Author: joeyh Date: 2006-07-19 21:14:44 +0000 (Wed, 19 Jul 2006) New Revision: 4415 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-07-19 18:47:52 UTC (rev 4414) +++ data/CVE/list 2006-07-19 21:14:44 UTC (rev 4415) @@ -1,3 +1,131 @@ +CVE-2006-3724 (Unspecified vulnerability in JD Edwards HTML Server for Oracle ...) + TODO: check +CVE-2006-3723 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle ...) + TODO: check +CVE-2006-3722 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle ...) + TODO: check +CVE-2006-3721 (Multiple unspecified vulnerabilities in Oracle Management Service for ...) + TODO: check +CVE-2006-3720 (Unspecified vulnerability in Enterprise Config Management for Oracle ...) + TODO: check +CVE-2006-3719 (Unspecified vulnerability in CORE: Repository for Oracle Enterprise ...) + TODO: check +CVE-2006-3718 (Multiple unspecified vulnerabilities in Oracle Exchange for Oracle ...) + TODO: check +CVE-2006-3717 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...) + TODO: check +CVE-2006-3716 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...) + TODO: check +CVE-2006-3715 (Unspecified vulnerability in Calendar for Oracle Collaboration Suite ...) + TODO: check +CVE-2006-3714 (Unspecified vulnerability in OC4J for Oracle Application Server ...) + TODO: check +CVE-2006-3713 (Unspecified vulnerability in OC4J for Oracle Application Server ...) + TODO: check +CVE-2006-3712 (Unspecified vulnerability in OC4J for Oracle Application Server ...) + TODO: check +CVE-2006-3711 (Unspecified vulnerability in OC4J for Oracle Application Server ...) + TODO: check +CVE-2006-3710 (Unspecified vulnerability in OC4J for Oracle Application Server ...) + TODO: check +CVE-2006-3709 (Unspecified vulnerability in OC4J for Oracle Application Server ...) + TODO: check +CVE-2006-3708 (Unspecified vulnerability in OC4J for Oracle Application Server ...) + TODO: check +CVE-2006-3707 (Unspecified vulnerability in OC4J for Oracle Application Server ...) + TODO: check +CVE-2006-3706 (Unspecified vulnerability in OC4J for Oracle Application Server ...) + TODO: check +CVE-2006-3705 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have ...) + TODO: check +CVE-2006-3704 (Unspecified vulnerability in the Oracle ODBC Driver for Oracle ...) + TODO: check +CVE-2006-3703 (Unspecified vulnerability in InterMedia for Oracle Database 9.0.1.5, ...) + TODO: check +CVE-2006-3702 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, ...) + TODO: check +CVE-2006-3701 (Unspecified vulnerability in the Dictionary component in Oracle ...) + TODO: check +CVE-2006-3700 (Multiple unspecified vulnerabilities in Oracle Database 9.2.0.6 and ...) + TODO: check +CVE-2006-3699 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) + TODO: check +CVE-2006-3698 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have ...) + TODO: check +CVE-2006-3697 (Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft ...) + TODO: check +CVE-2006-3696 (filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows ...) + TODO: check +CVE-2006-3695 (Unspecified vulnerability in Trac before 0.9.6 allows remote attackers ...) + TODO: check +CVE-2006-3694 (Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote ...) + TODO: check +CVE-2006-3693 (Rocks Clusters 4.1 and earlier allows local users to gain privileges ...) + TODO: check +CVE-2006-3692 (PHP remote file inclusion vulnerability in enduser/listmessenger.php ...) + TODO: check +CVE-2006-3691 (Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier ...) + TODO: check +CVE-2006-3690 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...) + TODO: check +CVE-2006-3689 (PHP remote file inclusion vulnerability in user-func.php in Codeworks ...) + TODO: check +CVE-2006-3688 (SQL injection vulnerability in Room.php in Francisco Charrua ...) + TODO: check +CVE-2006-3687 (Stack-based buffer overflow in the Universal Plug and Play (UPnP) ...) + TODO: check +CVE-2006-3686 (Unspecified vulnerability in [SYSEXE]SMPUTIL.EXE in HP OpenVMS 7.3-2 ...) + TODO: check +CVE-2006-3685 (PHP remote file inclusion vulnerability in CzarNews 1.12 through 1.14 ...) + TODO: check +CVE-2006-3684 (PHP remote file inclusion vulnerability in calendar.php in SoftComplex ...) + TODO: check +CVE-2006-3683 (PHP remote file inclusion vulnerability in poll.php in Flipper Poll ...) + TODO: check +CVE-2006-3682 (awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote ...) + TODO: check +CVE-2006-3681 (Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in ...) + TODO: check +CVE-2006-3680 (Cross-site scripting (XSS) vulnerability in photocycle in Photocycle ...) + TODO: check +CVE-2006-3679 (FatWire Content Server 5.5.0 allows remote attackers to bypass access ...) + TODO: