Secure testing commits - Sep 2006 - r4744 - data/CVE

Author: stef-guest
Date: 2006-09-18 20:51:00 +0000 (Mon, 18 Sep 2006)
New Revision: 4744

Modified:
   data/CVE/list
Log:
- CVE-2006-471[12]: new firefox-sage issues (medium)
- some NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-09-18 18:14:07 UTC (rev 4743)
+++ data/CVE/list	2006-09-18 20:51:00 UTC (rev 4744)
@@ -121,11 +121,11 @@
 	- magpierss <unfixed> (unimportant)
 	NOTE: path disclosure only
 CVE-2006-4734 (Multiple SQL injection vulnerabilities in
tiki-g-admin_processes.php ...)
-	- tikiwiki (medium; bug filed)
+	- tikiwiki (medium; bug #388122)
 CVE-2006-4733 (PHP remote file inclusion vulnerability in
sipssys/code/box.inc.php in ...)
-	TODO: check
+	NOT-FOR-US: simple, integrated publishing system (SIPS)
 CVE-2006-4732 (Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has
an ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2002-2218 (CRLF injection vulnerability in the setUserValue function in
...)
 	TODO: check
 CVE-2000-1241 (Unspecified vulnerability in Haakon Nilsen simple, integrated
...)
@@ -141,37 +141,37 @@
 CVE-2006-4727
 	RESERVED
 CVE-2006-4726 (Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX
6.1 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2006-4725 (Adobe ColdFusion MX 7 and 7.01 allows local users to bypass
security ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2006-4724 (Unspecified vulnerability in the ColdFusion Flash Remoting
Gateway in Adobe ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2006-4723 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: RaidenHTTPD
 CVE-2006-4722 (PHP remote file inclusion vulnerability in Open Bulletin Board
...)
-	TODO: check
+	NOT-FOR-US: Open Bulletin Board (OpenBB)
 CVE-2006-4721 (Directory traversal vulnerability in admin.php in CCleague Pro
Sports ...)
-	TODO: check
+	NOT-FOR-US: CCleague Pro Sports CMS
 CVE-2006-4720 (PHP remote file inclusion vulnerability in random2.php in
mcGalleryPRO ...)
-	TODO: check
+	NOT-FOR-US: mcGalleryPRO
 CVE-2006-4719 (Multiple PHP remote file inclusion vulnerabilities in
MyABraCaDaWeb ...)
-	TODO: check
+	NOT-FOR-US: MyABraCaDaWeb
 CVE-2006-4718 (Multiple cross-site scripting (XSS) vulnerabilities in
livre_or.php in ...)
-	TODO: check
+	NOT-FOR-US: KorviBlog
 CVE-2006-4717 (The login redirection mechanism in the Drupal 4.7 Pubcookie
module ...)
-	TODO: check
+	NOT-FOR-US: Pubcookie module for Drupal
 CVE-2006-4716 (PHP remote file inclusion vulnerability in demarrage.php in Fire
Soft ...)
-	TODO: check
+	NOT-FOR-US: Fire Soft Board (FSB)
 CVE-2006-4715 (SQL injection vulnerability in pdf_version.php in SpoonLabs
Vivvo ...)
-	TODO: check
+	NOT-FOR-US: SpoonLabs Vivvo Article Management CMS
 CVE-2006-4714 (PHP remote file inclusion vulnerability in index.php in
SpoonLabs ...)
-	TODO: check
+	NOT-FOR-US: SpoonLabs Vivvo Article Management CMS
 CVE-2006-4713 (PHP remote file inclusion vulnerability in config.php in
PSYWERKS PUMA ...)
-	TODO: check
+	NOT-FOR-US: PSYWERKS PUMA
 CVE-2006-4712 (Multiple cross-site scripting (XSS) vulnerabilities in Sage
1.3.6 ...)
-	TODO: check
+	- firefox-sage <unfixed> (bug filed; medium)
 CVE-2006-4711 (Multiple cross-site scripting (XSS) vulnerabilities in Sage
allow ...)
-	TODO: check
+	- firefox-sage <unfixed> (bug filed; medium)
 CVE-2006-4710 (Multiple cross-site scripting (XSS) vulnerabilities in NewsGator
...)
 	TODO: check
 CVE-2006-4709 (SQL injection vulnerability in topic.php in Vikingboard 0.1b
allows ...)