Author: joeyh Date: 2006-07-20 09:14:36 +0000 (Thu, 20 Jul 2006) New Revision: 4426 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-07-20 03:12:17 UTC (rev 4425) +++ data/CVE/list 2006-07-20 09:14:36 UTC (rev 4426) @@ -1,3 +1,29 @@ +CVE-2006-3737 (Cross-site scripting (XSS) vulnerability in ...) + TODO: check +CVE-2006-3736 (PHP remote file inclusion vulnerability in core/videodb.class.xml.php ...) + TODO: check +CVE-2006-3735 (Multiple PHP remote file inclusion vulnerabilities in Mail2Forum ...) + TODO: check +CVE-2006-3734 (Multiple unspecified vulnerabilities in the Command Line Interface ...) + TODO: check +CVE-2006-3733 (Unspecified vulnerability in a component of the JBoss web application ...) + TODO: check +CVE-2006-3732 (Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...) + TODO: check +CVE-2006-3731 (Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted ...) + TODO: check +CVE-2006-3730 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...) + TODO: check +CVE-2006-3729 (DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office ...) + TODO: check +CVE-2006-3728 (Unspecified vulnerability in the kernel in Solaris 10 with patch ...) + TODO: check +CVE-2006-3727 (Multiple SQL injection vulnerabilities in Eskolar CMS 0.9.0.0 allow ...) + TODO: check +CVE-2006-3726 (Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th ...) + TODO: check +CVE-2006-3725 (Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a ...) + TODO: check CVE-2006-3724 (Unspecified vulnerability in JD Edwards HTML Server for Oracle ...) NOT-FOR-US: Oracle CVE-2006-3723 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle ...) @@ -272,8 +298,8 @@ - webauth 3.5.2-1 CVE-2006-3590 (Unspecified vulnerability in mso.dll, as used by Microsoft PowerPoint ...) NOT-FOR-US: Microsoft PowerPoint -CVE-2006-3589 - RESERVED +CVE-2006-3589 (vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure ...) + TODO: check CVE-2006-3588 (Unspecified vulnerability in Macromedia Flash Player 8.0.24.0 allows ...) NOT-FOR-US: Macromedia Flash Player 8 CVE-2006-3587 (Unspecified vulnerability in Macromedia Flash Player 8.0.24.0 allows ...) @@ -513,6 +539,7 @@ CVE-2006-3470 (The Dell Openmanage CD launches X11 and SSH daemons that do not ...) NOT-FOR-US: Dell Openmanage CD CVE-2006-3469 (Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and ...) + {DSA-1112} TODO: check CVE-2006-3468 (Linux kernel 2.6.x, when using both NFS and EXT3, allows remote ...) TODO: check @@ -534,7 +561,7 @@ RESERVED CVE-2006-3459 RESERVED -CVE-2006-3486 (Off-by-one buffer overflow in the ...) +CVE-2006-3486 (** DISPUTED ** ...) - mysql-dfsg-5.0 <unfixed> (unimportant) [sarge] - mysql-dfsg-4.1 <not-affected> (Vulnerable code not present) [sarge] - mysql-dfsg <not-affected> (Vulnerable code not present) @@ -755,6 +782,7 @@ CVE-2006-XXXX [trac: reStructuredText breach of privacy and denial of service] - trac 0.9.6-1 CVE-2006-3458 (Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does ...) + {DSA-1113} - zope2.7 <removed> (bug #377285; medium) - zope2.8 2.8.7-2 (bug #377277; medium) - zope2.9 2.9.3-3 (bug #377286; medium) @@ -1310,6 +1338,7 @@ - gnupg 1.4.3-2 (bug #375052; low) - gnupg2 1.9.20-1.1 (bug #375053; low) CVE-2006-3081 (mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x ...) + {DSA-1112} - mysql-server-5.0 5.0.19-1 (bug #373913; high) CVE-2006-3100 [termnetd buffer overflow] RESERVED