check +CVE-2006-3678 + RESERVED +CVE-2006-3677 + RESERVED +CVE-2006-3676 + RESERVED +CVE-2006-3675 + RESERVED +CVE-2006-3674 (nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote ...) + TODO: check +CVE-2006-3673 (nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote ...) + TODO: check +CVE-2006-3672 (KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a ...) + TODO: check +CVE-2006-3671 (Cross-site request forgery (CSRF) vulnerability in the communicate ...) + TODO: check +CVE-2006-3670 (Stack-based buffer overflow in Winlpd 1.26 allows remote attackers to ...) + TODO: check +CVE-2006-3669 (Mercury Messenger, possibly 1.7.1.1 and other versions, when running ...) + TODO: check +CVE-2006-3668 (Heap-based buffer overflow in the it_read_envelope function in Dynamic ...) + TODO: check +CVE-2006-3667 (Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking ...) + TODO: check +CVE-2006-3666 (SQL injection vulnerability in AjaxPortal 3.0, with magic_quotes_gpc ...) + TODO: check +CVE-2006-3665 (SquirrelMail 1.4.6 and earlier, with register_globals enabled, allows ...) + TODO: check +CVE-2006-3664 (Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 ...) + TODO: check +CVE-2006-3663 (Finjan Appliance 5100/8100 NG 8.3.5 stores passwords in plaintext in a ...) + TODO: check +CVE-2006-3662 (SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote ...) + TODO: check +CVE-2006-3661 (Cross-site scripting (XSS) vulnerability in Index.PHP in CuteNews ...) + TODO: check CVE-2006-3660 (Unspecified vulnerability in Microsoft PowerPoint 2003 has unknown ...) TODO: check CVE-2006-3659 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...) @@ -54,18 +182,18 @@ RESERVED CVE-2006-3633 RESERVED -CVE-2006-3632 - RESERVED -CVE-2006-3631 - RESERVED -CVE-2006-3630 - RESERVED -CVE-2006-3629 - RESERVED -CVE-2006-3628 - RESERVED -CVE-2006-3627 - RESERVED +CVE-2006-3632 (Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 ...) + TODO: check +CVE-2006-3631 (Unspecified vulnerability in the SSH dissector in Wireshark (aka ...) + TODO: check +CVE-2006-3630 (Multiple off-by-one errors in Wireshark (aka Ethereal) 0.9.7 to ...) + TODO: check +CVE-2006-3629 (Unspecified vulnerability in the MOUNT dissector in Wireshark ...) + TODO: check +CVE-2006-3628 (Multiple format string vulnerabilities in Wireshark (aka Ethereal) ...) + TODO: check +CVE-2006-3627 (Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark ...) + TODO: check CVE-2006-3625 (FLV Players 8 allows remote attackers to obtain sensitive information ...) TODO: check CVE-2006-3624 (Multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 ...) @@ -192,7 +320,7 @@ NOT-FOR-US: Juniper CVE-2006-3566 (search.results.php in HiveMail 3.1 and earlier allows remote attackers ...) NOT-FOR-US: HiveMail -CVE-2006-3565 (SQL injection vulnerability in search.results.php in HiveMail 3.1 and ...) +CVE-2006-3565 (SQL injection vulnerability in search.results.php in HiveMail 1.3 and ...) NOT-FOR-US: HiveMail CVE-2006-3564 (Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 ...) NOT-FOR-US: HiveMail @@ -384,14 +512,14 @@ TODO: check CVE-2006-3470 (The Dell Openmanage CD launches X11 and SSH daemons that do not ...) TODO: check -CVE-2006-3469 - RESERVED -CVE-2006-3468 - RESERVED -CVE-2006-3467 - RESERVED +CVE-2006-3469 (Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and ...) + TODO: check +CVE-2006-3468 (Linux kernel 2.6.x, when using both NFS and EXT3, allows remote ...) + TODO: check +CVE-2006-3467 (Integer overflow in FreeType before 2.2 allows remote attackers to ...) + TODO: check CVE-2006-3466 - RESERVED + REJECTED CVE-2006-3465 RESERVED CVE-2006-3464 @@ -626,7 +754,7 @@ TODO: check CVE-2006-XXXX [trac: reStructuredText breach of privacy and denial of service] - trac 0.9.6-1 -CVE-2006-3458 (Unspecified vulnerability in Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and ...) +CVE-2006-3458 (Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does ...) - zope2.7 <unfixed> (bug #377285; medium) - zope2.8 2.8.7-2 (bug #377277; medium) - zope2.9 2.9.3-3 (bug #377286; medium) @@ -6560,10 +6688,10 @@ NOT-FOR-US: Dwarf HTTP Server CVE-2006-0819 (Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source ...) NOT-FOR-US: Dwarf HTTP Server -CVE-2006-0818 - RESERVED -CVE-2006-0817 - RESERVED +CVE-2006-0818 (Absolute path directory traversal vulnerability in (1) MERAK Mail Server for ...) + TODO: check +CVE-2006-0817 (Absolute path directory traversal vulnerability in (a) MERAK Mail ...) + TODO: check CVE-2006-0816 (Orion Application Server before 2.0.7, when running on Windows, allows ...) NOT-FOR-US: Orion Application Server CVE-2006-0815 (NetworkActiv Web Server 3.5.15 allows remote attackers to read script ...)