Author: stef-guest
Date: 2006-08-20 08:56:39 +0000 (Sun, 20 Aug 2006)
New Revision: 4603
Modified:
data/CVE/list
Log:
- rails CVEified
- new lesstif issue (low)
- some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-08-19 11:14:40 UTC (rev 4602)
+++ data/CVE/list 2006-08-20 08:56:39 UTC (rev 4603)
@@ -105,65 +105,65 @@
CVE-2006-4141 (SQL injection vulnerability in news.php in Virtual War (VWar)
1.5.0 ...)
NOT-FOR-US: Virtual War (VWar)
CVE-2006-4140 (Directory traversal vulnerability in IPCheck Server Monitor
5.3.2.609 ...)
- TODO: check
+ NOT-FOR-US: IPCheck Server Monitor
CVE-2006-4139 (Race condition in Sun Solaris 10 allows attackers to cause a
denial of ...)
NOT-FOR-US: Solaris
CVE-2006-4138 (Multiple unspecified vulnerabilities in Microsoft Windows Help
File ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-4137 (IBM WebSphere Application Server before 6.1.0.1 allows
attackers to ...)
NOT-FOR-US: IBM WebSphere
CVE-2006-4136 (Multiple unspecified vulnerabilities in IBM WebSphere
Application ...)
NOT-FOR-US: IBM WebSphere
CVE-2006-4135 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Calendarix
CVE-2006-4134 (Unspecified vulnerability related to a "design flaw"
in SAP Internet ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2006-4133 (Buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and
...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2006-4132 (ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13
and ...)
- TODO: check
+ NOT-FOR-US: ArcSoft MMS Composer
CVE-2006-4131 (Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and
...)
- TODO: check
+ NOT-FOR-US: ArcSoft MMS Composer
CVE-2006-4130 (PHP remote file inclusion vulnerability in admin.remository.php
in the ...)
- TODO: check
+ NOT-FOR-US: Remository Component (com_remository) for Mambo and Joomla!
CVE-2006-4129 (PHP remote file inclusion vulnerability in
admin.webring.docs.php in ...)
- TODO: check
+ NOT-FOR-US: Webring Component (com_webring) for Joomla!
CVE-2006-4128 (Multiple heap-based buffer overflows in Symantec VERITAS Backup
Exec ...)
NOT-FOR-US: Symantec VERITAS
CVE-2006-4127 (Multiple format string vulnerabilities in DConnect Daemon 0.7.0
and ...)
- TODO: check
+ NOT-FOR-US: DConnect Daemon (dcd)
CVE-2006-4126 (The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and
earlier ...)
- TODO: check
+ NOT-FOR-US: DConnect Daemon (dcd)
CVE-2006-4125 (Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0
and ...)
- TODO: check
+ NOT-FOR-US: DConnect Daemon (dcd)
CVE-2006-4124 (The libXm library in LessTif 0.95.0 and earlier allows local
users to ...)
- TODO: check
+ - lesstif2 <unfixed> (bug #382411; low)
CVE-2006-4123 (PHP remote file inclusion vulnerability in boitenews4/index.php
in ...)
- TODO: check
+ NOT-FOR-US: Boite de News
CVE-2006-4122 (Simple one-file guestbook 1.0 and earlier allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Simple one-file guestbook
CVE-2006-4121 (PHP remote file inclusion vulnerability in owimg.php3 in
See-Commerce ...)
- TODO: check
+ NOT-FOR-US: See-Commerce
CVE-2006-4120 (Cross-site scripting (XSS) vulnerability in the Recipe module
...)
- TODO: check
+ NOT-FOR-US: Recipe module (recipe.module) for Drupal
CVE-2006-4119 (SQL injection vulnerability in gc.php in GeheimChaos 0.5 and
earlier ...)
- TODO: check
+ NOT-FOR-US: GeheimChaos
CVE-2006-4118 (Multiple SQL injection vulnerabilities in GeheimChaos 0.5 and
earlier ...)
- TODO: check
+ NOT-FOR-US: GeheimChaos
CVE-2006-4117 (The squeue_drain function in Sun Solaris 10, possibly only when
run on ...)
NOT-FOR-US: Solaris
CVE-2006-4116 (Multiple stack-based buffer overflows in Lhaz before 1.32 allow
...)
- TODO: check
+ NOT-FOR-US: Lhaz
CVE-2006-4115 (PHP remote file inclusion vulnerability in common.inc.php in
PgMarket ...)
- TODO: check
+ NOT-FOR-US: PgMarket
CVE-2006-4114 (SQL injection vulnerability in view_com.php in Nicolas
Grandjean ...)
- TODO: check
+ NOT-FOR-US: PHPMyRing
CVE-2006-4113 (PHP remote file inclusion vulnerability in genpage-cgi.php in
Brian ...)
- TODO: check
+ NOT-FOR-US: hitweb
CVE-2006-4112 (Unspecified vulnerability in the "dependency resolution
mechanism" in ...)
- TODO: check
+ - rails 1.1.6-1 (bug #382255; medium)
CVE-2006-4111 (Ruby on Rails before 1.1.5 allows remote attackers to execute
Ruby ...)
- TODO: check
+ - rails 1.1.5-1 (bug #382255; medium)
CVE-2006-4110 (Apache 2.2.2, when running on Windows, allows remote attackers
to read ...)
NOT-FOR-US: Apache on Windows only
CVE-2006-4109 (Cross-site scripting (XSS) vulnerability in Bibliography ...)
@@ -177,7 +177,7 @@
CVE-2006-4105 (Cross-site scripting (XSS) vulnerability in Fill Threads
Database ...)
TODO: check
CVE-2006-4104 (Cross-site scripting (XSS) vulnerability in admin.cgi in ...)
- TODO: check
+ NOT-FOR-US: mojoGallery
CVE-2006-4103 (PHP remote file inclusion vulnerability in article-raw.php in
Jason ...)
TODO: check
CVE-2006-4102 (PHP remote file inclusion vulnerability in tpl.inc.php in Falko
Timme ...)
@@ -256,8 +256,6 @@
- gnutls11 <unfixed> (medium)
- gnutls12 1.2.11-3 (medium)
- gnutls13 1.4.2-1 (medium)
-CVE-2006-XXXX [unspecified vulnerability in ruby on rails]
- - rails 1.1.6-1 (bug #382255; medium)
CVE-2006-4071 (Sign extension vulnerability in the createBrushIndirect
function in ...)
NOT-FOR-US: Microsoft
CVE-2006-4070 (Format string vulnerability in Imendio Planner 0.13 allows ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
