[Secure-testing-commits] r3954 - data/CVE

Joey Hess Mon, 15 May 2006 02:16:47 -0700

Author: joeyh
Date: 2006-05-15 09:14:23 +0000 (Mon, 15 May 2006)
New Revision: 3954


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-05-14 17:37:28 UTC (rev 3953)
+++ data/CVE/list       2006-05-15 09:14:23 UTC (rev 3954)
@@ -1,3 +1,37 @@
+CVE-2006-2358 (Multiple cross-site scripting (XSS) vulnerabilities in various 
scripts ...)
+       TODO: check
+CVE-2006-2357 (Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 
2006 ...)
+       TODO: check
+CVE-2006-2356 (NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp 
Professional 2006 ...)
+       TODO: check
+CVE-2006-2355 (Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp 
Professional ...)
+       TODO: check
+CVE-2006-2354 (NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and 
Ipswitch ...)
+       TODO: check
+CVE-2006-2353 (NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 
2006 ...)
+       TODO: check
+CVE-2006-2352 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch 
...)
+       TODO: check
+CVE-2006-2351 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch 
...)
+       TODO: check
+CVE-2006-2350 (SQL injection vulnerability in the inc/elementz.php script in 
AliPAGER ...)
+       TODO: check
+CVE-2006-2349 (E-Business Designer (eBD) 3.1.4 and earlier allows remote 
attackers to ...)
+       TODO: check
+CVE-2006-2348 (Cross-site scripting (XSS) vulnerability in form_grupo.html in 
...)
+       TODO: check
+CVE-2006-2347 (E-Business Designer (eBD) 3.1.4 and earlier allows remote 
attackers to ...)
+       TODO: check
+CVE-2006-2346 (vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, 
allows ...)
+       TODO: check
+CVE-2006-2345 (Cross-site scripting (XSS) vulnerability in inc/elementz.php in 
...)
+       TODO: check
+CVE-2006-2344 (SQL injection vulnerability in inc/elementz.php in AliPAGER 
1.5, with ...)
+       TODO: check
+CVE-2006-2343 (Cross-site scripting (XSS) vulnerability in Search.do in 
ManageEngine ...)
+       TODO: check
+CVE-2006-2342 (IBM WebSphere Application Server 6.0.2 before FixPack 3 allows 
remote ...)
+       TODO: check
 CVE-2006-XXXX [dovecot information disclosure: list .. directory]
        - dovecot 1.0.beta8-1 (low)
        [sarge] - dovecot <not-affected> (vulnerability introduced in 1.0)
@@ -209,8 +243,8 @@
        NOT-FOR-US: Fujitsu NetShelter/FW
 CVE-2006-2239 (SQL injection vulnerability in readarticle.php in Newsadmin 1.1 
allows ...)
        NOT-FOR-US: Newsadmin
-CVE-2006-2238
-       RESERVED
+CVE-2006-2238 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote 
...)
+       TODO: check
 CVE-2006-2237 (The web interface for AWStats 6.4 and 6.5, when statistics 
updates are ...)
        - awstats 6.5-2 (bug #365909; medium)
 CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, 
(2) ...)
@@ -333,7 +367,7 @@
        NOT-FOR-US: zenphoto
 CVE-2006-2185
        RESERVED
-CVE-2006-2184 (Cross-site scripting (XSS) vulnerability in search.php in PHPKB 
...)
+CVE-2006-2184 (** DISPUTED ** ...)
        NOT-FOR-US: PHPKB Knowledge Base
 CVE-2006-2183 (Untrusted search path vulnerability in Truecrypt 4.1, when 
running ...)
        NOT-FOR-US: Truecrypt
@@ -773,7 +807,7 @@
 CVE-2006-1986 (Apple Safari 2.0.3 allows remote attackers to cause a denial of 
...)
        NOT-FOR-US: Apple Safari
        NOTE: PoC exploit does not work with konqueror 4:3.5.2-2
-CVE-2006-1985 (Heap-based buffer overflow in BOMArchiveHelper 10.4 (6.3) Build 
312, ...)
+CVE-2006-1985 (Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) 
Build ...)
        NOT-FOR-US: BOMArchiveHelper
 CVE-2006-1984 (Unspecified vulnerability in the _cg_TIFFSetField function in 
Mac OS X ...)
        NOT-FOR-US: Mac OS X
@@ -1089,7 +1123,7 @@
        RESERVED
 CVE-2006-1855
        RESERVED
-CVE-2006-1854 (Multiple cross-site scripting (XSS) vulnerabilities in BluePay 
Manager ...)
+CVE-2006-1854 (** DISPUTED ** ...)
        NOT-FOR-US: BluePay Manager
 CVE-2006-1853 (Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and 
earlier ...)
        NOT-FOR-US: ModernBill
@@ -1885,7 +1919,7 @@
        NOT-FOR-US: VSNS Lemon 
 CVE-2006-1553 (SQL injection vulnerability in functions/final_functions.php in 
VSNS ...)
        NOT-FOR-US: VSNS Lemon 
-CVE-2006-1552 (ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote 
attackers to ...)
+CVE-2006-1552 (Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 
allows ...)
