Author: alec-guest Date: 2006-06-22 20:59:53 +0000 (Thu, 22 Jun 2006) New Revision: 4281 Modified: data/CVE/list Log: NOT-FOR-US Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-06-22 20:57:33 UTC (rev 4280) +++ data/CVE/list 2006-06-22 20:59:53 UTC (rev 4281) @@ -147,7 +147,7 @@ CVE-2006-3011 RESERVED CVE-2003-1303 (Buffer overflow in the imap_fetch_overview function in the IMAP ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explore CVE-2003-1302 (The IMAP functionality in PHP before 4.3.1 allows remote attackers to ...) TODO: check CVE-2002-2215 (The imap_header function in the IMAP functionality for PHP before ...) @@ -580,23 +580,23 @@ CVE-2006-2806 (The SMTP server in Apache Java Mail Enterprise Server (aka Apache ...) NOT-FOR-US: Apache James CVE-2005-2468 (Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and ...) - TODO: check + NOT-FOR-US: MySQL Eventum CVE-2005-2467 (Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum ...) - TODO: check + NOT-FOR-US: MySQL Eventum CVE-2005-2466 (Multiple SQL injection vulnerabilities in the auth_user function in ...) - TODO: check + NOT-FOR-US: OpenBook CVE-2005-2465 (Cross-site scripting (XSS) vulnerability in pm.php in PCXP/TOPPE CMS ...) - TODO: check + NOT-FOR-US: PC-EXPERIENCE/TOPPE CMS CVE-2005-2464 (login.php in PCXP/TOPPE CMS allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: PC-EXPERIENCE/TOPPE CMS CVE-2005-2463 (Kayako liveResponse 2.x allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: Kayako liveResponse CVE-2005-2462 (Kayako liveResponse 2.x, when logging in a user, records the password ...) - TODO: check + NOT-FOR-US: Kayako liveResponse CVE-2005-2461 (Multiple SQL injection vulnerabilities in the calendar feature in ...) - TODO: check + NOT-FOR-US: Kayako liveResponse CVE-2005-2460 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako ...) - TODO: check + NOT-FOR-US: Kayako liveResponse CVE-2006-2842 (** DISPUTED ** ...) - squirrelmail <unfixed> (unimportant) NOTE: Only exploitable with register_globals enabled @@ -4242,7 +4242,7 @@ CVE-2006-1314 RESERVED CVE-2006-1313 (Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on ...) - TODO: check + NOT-FOR-US: Microsoft JScript CVE-2006-1312 RESERVED CVE-2006-1311 @@ -4532,7 +4532,7 @@ CVE-2006-1194 (Integer signedness error in the enet_protocol_handle_incoming_commands ...) NOT-FOR-US: Enet lib (Cube, Sauerbraten) CVE-2006-1193 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server ...) - TODO: check + NOT-FOR-US: Microsoft Exchange Server CVE-2006-1192 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to ...) NOT-FOR-US: Microsoft CVE-2006-1191 (Microsoft Internet Explorer 5.01 through 6 does not always correctly ...) @@ -4569,7 +4569,7 @@ CVE-2006-1176 RESERVED CVE-2006-1175 (The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for ...) - TODO: check + NOT-FOR-US: WeOnlyDo! SFTP CVE-2006-1174 (useradd in shadow-utils before 4.0.3, and possibly other versions ...) - shadow 1:4.0.15-10 (low) CVE-2006-1173 (Sendmail before 8.13.7 allows remote attackers to cause a denial of ...) @@ -8928,14 +8928,14 @@ CVE-2006-0026 RESERVED CVE-2006-0025 (Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 ...) - TODO: check + NOT-FOR-US: Microsoft Windows Media Player CVE-2006-0024 (Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 ...) - flashplugin-nonfree 7.0.61-4 (bug #357038; bug #357105) [sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin) CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and possibly ...) NOT-FOR-US: Microsoft CVE-2006-0022 (Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office ...) - TODO: check + NOT-FOR-US: Microsoft PowerPoint CVE-2006-0021 (Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows ...) NOT-FOR-US: Microsoft CVE-2006-0020 (An unspecified Microsoft WMF parsing application, as used in Internet ...) @@ -9914,7 +9914,7 @@ CVE-2005-3620 RESERVED CVE-2005-3619 (Cross-site scripting (XSS) vulnerability in the management interface ...) - TODO: check + NOT-FOR-US: VMware ESX CVE-2005-3618 RESERVED CVE-2005-3617 @@ -16086,7 +16086,7 @@ CVE-2005-1977 RESERVED CVE-2005-1976 (Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets ...) - TODO: check + NOT-FOR-US: Novell NetMail CVE-2002-1782 (The default configuration of University of Washington IMAP daemon ...) - uw-imap <unfixed> (bug #315499; low) CVE-2002-1781 (Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote ...)