Author: joeyh
Date: 2006-04-20 21:14:24 +0000 (Thu, 20 Apr 2006)
New Revision: 3838
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-20 21:10:32 UTC (rev 3837)
+++ data/CVE/list 2006-04-20 21:14:24 UTC (rev 3838)
@@ -1,3 +1,165 @@
+CVE-2006-1906 (Cross-site scripting (XSS) vulnerability in index.php in
phpLister ...)
+ TODO: check
+CVE-2006-1905 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in
xine ...)
+ TODO: check
+CVE-2006-1904 (Cross-site scripting (XSS) vulnerability in index.php in
AnimeGenesis ...)
+ TODO: check
+CVE-2006-1903 (Multiple cross-site scripting (XSS) vulnerabilities in UserLand
Manila ...)
+ TODO: check
+CVE-2006-1902 (fold_binary in fold-const.c in GNU Compiler Collection (gcc)
4.1 ...)
+ TODO: check
+CVE-2006-1901 (Mozilla Camino 1.0 and earlier allow remote attackers to cause
a ...)
+ TODO: check
+CVE-2006-1900 (Multiple buffer overflows in World Wide Web Consortium (W3C)
Amaya ...)
+ TODO: check
+CVE-2006-1899 (Multiple cross-site scripting (XSS) vulnerabilities in dev
Neuron Blog ...)
+ TODO: check
+CVE-2006-1898 (Multiple cross-site scripting (XSS) vulnerabilities in Ralph
Capper ...)
+ TODO: check
+CVE-2006-1897 (Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for
"Script ...)
+ TODO: check
+CVE-2006-1896 (Unspecified vulnerability in phpBB allows remote authenticated
users ...)
+ TODO: check
+CVE-2006-1895 (Direct static code injection vulnerability in
includes/template.php in ...)
+ TODO: check
+CVE-2006-1894 (Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as
derived ...)
+ TODO: check
+CVE-2006-1893 (Cross-site scripting (XSS) vulnerability in print.php in
ar-blog 5.2 ...)
+ TODO: check
+CVE-2006-1892 (avast! 4 Linux Home Edition 1.0.5 allows local users to modify
...)
+ TODO: check
+CVE-2006-1891 (Cross-site scripting (XSS) vulnerability in Martin Scheffler
betaboard ...)
+ TODO: check
+CVE-2006-1890 (Multiple PHP remote file inclusion vulnerabilities in myWebland
...)
+ TODO: check
+CVE-2006-1889 (Cross-site scripting (XSS) vulnerability in the search action
handler ...)
+ TODO: check
+CVE-2006-1888 (phpGraphy 0.9.11 and earlier allows remote attackers to bypass
...)
+ TODO: check
+CVE-2006-1887 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Security ...)
+ TODO: check
+CVE-2006-1886 (Unspecified vulnerability in the PeopleTools component in
Oracle ...)
+ TODO: check
+CVE-2006-1885 (Multiple unspecified vulnerabilities in the Reporting Framework
...)
+ TODO: check
+CVE-2006-1884 (Unspecified vulnerability in the Oracle Thesaurus Management
System ...)
+ TODO: check
+CVE-2006-1883 (Unspecified vulnerability in the Oracle Application Object
Library ...)
+ TODO: check
+CVE-2006-1882 (Multiple unspecified vulnerabilities in Oracle E-Business Suite
and ...)
+ TODO: check
+CVE-2006-1881 (Unspecified vulnerability in the Financials for Asia/Pacific
component ...)
+ TODO: check
+CVE-2006-1880 (Multiple unspecified vulnerabilities in Oracle E-Business Suite
and ...)
+ TODO: check
+CVE-2006-1879 (Multiple unspecified vulnerabilities in the Email Server
component in ...)
+ TODO: check
+CVE-2006-1878 (Cross-site scripting (XSS) vulnerability in index.php in
phpFaber ...)
+ TODO: check
+CVE-2006-1877 (Unspecified vulnerability in Oracle Database Server 8.1.7.4,
9.0.1.5, ...)
+ TODO: check
+CVE-2006-1876 (Unspecified vulnerability in Oracle Database Server 9.2.0.7 and
...)
+ TODO: check
+CVE-2006-1875 (Unspecified vulnerability in Oracle Database Server 9.0.1.5,
9.2.0.7, ...)
+ TODO: check
+CVE-2006-1874 (Unspecified vulnerability in Oracle Database Server 8.1.7.4,
9.0.1.5, ...)
+ TODO: check
+CVE-2006-1873 (Unspecified vulnerability in Oracle Database Server 9.2.0.7,
10.1.0.4, ...)
