[Secure-testing-commits] r5359 - data/CVE
Alex de Oliveira Silva
enerv-guest at alioth.debian.org
Sat Jan 27 21:33:35 CET 2007
Author: enerv-guest
Date: 2007-01-27 21:33:33 +0100 (Sat, 27 Jan 2007)
New Revision: 5359
Modified:
data/CVE/list
Log:
some NFUs.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-27 20:11:54 UTC (rev 5358)
+++ data/CVE/list 2007-01-27 20:33:33 UTC (rev 5359)
@@ -618,15 +618,15 @@
CVE-2006-6939 (GNU ed before 0.3 allows local users to overwrite arbitrary files via ...)
- ed 0.2-19
CVE-2006-6938 (Directory traversal vulnerability in includes/common.php in NitroTech ...)
- TODO: check
+ NOT-FOR-US: NitroTech CMS
CVE-2006-6937 (SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo ...)
NOT-FOR-US: ASP Photo Gallery
CVE-2006-6936 (Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery ...)
NOT-FOR-US: ASP Photo Gallery
CVE-2006-6935 (SQL injection vulnerability in the login component in Portix-PHP 0.4.2 ...)
- TODO: check
+ NOT-FOR:US: Portix
CVE-2006-6934 (Multiple cross-site scripting (XSS) vulnerabilities in Portix-PHP ...)
- TODO: check
+ NOT-FOR-US: Portix
CVE-2006-6933 (Easy Chat Server 2.1 stores sensitive information under the web root ...)
NOT-FOR-US: Easy Chat Server
CVE-2006-6932 (Multiple SQL injection vulnerabilities in Image Gallery with Access ...)
@@ -643,15 +643,15 @@
CVE-2006-6927 (Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote ...)
NOT-FOR-US: Rialto
CVE-2006-6926 (Buffer overflow in eXtremail 2.1 has unknown impact and attack ...)
- TODO: check
+ NOT-FOR-US: eXtremail
CVE-2006-6925 (Multiple cross-site scripting (XSS) vulnerabilities in bitweaver 1.3.1 ...)
- TODO: check
+ NOT-FOR-US: bitweaver
CVE-2006-6924 (bitweaver 1.3.1 and earlier allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: bitweaver
CVE-2006-6923 (SQL injection vulnerability in newsletters/edition.php in bitweaver ...)
- TODO: check
+ NOT-FOR-US: bitweaver
CVE-2006-6922 (SQL injection vulnerability in Deadlock User Management System ...)
- TODO: check
+ NOT-FOR-US: Deadlock
CVE-2006-6921 (Unspecified versions of the Linux kernel allows local users to cause a ...)
- linux-2.6 <unfixed> (low)
CVE-2005-4823 (Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP ...)
@@ -936,12 +936,12 @@
CVE-2007-0097 (Multiple stack-based buffer overflows in the (1) LoadTree and (2) ...)
NOT-FOR-US: ConeXware PowerArchive
CVE-2007-0096 (CarbonCommunities stores sensitive information under the web root with ...)
- TODO: check
+ NOT-FOR-US: Carbon Communities
CVE-2007-0095 (phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive ...)
- phpmyadmin <unfixed> (bug #399329; unimportant)
NOTE: Only path disclosure
CVE-2007-0094 (Sven Moderow GuestBook 0.3a stores sensitive information under the web ...)
- TODO: check
+ NOT-FOR-US: Sven Moderow GuestBook
CVE-2007-0093 (SQL injection vulnerability in page.php in Simple Web Content ...)
TODO: check
CVE-2007-0092 (SQL injection vulnerability in productdetail.asp in E-SMARTCART 1.0 ...)
@@ -1011,11 +1011,11 @@
CVE-2007-0060
RESERVED
CVE-2007-0059 (Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 ...)
- TODO: check
+ NOT-FOR-US: Apple Quicktime
CVE-2007-0058 (Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-0057 (Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-0056 (Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe ...)
TODO: check
CVE-2007-0055 (Directory traversal vulnerability in formbankcgi.exe/AbfrageForm in ...)
@@ -1027,7 +1027,7 @@
CVE-2007-0052 (SQL injection vulnerability in haberdetay.asp in Vizayn Haber allows ...)
TODO: check
CVE-2007-0051 (Format string vulnerability in Apple iPhoto 6.0.5 (316), and possibly ...)
- TODO: check
+ NOT-FOR-US: Apple iPhoto
CVE-2006-6910 (formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO ...)
TODO: check
CVE-2006-6909 (Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka ...)
More information about the Secure-testing-commits
mailing list