Author: jmm-guest Date: 2006-01-16 11:47:13 +0000 (Mon, 16 Jan 2006) New Revision: 3301 Modified: data/CVE/list Log: two resolved bogofilter issues some NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-01-16 10:37:16 UTC (rev 3300) +++ data/CVE/list 2006-01-16 11:47:13 UTC (rev 3301) @@ -396,7 +396,7 @@ CVE-2006-0055 (The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable ...) TODO: check CVE-2006-0054 (The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to ...) - TODO: check + NOT-FOR-US: FreeBSD CVE-2005-4604 (Buffer overflow in MTink in the printer-filters-utils package allows ...) - mtink <not-affected> (mtink not installed SUID root) CVE-2005-4603 (Cross-site scripting (XSS) vulnerability in printthread.php in MyBB ...) @@ -420,9 +420,10 @@ CVE-2005-4593 (PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and ...) NOT-FOR-US: phpDocumentor CVE-2005-4592 (Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows ...) - TODO: check + - bogofilter 0.96.3 + [sarge] - bogofilter <not-affected> (Only some 0.96 CVS versions were affected) CVE-2005-4591 (Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, ...) - TODO: check + - bogofilter 0.96.3 CVE-2005-4590 (Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on ...) NOT-FOR-US: Spb Kiosk Engine CVE-2005-4589 (Spb Kiosk Engine 1.0.0.1 stores the administrator''s passcode in the ...) @@ -719,7 +720,7 @@ [sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present) [sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present) CVE-2006-0035 (The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.15 ...) - TODO: check + - linux-2.6 <unfixed> CVE-2006-0019 RESERVED CVE-2005-4474 (Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows ...) @@ -1926,7 +1927,7 @@ CVE-2006-0021 RESERVED CVE-2006-0020 (An unspecified Microsoft WMF parsing application allows attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2006-0018 REJECTED CVE-2005-3961 (WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar ...) @@ -2689,7 +2690,7 @@ CVE-2006-0011 RESERVED CVE-2006-0010 (Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2006-0009 RESERVED CVE-2006-0008 @@ -2705,25 +2706,25 @@ CVE-2006-0003 RESERVED CVE-2006-0002 (Unspecified vulnerability in Microsoft Outlook 200 through 2003, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2006-0001 RESERVED CVE-2005-3714 (The network interface for Apple AirPort Express 6.x before Firmware ...) NOT-FOR-US: Apple AirPort CVE-2005-3713 (Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows ...) - TODO: check + NOT-FOR-US: Apple Quicktime CVE-2005-3712 RESERVED CVE-2005-3711 (Integer overflow in Apple Quicktime before 7.0.4 allows remote ...) - TODO: check + NOT-FOR-US: Apple Quicktime CVE-2005-3710 (Integer overflow in Apple Quicktime before 7.0.4 allows remote ...) - TODO: check + NOT-FOR-US: Apple Quicktime CVE-2005-3709 (Integer underflow in Apple Quicktime before 7.0.4 allows remote ...) - TODO: check + NOT-FOR-US: Apple Quicktime CVE-2005-3708 (Integer overflow in Apple Quicktime before 7.0.4 allows remote ...) - TODO: check + NOT-FOR-US: Apple Quicktime CVE-2005-3707 (Buffer overflow in Apple Quicktime before 7.0.4 allows remote ...) - TODO: check + NOT-FOR-US: Apple Quicktime CVE-2005-3706 RESERVED CVE-2005-3705 (Heap-based buffer overflow in WebKit in Mac OS X and OS X Server ...)