVE-2006-5094 (PHP remote file inclusion vulnerability in includes/functions_kb.php ...)
TODO: check
CVE-2006-5093 (PHP remote file inclusion vulnerability in index.php in Tagmin Control ...)
- TODO: check
+ NOT-FOR-US: TagIt! Tagboard
CVE-2006-5092 (PHP remote file inclusion vulnerability in navigation/menu.php in ...)
- TODO: check
+ NOT-FOR-US: A-Blog
CVE-2006-5091 (Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server ...)
- TODO: check
+ NOT-FOR-US: HP-UX Samba
CVE-2006-5090 (Multiple cross-site scripting (XSS) vulnerabilities in Phoenix ...)
- TODO: check
+ NOT-FOR-US: Phoenix Evolution CMS (PECMS)
CVE-2006-5089 (PHP remote file inclusion vulnerability in mybic_server.php in My-BIC ...)
- TODO: check
+ NOT-FOR-US: My-BIC
CVE-2006-5088 (PHP remote file inclusion vulnerability in connected_users.lib.php3 in ...)
- TODO: check
+ NOT-FOR-US: phpMyChat
CVE-2006-5087 (Multiple PHP remote file inclusion vulnerabilities in evoBB 0.3 and ...)
- TODO: check
+ NOT-FOR-US: evoBB
CVE-2006-5086 (Blog Pixel Motion 2.1.1 allows remote attackers to change the username ...)
- TODO: check
+ NOT-FOR-US: Blog Pixel Motion
CVE-2006-5085 (Static code injection vulnerability in config.php in Blog Pixel Motion ...)
- TODO: check
+ NOT-FOR-US: Blog Pixel Motion
CVE-2006-5084 (Format string vulnerability in eBay Skype 1.5.0.79 has unspecified ...)
- TODO: check
+ NOT-FOR-US: Skype
CVE-2006-5083 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Integrated MODs (IM) Portal
CVE-2006-5082 (Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before ...)
- TODO: check
+ NOT-FOR-US: Sugar Suite Open Source (SugarCRM)
CVE-2006-5081 (PHP remote file inclusion vulnerability in acc.php in QuickBlogger ...)
- TODO: check
+ NOT-FOR-US: QuickBlogger
CVE-2006-5080 (Cross-site scripting (XSS) vulnerability in the search function in Six ...)
- TODO: check
+ NOT-FOR-US: Movable Type
CVE-2006-5079 (PHP remote file inclusion vulnerability in class.mysql.php in Matt ...)
- TODO: check
+ NOT-FOR-US: paBugs
CVE-2006-5078 (PHP remote file inclusion vulnerability in view/general.php in ...)
- TODO: check
+ NOT-FOR-US: Polaring
CVE-2006-5077 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Minerva
CVE-2006-5076 (Multiple PHP remote file inclusion vulnerabilities in OpenConcept ...)
- TODO: check
+ NOT-FOR-US: OpenConcept Back-End
CVE-2006-5075 (The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2006-5074 (Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice ...)
- TODO: check
+ NOT-FOR-US: PHP Invoice
CVE-2006-5073 (Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2006-XXXX [graphicsmagic buffer overflows]
- graphicsmagick 1.1.7-9
TODO: check for security relevance and CVE-ids. Maybe imagemagick is affected, too
@@ -1412,7 +1412,7 @@
CVE-2006-4512
RESERVED
CVE-2006-4511 (Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2006-4510
RESERVED
CVE-2006-4509
@@ -1671,31 +1671,31 @@
CVE-2006-4400
RESERVED
CVE-2006-4399 (User interface inconsistency in Workgroup Manager in Apple Mac OS X ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4398
RESERVED
CVE-2006-4397 (Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4396
RESERVED
CVE-2006-4395 (Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4394 (A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4393 (Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4392 (The Mach kernel, as used in operating systems including (1) Mac OS X ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4391 (Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4390 (CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4389 (Apple QuickTime before 7.1.3 allows user-assisted remote attackers to ...)
NOT-FOR-US: Apple QuickTime
CVE-2006-4388 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
NOT-FOR-US: Apple QuickTime
CVE-2006-4387 (Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4386 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
NOT-FOR-US: Apple QuickTime
CVE-2006-4385 (Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
More information about the Secure-testing-commits
mailing list