+ TODO: check
+CVE-2006-1872 (Unspecified vulnerability in Oracle Database Server 9.0.1.5 and
...)
+ TODO: check
+CVE-2006-1871 (SQL injection vulnerability in Oracle Database Server 9.2.0.7
and ...)
+ TODO: check
+CVE-2006-1870 (Unspecified vulnerability in Oracle Database Server 8.1.7.4,
9.0.1.5, ...)
+ TODO: check
+CVE-2006-1869 (Unspecified vulnerability in Oracle Database Server 8.1.7.4 and
...)
+ TODO: check
+CVE-2006-1868 (Unspecified vulnerability in Oracle Database Server 10.1.0.4
has ...)
+ TODO: check
+CVE-2006-1867 (Unspecified vulnerability in Oracle Database Server 9.2.0.6 has
...)
+ TODO: check
+CVE-2006-1866 (Multiple unspecified vulnerabilities in Oracle Database Server
...)
+ TODO: check
+CVE-2006-1865
+ RESERVED
+CVE-2006-1864
+ RESERVED
+CVE-2006-1863
+ RESERVED
+CVE-2006-1862
+ RESERVED
+CVE-2006-1861
+ RESERVED
+CVE-2006-1860
+ RESERVED
+CVE-2006-1859
+ RESERVED
+CVE-2006-1858
+ RESERVED
+CVE-2006-1857
+ RESERVED
+CVE-2006-1856
+ RESERVED
+CVE-2006-1855
+ RESERVED
+CVE-2006-1854 (Multiple cross-site scripting (XSS) vulnerabilities in BluePay
Manager ...)
+ TODO: check
+CVE-2006-1853 (Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and
earlier ...)
+ TODO: check
+CVE-2006-1852 (SQL injection vulnerability in category.php in Article
Publisher Pro ...)
+ TODO: check
+CVE-2006-1851 (xFlow 5.46.11 and earlier allows remote attackers to determine
the ...)
+ TODO: check
+CVE-2006-1850 (Multiple cross-site scripting (XSS) vulnerabilities in xFlow
5.46.11 ...)
+ TODO: check
+CVE-2006-1849 (Multiple SQL injection vulnerabilities in
members_only/index.cgi in ...)
+ TODO: check
+CVE-2006-1848 (Multiple cross-site scripting (XSS) vulnerabilities in
stats_view.php ...)
+ TODO: check
+CVE-2006-1847 (SQL injection vulnerability in the Your_Account module in
PHP-Nuke 7.8 ...)
+ TODO: check
+CVE-2006-1846 (Cross-site scripting (XSS) vulnerability in the Your_Account
module in ...)
+ TODO: check
+CVE-2006-1845 (Buffer overflow in the POP3 server in Kinesphere Corporation
EXchange ...)
+ TODO: check
+CVE-2006-1844 (The Debian installer for the (1) shadow 4.0.14 and (2)
base-config ...)
+ TODO: check
+CVE-2006-1843 (Cross-site scripting (XSS) vulnerability in global.php in
ShoutBOOK ...)
+ TODO: check
+CVE-2006-1842 (Cross-site scripting (XSS) vulnerability in global.php in
ShoutBOOK ...)
+ TODO: check
+CVE-2006-1841 (Cross-site scripting (XSS) vulnerability in search.php in
boastMachine ...)
+ TODO: check
+CVE-2006-1840 (Multiple unspecified vulnerabilities in Empire Server before
4.3.1 ...)
+ TODO: check
+CVE-2006-1839 (PHP remote file inclusion vulnerability in language.php in PHP
Album ...)
+ TODO: check
+CVE-2006-1838 (edit_kategorie.php in Fuju News 1.0 allows remote attackers to
bypass ...)
+ TODO: check
+CVE-2006-1837 (SQL injection vulnerability in archiv2.php in Fuju News 1.0
allows ...)
+ TODO: check
+CVE-2006-1836 (Untrusted search path vulnerability in unspecified components
in ...)
+ TODO: check
+CVE-2006-1835 (Cross-site scripting (XSS) vulnerability in yearcal.php in
Calendarix ...)
+ TODO: check
+CVE-2006-1834 (Integer signedness error in Opera before 8.54 allows remote
attackers ...)
+ TODO: check
+CVE-2006-1833 (Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly
detect the ...)
+ TODO: check
+CVE-2006-1832 (sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain
the ...)
+ TODO: check
+CVE-2006-1831 (Direct static code injection vulnerability in sysinfo.cgi in
sysinfo ...)
