[Secure-testing-commits] r3899 - data/CVE

Stefan Fritsch Sun, 30 Apr 2006 12:48:17 -0700

Author: stef-guest
Date: 2006-04-30 19:47:36 +0000 (Sun, 30 Apr 2006)
New Revision: 3899


Modified:
   data/CVE/list
Log:
gcc issue
amaya issue
new phpbb2 issues
some NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-30 19:06:01 UTC (rev 3898)
+++ data/CVE/list       2006-04-30 19:47:36 UTC (rev 3899)
@@ -261,38 +261,36 @@
        NOT-FOR-US: AnimeGenesis Gallery
 CVE-2006-1903 (Multiple cross-site scripting (XSS) vulnerabilities in UserLand 
Manila ...)
        NOT-FOR-US: UserLand Manila
-begin claimed by stef-guest
 CVE-2006-1902 (fold_binary in fold-const.c in GNU Compiler Collection (gcc) 
4.1 ...)
-       TODO: check
+       - gcc-4.1 (bug #356896; low)
 CVE-2006-1901 (Mozilla Camino 1.0 and earlier allow remote attackers to cause 
a ...)
-       TODO: check
+       NOT-FOR-US: Mozilla Camino
 CVE-2006-1900 (Multiple buffer overflows in World Wide Web Consortium (W3C) 
Amaya ...)
-       TODO: check
+       - amaya <unfixed> (bug #362575; medium)
 CVE-2006-1899 (Multiple cross-site scripting (XSS) vulnerabilities in dev 
Neuron Blog ...)
-       TODO: check
+       NOT-FOR-US: Neuron Blog
 CVE-2006-1898 (Multiple cross-site scripting (XSS) vulnerabilities in Ralph 
Capper ...)
-       TODO: check
+       NOT-FOR-US: Tiny PHP Forum
 CVE-2006-1897 (Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for 
&quot;Script ...)
-       TODO: check
+       NOT-FOR-US: Webplus (aka talentsoft) Web+Shop
 CVE-2006-1896 (Unspecified vulnerability in phpBB allows remote authenticated 
users ...)
-       TODO: check
+       - phpbb2 <unfixed> (bug filed; medium)
 CVE-2006-1895 (Direct static code injection vulnerability in 
includes/template.php in ...)
-       TODO: check
+       - phpbb2 <unfixed> (bug filed; medium)
 CVE-2006-1894 (Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as 
derived ...)
-       TODO: check
+       NOT-FOR-US: RevoBoard / PunBB
 CVE-2006-1893 (Cross-site scripting (XSS) vulnerability in print.php in 
ar-blog 5.2 ...)
-       TODO: check
+       NOT-FOR-US: ar-blog
 CVE-2006-1892 (avast! 4 Linux Home Edition 1.0.5 allows local users to modify 
...)
-       TODO: check
+       NOT-FOR-US: avast! 4 Linux Home Edition
 CVE-2006-1891 (Cross-site scripting (XSS) vulnerability in Martin Scheffler 
betaboard ...)
-       TODO: check
+       NOT-FOR-US: betaboard
 CVE-2006-1890 (Multiple PHP remote file inclusion vulnerabilities in myWebland 
...)
-       TODO: check
+       NOT-FOR-US: myWebland
 CVE-2006-1889 (Cross-site scripting (XSS) vulnerability in the search action 
handler ...)
-       TODO: check
+       NOT-FOR-US: Boardsolution
 CVE-2006-1888 (phpGraphy 0.9.11 and earlier allows remote attackers to bypass 
...)
-       TODO: check
-end claimed by stef-guest
+       NOT-FOR-US: phpGraphy
 CVE-2006-1887 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne 
Security ...)
        NOT-FOR-US: Oracle JD Edwards EnterpriseOne
 CVE-2006-1886 (Unspecified vulnerability in the PeopleTools component in 
Oracle ...)
@@ -1877,7 +1875,7 @@
 CVE-2006-1248 (Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, 
and ...)
        NOT-FOR-US: HP-UX 
 CVE-2006-1247 (rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 
allows ...)
-       TODO: check
+       NOT-FOR-US: AIX
 CVE-2006-1246 (Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 
5.3 ...)
        NOT-FOR-US: AIX 
 CVE-2006-1245 (Buffer overflow in mshtml.dll in Microsoft Internet Explorer 
...)
@@ -2987,7 +2985,7 @@
 CVE-2006-0751 (Multiple unspecified vulnerabilities in the (1) Filesystem in 
...)
        TODO: check
 CVE-2006-0750 (SQL injection vulnerability in index.php in supersmashbrothers 
(SSB) ...)
-       TODO: check
+       NOT-FOR-US: supersmashbrothers
 CVE-2006-0749 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 
1.0.8, ...)
        {DSA-1046-1 DSA-1044-1}
        - firefox <unfixed> (low)
@@ -3716,7 +3714,7 @@
 CVE-2005-4683 (PADL MigrationTools 46, when a failure occurs, stores contents 
of ...)
        - migrationtools 46-2.1 (bug #338920; medium)
 CVE-2005-4682 (Cross-site scripting (XSS) vulnerability in error.asp in 
AudienceView ...)
-       TODO: check
+       NOT-FOR-US: AudienceView 
 CVE-2005-4681 (** DISPUTED ** Buffer overflow in mIRC 5.91, 6.03, 6.12, and 
6.16 ...)
        TODO: check
 CVE-2005-4680 (Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 
4.6.9, ...)
@@ -3904,7 +3902,7 @@
        {DSA-989-1}
        - zoph 0.5-1 (bug #350717)
 CVE-2006-0401 (Unspecified vulnerability in Mac OS X before 10.4.6, when 
running on ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2006-0400 (CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote 
attackers ...)
        NOT-FOR-US: Apple
 CVE-2006-0399 (Unspecified vulnerability in Safari, LaunchServices, and/or 
CoreTypes ...)
@@ -7570,9 +7568,9 @@
        [sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was 
introduced later)
        NOTE: 
http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-3527?op=file&rev=0&sc=0
 CVE-2005-3526 (Buffer overflow in the IMAP daemon in Ipswitch Collaboration 
Suite ...)
-       TODO: check
+       NOT-FOR-US: Ipswitch Collaboration Suite
 CVE-2005-3525 (Stack-based buffer overflow in an ActiveX control for the 
installer ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2005-3522 (Cross-site scripting (XSS) vulnerability in index.jsp in 
ManageEngine ...)
        NOT-FOR-US: ManageEngine NetflowAnalyzer
 CVE-2005-3521 (SQL injection vulnerability in resetcore.php in e107 0.617 
through ...)
@@ -8694,7 +8692,7 @@
        - ethereal 0.10.13-1 (bug #334880; medium)
        NOTE: The ISAKMP issue only affects sid, the other three Woody and Sarge
 CVE-2005-3240 (Race condition in Microsoft Internet Explorer allows 
user-complicit ...)
-       TODO: check
+       NOT-FOR-US: Microsoft Internet Explorer
 CVE-2005-3238 (Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket 
Option ...)
        NOT-FOR-US: Solaris
 CVE-2005-3257 (The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and 
...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3899 - data/CVE

Reply via email to