thr3ads.net - Secure testing commits - [Secure-testing-commits] r4337

If this information is useful, please help other people find it:
Share via:
Joey Hess
2006-Jul-05 21:15 UTC
[Secure-testing-commits] r4337 - data/CVE

Author: joeyh
Date: 2006-07-05 21:14:24 +0000 (Wed, 05 Jul 2006)
New Revision: 4337

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-07-05 20:56:55 UTC (rev 4336)
+++ data/CVE/list	2006-07-05 21:14:24 UTC (rev 4337)
@@ -1,3 +1,35 @@
+CVE-2006-3350
+	RESERVED
+CVE-2006-3349 (Multiple SQL injection vulnerabilities in SmS Script allow
remote ...)
+	TODO: check
+CVE-2006-3348 (Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and
3.3 ...)
+	TODO: check
+CVE-2006-3347 (SQL injection vulnerability in index.php in deV!Lz Clanportal
DZCP ...)
+	TODO: check
+CVE-2006-3346 (SQL injection vulnerability in tree.php in MyNewsGroups 0.6
allows ...)
+	TODO: check
+CVE-2006-3345 (Cross-site scripting (XSS) vulnerability in AliPAGER, possibly
1.5 and ...)
+	TODO: check
+CVE-2006-3344 (Siemens Speedstream Wireless Router 2624 allows local users to
bypass ...)
+	TODO: check
+CVE-2006-3343 (PHP remote file inclusion vulnerability in recipe/cookbook.php
in ...)
+	TODO: check
+CVE-2006-3342 (Cross-site scripting (XSS) vulnerability in index.php in Arctic
1.0.2 ...)
+	TODO: check
+CVE-2006-3341 (SQL injection vulnerability in annonces-p-f.php in MyAds module
2.04jp ...)
+	TODO: check
+CVE-2006-3340 (Multiple PHP remote file inclusion vulnerabilities in Pearl For
Mambo ...)
+	TODO: check
+CVE-2006-3339 (secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156
allows ...)
+	TODO: check
+CVE-2006-3338 (Cross-site scripting (XSS) vulnerability in Atlassian JIRA
3.6.2-#156 ...)
+	TODO: check
+CVE-2006-3337 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2006-3336
+	RESERVED
+CVE-2006-3335 (Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04,
B.11.11, ...)
+	TODO: check
 CVE-2006-3334 (Buffer overflow in the png_decompress_chunk function in
pngrutil.c in ...)
 	TODO: check
 CVE-2006-3333 (Cross-site scripting (XSS) vulnerability in index.php in Zorum
Forum ...)
@@ -173,7 +205,7 @@
 	- hashcash 1.21
 CVE-2006-3250 (Heap-based buffer overflow in Windows Live Messenger 8.0 allows
...)
 	TODO: check
-CVE-2006-3249 (SQL injection vulnerability in search.php in Phorum 5.1.14 and
earlier ...)
+CVE-2006-3249 (** DISPUTED ** ...)
 	TODO: check
 CVE-2006-3248 (SQL injection vulnerability in calendar.php in Codewalkers PHP
Event ...)
 	TODO: check
@@ -440,7 +472,7 @@
 	RESERVED
 CVE-2006-3118 (spread uses a temporary file with a static filename based on the
port ...)
 	TODO: check
-CVE-2006-3117 (Heap-based buffer overflow in OpenOffice.org 1.1.x up to 1.1.5
and ...)
+CVE-2006-3117 (Heap-based buffer overflow in OpenOffice.org (aka StarOffice)
1.1.x up ...)
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
 CVE-2006-3116 (Multiple PHP remote file inclusion vulnerabilities in phpRaid
3.0.4 ...)
@@ -824,8 +856,8 @@
 	RESERVED
 CVE-2006-2936
 	RESERVED
-CVE-2006-2935
-	RESERVED
+CVE-2006-2935 (The dvd_read_bca function in the DVD handling code in ...)
+	TODO: check
 CVE-2006-2934 (SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for
Linux ...)
 	TODO: check
 CVE-2006-2933
@@ -879,8 +911,8 @@
 	NOT-FOR-US: SelectaPix
 CVE-2006-2911 (SQL injection vulnerability in controlpanel/index.php in CMS
Mundo before 1.0 ...)
 	NOT-FOR-US: CMS Mundo
-CVE-2006-2910
-	RESERVED
+CVE-2006-2910 (Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly
other ...)
+	TODO: check
 CVE-2006-2909 (Stack-based buffer overflow in the info tip shell extension ...)
 	NOT-FOR-US: PicoZip
 CVE-2006-2908 (The domecode function in inc/functions_post.php in
MyBulletinBoard ...)
@@ -2529,10 +2561,10 @@
 CVE-2006-2200 (Stack-based buffer overflow in MiMMS 0.0.9 allows remote
attackers to ...)
 	- libmms 0.2-5 (bug #374577; medium)
 	- mimms 2.0.0-1 (bug #374577; medium)
-CVE-2006-2199 (Unspecified vulnerability in Java Applets in OpenOffice.org
1.1.x up ...)
+CVE-2006-2199 (Unspecified vulnerability in Java Applets in OpenOffice.org
1.1.x (aka ...)
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
-CVE-2006-2198 (OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows
...)
+CVE-2006-2198 (OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x
before ...)
 	{DSA-1104}
 	- openoffice.org 2.0.3-1
 CVE-2006-2197 (Integer overflow in wv2 before 0.2.3 might allow
context-dependent ...)
@@ -2544,8 +2576,8 @@
 CVE-2006-2195 (Cross-site scripting (XSS) vulnerability in horde 3 (horde3)
before ...)
 	{DSA-1099-1 DSA-1098-1}
 	- horde3 3.1.1-3
-CVE-2006-2194
-	RESERVED
+CVE-2006-2194 (The winbind plugin in pppd for ppp 2.4.4 and earlier does not
check ...)
+	TODO: check
 CVE-2006-2193 (Buffer overflow in the t2p_write_pdf_string function in tiff2pdf
in libtiff ...)
 	{DSA-1091-1}
 	- tiff 3.8.2-4 (bug #371064; medium)
@@ -4422,10 +4454,10 @@
 	RESERVED
 CVE-2006-1471 (Format string vulnerability in the CF_syslog function launchd in
Apple ...)
 	TODO: check
-CVE-2006-1470 (OpenLDAP Apple Mac OS X 10.4 up to 10.4.6 allows remote
attackers to ...)
+CVE-2006-1470 (OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote
attackers ...)
 	- openldap2 <not-affected> (Vulnerable code not present)
 	- openldap2.2 <unfixed> (medium)
-CVE-2006-1469 (Stack-based buffer overflow ImageIO in Apple Mac OS X 10.4 up to
...)
+CVE-2006-1469 (Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up
to ...)
 	TODO: check
 CVE-2006-1468 (Unspecified vulnerability in Apple File Protocol (AFP) server in
Apple ...)
 	TODO: check
Secure testing commits - Jul 2006 - r4337 - data/CVE

[Secure-testing-commits] r4337 - data/CVE
