Author: stef-guest
Date: 2006-10-05 19:12:16 +0000 (Thu, 05 Oct 2006)
New Revision: 4813
Modified:
data/CVE/list
Log:
many NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-05 18:44:54 UTC (rev 4812)
+++ data/CVE/list 2006-10-05 19:12:16 UTC (rev 4813)
@@ -1,17 +1,17 @@
CVE-2006-5167 (Multiple PHP remote file inclusion vulnerabilities in BasiliX
1.1.1 ...)
- TODO: check
+ NOT-FOR-US: BasiliX
CVE-2006-5166 (PHP remote file inclusion vulnerability in functions.php in PHP
Web ...)
- TODO: check
+ NOT-FOR-US: PHP Web Scripts Easy Banner Free
CVE-2006-5165 (PHP remote file inclusion vulnerability in
inc/functions.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Skrypty PPA Gallery
CVE-2006-5164 (Multiple cross-site scripting (XSS) vulnerabilities in cart.php
in Sum ...)
- TODO: check
+ NOT-FOR-US: digiSHOP
CVE-2006-5163 (IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and
possibly ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2006-5162 (wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-5161 (IBM Client Security Password Manager stores and distributes
saved ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2006-5160 (** DISPUTED ** ...)
TODO: check
CVE-2006-5159 (** DISPUTED ** ...)
@@ -19,33 +19,33 @@
CVE-2006-5158 (Unspecified vulnerability in NFS lockd in the kernel in SUSE
Linux 9.2 ...)
TODO: check
CVE-2006-5157 (Format string vulnerability in the ActiveX control
(ATXCONSOLE.OCX) in ...)
- TODO: check
+ NOT-FOR-US: TrendMicro OfficeScan
CVE-2006-5156 (Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720
and ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2006-5155 (PHP remote file inclusion vulnerability in core/pdf.php in
VideoDB ...)
- TODO: check
+ NOT-FOR-US: VideoDB
CVE-2006-5154 (PHP remote file inclusion vulnerability in cp/sig.php in
DeluxeBB 1.09 ...)
- TODO: check
+ NOT-FOR-US: DeluxeBB
CVE-2006-5153 (The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio
Personal ...)
- TODO: check
+ NOT-FOR-US: Kerio Personal Firewall
CVE-2006-5152 (Cross-site scripting (XSS) vulnerability in Microsoft Internet
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-5151 (Unspecified vulnerability in HP Ignite-UX server before
C.6.9.150 for ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2006-5150 (SQL injection vulnerability in the reports system in OpenBiblio
before ...)
- TODO: check
+ NOT-FOR-US: OpenBiblio
CVE-2006-5149 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
- TODO: check
+ NOT-FOR-US: OpenBiblio
CVE-2006-5148 (Multiple PHP remote file inclusion vulnerabilities in Forum82
2.5.2b ...)
- TODO: check
+ NOT-FOR-US: Forum82
CVE-2006-5147 (PHP remote file inclusion vulnerability in
wamp_dir/setup/yesno.phtml ...)
- TODO: check
+ NOT-FOR-US: VAMP Webmail
CVE-2006-5146 (Multiple cross-site scripting (XSS) vulnerabilities in Yblog
allow ...)
- TODO: check
+ NOT-FOR-US: Yblog
CVE-2006-5145 (Multiple SQL injection vulnerabilities in OlateDownload 3.4.0
allow ...)
- TODO: check
+ NOT-FOR-US: OlateDownload
CVE-2006-5144 (Cross-site scripting (XSS) vulnerability in userupload.php in
...)
- TODO: check
+ NOT-FOR-US: OlateDownload
CVE-2006-XXXX [unspecified libgsf security issue (IDEF1622)]
- libgsf 1.14.2-1
CVE-2006-5143
@@ -53,143 +53,143 @@
CVE-2006-5142
RESERVED
CVE-2006-5141 (PHP remote file inclusion vulnerability in script.php in Kevin
A. ...)
- TODO: check
+ NOT-FOR-US: Open Geo Targeting (aka geotarget)
CVE-2006-5140 (SQL injection vulnerability in display.php in Lappy512 PHP
Krazy Image ...)