        NOT-FOR-US: Apple 
 CVE-2006-1551 (Eval injection vulnerability in pajax_call_dispatcher.php in 
PAJAX ...)
        NOT-FOR-US: PAJAX
@@ -2013,7 +2047,7 @@
 CVE-2006-1520
        RESERVED
 CVE-2006-1519
-       RESERVED
+       REJECTED
 CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in 
MySQL ...)
        - mysql-dfsg-5.0 5.0.21-1 (bug #365939; medium)
        - mysql-dfsg-4.1 <unfixed> (bug #365939; medium)
@@ -2160,60 +2194,60 @@
        RESERVED
 CVE-2006-1466
        RESERVED
-CVE-2006-1465
-       RESERVED
-CVE-2006-1464
-       RESERVED
-CVE-2006-1463
-       RESERVED
-CVE-2006-1462
-       RESERVED
-CVE-2006-1461
-       RESERVED
-CVE-2006-1460
-       RESERVED
-CVE-2006-1459
-       RESERVED
-CVE-2006-1458
-       RESERVED
-CVE-2006-1457
-       RESERVED
-CVE-2006-1456
-       RESERVED
-CVE-2006-1455
-       RESERVED
-CVE-2006-1454
-       RESERVED
-CVE-2006-1453
-       RESERVED
-CVE-2006-1452
-       RESERVED
-CVE-2006-1451
-       RESERVED
-CVE-2006-1450
-       RESERVED
-CVE-2006-1449
-       RESERVED
-CVE-2006-1448
-       RESERVED
-CVE-2006-1447
-       RESERVED
-CVE-2006-1446
-       RESERVED
-CVE-2006-1445
-       RESERVED
-CVE-2006-1444
-       RESERVED
-CVE-2006-1443
-       RESERVED
-CVE-2006-1442
-       RESERVED
-CVE-2006-1441
-       RESERVED
-CVE-2006-1440
-       RESERVED
-CVE-2006-1439
-       RESERVED
+CVE-2006-1465 (Buffer overflow in Apple QuickTime 7.1 allows remote attackers 
to ...)
+       TODO: check
+CVE-2006-1464 (Buffer overflow in Apple QuickTime 7.1 allows remote attackers 
to ...)
+       TODO: check
+CVE-2006-1463 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote 
...)
+       TODO: check
+CVE-2006-1462 (Multiple integer overflows in Apple QuickTime 7.1 allow remote 
...)
+       TODO: check
+CVE-2006-1461 (Multiple buffer overflows in Apple QuickTime 7.1 allow remote 
...)
+       TODO: check
+CVE-2006-1460 (Multiple buffer overflows in Apple QuickTime 7.1 allow remote 
...)
+       TODO: check
+CVE-2006-1459 (Multiple integer overflows in Apple QuickTime 7.1 allow remote 
...)
+       TODO: check
+CVE-2006-1458 (Integer overflow in Apple QuickTime Player 7.1 allows remote 
attackers ...)
+       TODO: check
+CVE-2006-1457 (Safari on Apple Mac OS X 10.4.6, when &quot;Open `safe' files 
after ...)
+       TODO: check
+CVE-2006-1456 (Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 
10.3.9 ...)
+       TODO: check
+CVE-2006-1455 (QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 
allows ...)
+       TODO: check
+CVE-2006-1454 (Heap-based buffer overflow in Apple QuickTime 7.1 allows remote 
...)
+       TODO: check
+CVE-2006-1453 (Stack-based buffer overflow in Apple QuickTime 7.1 allows 
remote ...)
+       TODO: check
+CVE-2006-1452 (Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up 
to ...)
+       TODO: check
+CVE-2006-1451 (MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting 
up a ...)
+       TODO: check
+CVE-2006-1450 (Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote 
attackers to ...)
+       TODO: check
+CVE-2006-1449 (Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 
allows ...)
+       TODO: check
+CVE-2006-1448 (Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows 
user-complicit ...)
+       TODO: check
+CVE-2006-1447 (LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers 
to ...)
+       TODO: check
+CVE-2006-1446 (Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an ...)
+       TODO: check
+CVE-2006-1445 (Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 
10.3.9 ...)
+       TODO: check
+CVE-2006-1444 (CoreGraphics in Apple Mac OS X 10.4.6, when &quot;Enable access 
for ...)
+       TODO: check
+CVE-2006-1443 (Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 
and ...)
+       TODO: check
+CVE-2006-1442 (The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 
10.4.6 ...)
+       TODO: check
+CVE-2006-1441 (Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows 
remote ...)
+       TODO: check
+CVE-2006-1440 (BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to 
overwrite ...)
+       TODO: check
+CVE-2006-1439 (NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not 
...)
+       TODO: check
 CVE-2006-1438 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's 
PHP ...)
        NOT-FOR-US: aphpkb
 CVE-2006-1437 (UPOINT @1 Event Publisher stores sensitive information under 
the web ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3954 - data/CVE

Reply via email to