Secure testing commits - Apr 2006 - r3820 - data/CVE

Author: stef-guest
Date: 2006-04-17 19:30:31 +0000 (Mon, 17 Apr 2006)
New Revision: 3820

Modified:
   data/CVE/list
Log:
new xine issue; some NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-04-17 16:28:07 UTC (rev 3819)
+++ data/CVE/list	2006-04-17 19:30:31 UTC (rev 3820)
@@ -375,32 +375,31 @@
 CVE-2006-1665 (Multiple cross-site scripting (XSS) vulnerabilities in Arab
Portal ...)
 	NOT-FOR-US: Arab Portal
 CVE-2006-1664 (Buffer overflow in xine_list_delete_current in libxine 1.14 and
...)
-	TODO: check
+	- libxine1 <unfixed> (bug filed; medium)
 CVE-2006-1663
 	REJECTED
-	TODO: check
 CVE-2006-1662 (The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Limbo CMS
 CVE-2006-1661 (Multiple cross-site scripting (XSS) vulnerabilities in SKForum
1.5 and ...)
-	TODO: check
+	NOT-FOR-US: SKForum
 CVE-2006-1660 (Cross-site scripting (XSS) vulnerability in image_desc.php in
Softbiz ...)
-	TODO: check
+	NOT-FOR-US: Softbiz Image Gallery
 CVE-2006-1659 (Multiple SQL injection vulnerabilities in Softbiz Image Gallery
allow ...)
-	TODO: check
+	NOT-FOR-US: Softbiz Image Gallery
 CVE-2006-1658 (Direct static code injection vulnerability in ticker.db.php in
Chucky ...)
-	TODO: check
+	NOT-FOR-US: Chucky A. Ivey N.T.
 CVE-2006-1657 (Cross-site scripting (XSS) vulnerability in index.php in Chucky
...)
-	TODO: check
+	NOT-FOR-US: Chucky A. Ivey N.T.
 CVE-2005-4772 (Yet another Setup Tool (YaST) in SUSE Linux before 20051007
preserves ...)
-	TODO: check
+	NOT-FOR-US: YaST
 CVE-2005-4771 (Trusted Mobility Agent PC Policy in Trust Digital Trusted
Mobility ...)
-	TODO: check
+	NOT-FOR-US: Trusted Mobility Agent 
 CVE-2005-4770 (SQL injection vulnerability in an unspecified Accelerated
Enterprise ...)
-	TODO: check
+	NOT-FOR-US: Accelerated E Solutions
 CVE-2005-4769 (SQL injection vulnerability in addrbook.php in Belchior Foundry
vCard ...)
-	TODO: check
+	NOT-FOR-US: Belchior Foundry vCard
 CVE-2005-4768 (SQL injection vulnerability in manage_account.php in Tux Racer
TuxBank ...)
-	TODO: check
+	NOT-FOR-US: Tux Racer TuxBank
 CVE-2004-2655 (rdesktop 1.3.1 with xscreensaver 4.14, and possibly other
versions, ...)
 	- xscreensaver 4.18-1 (low)
 CVE-2006-XXXX [linphone insecure password leakage]