- TODO: check
+ NOT-FOR-US: Image Host Script (phpkimagehost)
CVE-2006-5139 (Unspecified vulnerability in MkPortal allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: MkPortal
CVE-2006-5138 (Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain
...)
- TODO: check
+ NOT-FOR-US: Groupee UBB.threads
CVE-2006-5137 (Multiple direct static code injection vulnerabilities in
Groupee ...)
- TODO: check
+ NOT-FOR-US: Groupee UBB.threads
CVE-2006-5136 (Multiple PHP remote file inclusion vulnerabilities in
ubbt.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Groupee UBB.threads
CVE-2006-5135 (Multiple PHP remote file inclusion vulnerabilities in A-Blog 2
allow ...)
- TODO: check
+ NOT-FOR-US: A-Blog
CVE-2006-5134 (Mercury SiteScope 8.2 (8.1.2.0) allows remote authenticated
users to ...)
- TODO: check
+ NOT-FOR-US: Mercury SiteScope
CVE-2006-5133 (Buffer overflow in GuildFTPd 0.999.13 allows remote attackers
to have ...)
- TODO: check
+ NOT-FOR-US: GuildFTPd
CVE-2006-5132 (Multiple PHP remote file inclusion vulnerabilities in
phpMyAgenda 3.0 ...)
- TODO: check
+ NOT-FOR-US: phpMyAgenda
CVE-2006-5131 (module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just
another ...)
- TODO: check
+ NOT-FOR-US: just another flat file (JAF) CMS
CVE-2006-5130 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk
just ...)
- TODO: check
+ NOT-FOR-US: ust another flat file (JAF) CMS
CVE-2006-5129 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk
just ...)
- TODO: check
+ NOT-FOR-US: ust another flat file (JAF) CMS
CVE-2006-5128 (SQL injection vulnerability in index.php in Bartels Schoene
ConPresso ...)
- TODO: check
+ NOT-FOR-US: ConPresso
CVE-2006-5127 (Multiple cross-site scripting (XSS) vulnerabilities in Bartels
Schoene ...)
- TODO: check
+ NOT-FOR-US: ConPresso
CVE-2006-5126 (PHP remote file inclusion vulnerability in index.php in John
Himmelman ...)
- TODO: check
+ NOT-FOR-US: PowerPortal
CVE-2006-5125 (Directory traversal vulnerability in window.php, possibly used
by ...)
- TODO: check
+ NOT-FOR-US: phpMyWebmin
CVE-2006-5124 (Multiple PHP remote file inclusion vulnerabilities in Joshua
Muheim ...)
- TODO: check
+ NOT-FOR-US: phpMyWebmin
CVE-2006-5123 (Multiple PHP remote file inclusion vulnerabilities in Albrecht
...)
- TODO: check
+ NOT-FOR-US: PHProjekt
CVE-2006-5122 (Multiple cross-site scripting (XSS) vulnerabilities in Mercury
...)
- TODO: check
+ NOT-FOR-US: SiteScope
CVE-2006-5121 (SQL injection vulnerability in modules/Downloads/admin.php in
the ...)
- TODO: check
+ NOT-FOR-US: PostNuke
CVE-2006-5120 (Multiple cross-site scripting (XSS) vulnerabilities in Scott
Metoyer ...)
- TODO: check
+ NOT-FOR-US: Red Mombin
CVE-2006-5119 (Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart
1.3.5 ...)
- TODO: check
+ NOT-FOR-US: Zen Cart
CVE-2006-5118 (PHP remote file inclusion vulnerability in index.php3 in the
PDD ...)
- TODO: check
+ NOT-FOR-US: PHPSelect Web Development Division
CVE-2006-5117 (phpMyAdmin before 2.9.1-rc1 has a libraries directory under the
web ...)
TODO: check
CVE-2006-5116 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
TODO: check
CVE-2006-5115 (Directory traversal vulnerability in kgcall.php in KGB 1.87
allows ...)