+ TODO: check
+CVE-2006-1830 (Sun Java Studio Enterprise 8, when installed as root, creates
certain ...)
+ TODO: check
+CVE-2006-1829 (EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote
...)
+ TODO: check
+CVE-2006-1828 (SQL injection vulnerability in php121language.php in PHP121 1.4
allows ...)
+ TODO: check
+CVE-2006-1827 (Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and
...)
+ TODO: check
+CVE-2005-4786 (Buffer overflow in the archive decompression library
(vrAZMain.dll ...)
+ TODO: check
CVE-2006-1826 (Multiple cross-site scripting (XSS) vulnerabilities in Snipe
Gallery ...)
NOT-FOR-US: Snipe Gallery
CVE-2006-1825 (Cross-site scripting (XSS) vulnerability in index.php in
phpLinks ...)
@@ -154,8 +316,7 @@
NOT-FOR-US: MD News 1
CVE-2006-1754 (SQL injection vulnerability in index.php in SWSoft Confixx
3.0.6, ...)
NOT-FOR-US: SWSoft Confixx
-CVE-2006-1753 [fcheck local arbitrary file truncate/create vuln]
- RESERVED
+CVE-2006-1753 (A cron job in fcheck before 2.7.59 allows local users to
overwrite ...)
{DSA-1035-1}
- fcheck 2.7.59-8
CVE-2006-1752 (Multiple cross-site scripting (XSS) vulnerabilities in the
backend in ...)
@@ -818,11 +979,9 @@
RESERVED
CVE-2006-1526
RESERVED
-CVE-2006-1525 [ip_route_input panic]
- RESERVED
+CVE-2006-1525 (ip_route_input in Linux kernel before 2.6.16.8 allows local
users to ...)
- linux-2.6 2.6.16-9
-CVE-2006-1524 [kernel: tmpfs local data destruction]
- RESERVED
+CVE-2006-1524 (madvise_remove in Linux kernel 2.4.x and 2.6.x before 2.6.16.6
does ...)
- linux-2.6 2.6.16-8
CVE-2006-1523 (The __group_complete_signal function in the RCU signal handling
...)
- linux-2.6 2.6.16-7
@@ -1426,8 +1585,8 @@
NOT-FOR-US: Apple Quicktime
CVE-2006-1248 (Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11,
and ...)
NOT-FOR-US: HP-UX
-CVE-2006-1247
- RESERVED
+CVE-2006-1247 (Unspecified vulnerability in rm_mlcache_file command in ...)
+ TODO: check
CVE-2006-1246 (Unspecified vulnerability in BOS.RTE.LVM in IBM AIX 5.3 has
unknown ...)
NOT-FOR-US: AIX
CVE-2006-1245 (Buffer overflow in mshtml.dll in Microsoft Internet Explorer
...)
@@ -1874,8 +2033,7 @@
- busybox <unfixed> (low; bug #360578)
CVE-2006-1057
RESERVED
-CVE-2006-1056 [x87 information leak between processes]
- RESERVED
+CVE-2006-1056 (The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when
running ...)
- linux-2.6 2.6.16-9
CVE-2006-1055 (The fill_write_buffer function in sysfs/file.c in Linux kernel
2.6.12 ...)
- linux-2.6 2.6.16-6
@@ -3350,7 +3508,7 @@
NOTE: Intended behaviour according to maintainer
CVE-2006-0436 (Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and
B.11.11 ...)
NOT-FOR-US: HP-UX
-CVE-2006-0435 (Unspecified vulnerability in Oracle PL/SQL (PLSQL) allows
attackers to ...)
+CVE-2006-0435 (Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in
...)
NOT-FOR-US: Oracle
CVE-2006-0434 (Directory traversal vulnerability in action.php in phpXplorer
allows ...)
NOT-FOR-US: phpXplorer
@@ -4189,7 +4347,7 @@
NOT-FOR-US: PostgreSQL on Windows
CVE-2006-0104 (Directory traversal vulnerability in TinyPHPForum 3.6 and
earlier ...)
NOT-FOR-US: TinyPHPForum
-CVE-2006-0103 (TinyPHPForum 3.6 and earlier stores the (1) users/anyuser.hash
and (2) ...)
+CVE-2006-0103 (TinyPHPForum 3.6 and earlier stores the (1)
users/[USERNAME].hash and ...)
NOT-FOR-US: TinyPHPForum
CVE-2006-0102 (Cross-site scripting (XSS) vulnerability in TinyPHPForum (TPF)
3.6 and ...)
NOT-FOR-US: TinyPHPForum
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
