Author: stef-guest Date: 2006-05-09 19:46:45 +0000 (Tue, 09 May 2006) New Revision: 3930 Modified: data/CVE/list Log: tiff bugnum; some NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-05-09 19:32:30 UTC (rev 3929) +++ data/CVE/list 2006-05-09 19:46:45 UTC (rev 3930) @@ -285,7 +285,7 @@ CVE-2006-2134 (PHP remote file inclusion vulnerability in /includes/kb_constants.php ...) TODO: check CVE-2005-4794 (Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 ...) - cgiirc <unfixed> (bug #365680; medium) [sarge] - cgiirc <unfixed> (bug #365680; medium) @@ -317,7 +317,7 @@ CVE-2006-2121 (PHP remote file include vulnerability in admin/config_settings.tpl.php ...) TODO: check CVE-2006-2120 (The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers ...) - - tiff 3.8.1 (bug filed; medium) + - tiff 3.8.1 (bug #366588; medium) CVE-2006-2119 (PHP remote file inclusion vulnerability in event/index.php in Artmedic ...) TODO: check CVE-2006-2118 (JMK''s Picture Gallery allows remote attackers to bypass authentication ...) @@ -335,7 +335,7 @@ CVE-2006-2112 RESERVED CVE-2006-2111 (Microsoft Internet Explorer 6.0 on Windows XP SP2, and possibly other ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x ...) TODO: check CVE-2006-2109 (Cross-site scripting (XSS) vulnerability in the parse_query_str ...) @@ -369,13 +369,13 @@ CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of service ...) TODO: check CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2 and ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows user-complicit ...) TODO: check CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for Windows ...) TODO: check CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows ...) - TODO: check + NOT-FOR-US: Virtual War CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x ...) TODO: check CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php in ...) @@ -383,11 +383,11 @@ CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open ...) TODO: check CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote ...) - TODO: check + NOT-FOR-US: Hitachi Groupmax CVE-2006-2086 (Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx ...) - TODO: check + NOT-FOR-US: juniper SSL-VPN CVE-2006-2085 (Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in ...) - TODO: check + NOT-FOR-US: SpeedProject Squeez CVE-2006-2084 (Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 ...) TODO: check CVE-2006-2083 (Integer overflow in the receive_xattr function in the extended ...) @@ -397,7 +397,7 @@ CVE-2006-2082 RESERVED CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to execute ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in Verosky ...) TODO: check CVE-2006-2079 (Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky ...) @@ -411,7 +411,7 @@ CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to ...) TODO: check CVE-2006-2074 (Unspecified vulnerability in Juniper Networks JUNOSe E-series routers ...) - TODO: check + NOT-FOR-US: Juniper Networks JUNOSe CVE-2006-2073 (Unspecified vulnerability in ISC BIND allows remote attackers to cause ...) TODO: check CVE-2006-2072 (Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and ...) @@ -421,7 +421,7 @@ CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State ...) TODO: check CVE-2004-2659 (Opera offers an Open button to verify that a user wishes to execute a ...) - TODO: check + NOT-FOR-US: Opera CVE-2006-2071 (Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass ...) TODO: check CVE-2006-2070 (Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 ...) @@ -429,7 +429,7 @@ CVE-2006-2069 (The recursor in PowerDNS before 3.0.1 allows remote attackers to cause ...) TODO: check CVE-2006-2068 (Unspecified vulnerability in Hitachi JP1 products allow remote ...) - TODO: check + NOT-FOR-US: Hitachi JP1 CVE-2006-2067 (SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, ...) TODO: check CVE-2006-2066 (Multiple cross-site scripting (XSS) vulnerabilities pm_popup.php in ...) @@ -455,9 +455,9 @@ CVE-2006-2056 (Argument injection vulnerability in Internet Explorer 6 for Windows XP ...) TODO: check CVE-2006-2055 (Argument injection vulnerability in Micrsoft Outlook 2003 SP1 allows ...) - TODO: check + NOT-FOR-US: Micrsoft Outlook CVE-2006-2054 (3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before ...) - TODO: check + NOT-FOR-US: 3Com CVE-2006-2053 (Multiple SQL injection vulnerabilities in QuickEStore 7.9 and earlier ...) TODO: check CVE-2006-2052 (Cross-site scripting (XSS) vulnerability in Verosky Media Instant ...) @@ -505,7 +505,7 @@ CVE-2006-2031 (Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin ...) TODO: check CVE-2006-2030 (The Allied Telesyn AT-9724TS switch allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Allied Telesyn CVE-2006-2029 (Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog ...) TODO: check CVE-2006-2028 (Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy ...)