- TODO: check
+ NOT-FOR-US: KGB
CVE-2006-5114 (Multiple cross-site scripting (XSS) vulnerabilities in wgate in
SAP ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2006-5113 (Directory traversal vulnerability in common.php in Yuuki
Yoshizawa ...)
- TODO: check
+ NOT-FOR-US: Exporia
CVE-2006-5112 (Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows
remote ...)
- TODO: check
+ NOT-FOR-US: NaviCOPA Web Server
CVE-2006-5111 (The libksba library 0.9.12 and possibly other versions, as used
by ...)
TODO: check
CVE-2006-5110 (Cross-site scripting (XSS) vulnerability in home.php in PHP
Invoice ...)
- TODO: check
+ NOT-FOR-US: PHP Invoice
CVE-2006-5109 (Devellion CubeCart 2.0.x allows remote attackers to obtain
sensitive ...)
- TODO: check
+ NOT-FOR-US: CubeCart
CVE-2006-5108 (Multiple cross-site scripting (XSS) vulnerabilities in
Devellion ...)
- TODO: check
+ NOT-FOR-US: CubeCart
CVE-2006-5107 (Multiple SQL injection vulnerabilities in Devellion CubeCart
2.0.x ...)
- TODO: check
+ NOT-FOR-US: CubeCart
CVE-2006-5106 (Cross-site scripting (XSS) vulnerability in FacileForms before
1.4.7 ...)
- TODO: check
+ NOT-FOR-US: FacileForms for Mambo and Joomla!
CVE-2006-5105 (Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS
1.1.1 ...)
- TODO: check
+ NOT-FOR-US: SyntaxCMS
CVE-2006-5104 (SQL injection vulnerability in global.php in Jelsoft vBulletin
2.x ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2006-5103 (PHP remote file inclusion vulnerability in index2.php in bbsNew
2.0.1 ...)
- TODO: check
+ NOT-FOR-US: bbsNew
CVE-2006-5102 (PHP remote file inclusion vulnerability in
include/editfunc.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Newswriter SW
CVE-2006-5101 (PHP remote file inclusion vulnerability in include.php in
Comdev CSV ...)
- TODO: check
+ NOT-FOR-US: Comdev CSV Importer
CVE-2006-5100 (PHP remote file inclusion vulnerability in parse/parser.php in
...)
- TODO: check
+ NOT-FOR-US: WEB//NEWS (aka webnews)
CVE-2006-5099 (lib/exec/fetch.php in DokuWiki before 2006-03-09e, when ...)
TODO: check
CVE-2006-5098 (lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote
...)
TODO: check
CVE-2006-5097 (PHP remote file inclusion vulnerability in index.php in net2ftp
allows ...)
- TODO: check
+ NOT-FOR-US: net2ftp
CVE-2006-5096 (Multiple cross-site scripting (XSS) vulnerabilities in
index.php in ...)
- TODO: check
+ NOT-FOR-US: VirtueMart
CVE-2006-5095 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: MyPhotos
CVE-2006-5094 (PHP remote file inclusion vulnerability in
includes/functions_kb.php ...)
TODO: check
CVE-2006-5093 (PHP remote file inclusion vulnerability in index.php in Tagmin
Control ...)
- TODO: check
+ NOT-FOR-US: TagIt! Tagboard
CVE-2006-5092 (PHP remote file inclusion vulnerability in navigation/menu.php
in ...)
- TODO: check
+ NOT-FOR-US: A-Blog
CVE-2006-5091 (Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS
Server ...)
- TODO: check
+ NOT-FOR-US: HP-UX Samba
CVE-2006-5090 (Multiple cross-site scripting (XSS) vulnerabilities in Phoenix
...)
- TODO: check
+ NOT-FOR-US: Phoenix Evolution CMS (PECMS)
CVE-2006-5089 (PHP remote file inclusion vulnerability in mybic_server.php in
My-BIC ...)
- TODO: check
+ NOT-FOR-US: My-BIC
CVE-2006-5088 (PHP remote file inclusion vulnerability in
connected_users.lib.php3 in ...)
- TODO: check
+ NOT-FOR-US: phpMyChat
CVE-2006-5087 (Multiple PHP remote file inclusion vulnerabilities in evoBB 0.3
and ...)
- TODO: check
+ NOT-FOR-US: evoBB
CVE-2006-5086 (Blog Pixel Motion 2.1.1 allows remote attackers to change the
username ...)
- TODO: check
+ NOT-FOR-US: Blog Pixel Motion
CVE-2006-5085 (Static code injection vulnerability in config.php in Blog Pixel
Motion ...)
- TODO: check
+ NOT-FOR-US: Blog Pixel Motion
CVE-2006-5084 (Format string vulnerability in eBay Skype 1.5.0.79 has
unspecified ...)
- TODO: check
+ NOT-FOR-US: Skype
CVE-2006-5083 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Integrated MODs (IM) Portal
CVE-2006-5082 (Unspecified vulnerability in Sugar Suite Open Source (SugarCRM)
before ...)
- TODO: check
+ NOT-FOR-US: Sugar Suite Open Source (SugarCRM)
CVE-2006-5081 (PHP remote file inclusion vulnerability in acc.php in
QuickBlogger ...)
- TODO: check
+ NOT-FOR-US: QuickBlogger
CVE-2006-5080 (Cross-site scripting (XSS) vulnerability in the search function
in Six ...)
- TODO: check
+ NOT-FOR-US: Movable Type
CVE-2006-5079 (PHP remote file inclusion vulnerability in class.mysql.php in
Matt ...)
- TODO: check
+ NOT-FOR-US: paBugs
CVE-2006-5078 (PHP remote file inclusion vulnerability in view/general.php in
...)
- TODO: check
+ NOT-FOR-US: Polaring
CVE-2006-5077 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Minerva
CVE-2006-5076 (Multiple PHP remote file inclusion vulnerabilities in
OpenConcept ...)
- TODO: check
+ NOT-FOR-US: OpenConcept Back-End
CVE-2006-5075 (The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun
Solaris ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2006-5074 (Cross-site scripting (XSS) vulnerability in home.php in PHP
Invoice ...)
- TODO: check
+ NOT-FOR-US: PHP Invoice
CVE-2006-5073 (Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2006-XXXX [graphicsmagic buffer overflows]
- graphicsmagick 1.1.7-9
TODO: check for security relevance and CVE-ids. Maybe imagemagick is
affected, too
@@ -1412,7 +1412,7 @@
CVE-2006-4512
RESERVED
CVE-2006-4511 (Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6
allows ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2006-4510
RESERVED
CVE-2006-4509
@@ -1671,31 +1671,31 @@
CVE-2006-4400
RESERVED
CVE-2006-4399 (User interface inconsistency in Workgroup Manager in Apple Mac
OS X ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4398
RESERVED
CVE-2006-4397 (Unchecked error condition in LoginWindow in Apple Mac OS X 10.4
...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4396
RESERVED
CVE-2006-4395 (Unspecified vulnerability in QuickDraw Manager in Apple Mac OS
X ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4394 (A logic error in LoginWindow in Apple Mac OS X 10.4 through
10.4.7, ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4393 (Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4
...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4392 (The Mach kernel, as used in operating systems including (1) Mac
OS X ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4391 (Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through
10.4.7 ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4390 (CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9
allows ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4389 (Apple QuickTime before 7.1.3 allows user-assisted remote
attackers to ...)
NOT-FOR-US: Apple QuickTime
CVE-2006-4388 (Integer overflow in Apple QuickTime before 7.1.3 allows
user-assisted ...)
NOT-FOR-US: Apple QuickTime
CVE-2006-4387 (Apple Mac OS X 10.4 through 10.4.7, when the administrator
clears the ...)
- TODO: check
+ NOT-FOR-US: Mac OS
CVE-2006-4386 (Integer overflow in Apple QuickTime before 7.1.3 allows
user-assisted ...)
NOT-FOR-US: Apple QuickTime
CVE-2006-4385 (Buffer overflow in Apple QuickTime before 7.1.3 allows
user-assisted ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
