Author: jmm-guest
Date: 2005-11-18 10:23:51 +0000 (Fri, 18 Nov 2005)
New Revision: 2783
Modified:
data/CVE/list
Log:
scorched3d CVEfied
lots of n-f-us
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-11-18 10:12:30 UTC (rev 2782)
+++ data/CVE/list 2005-11-18 10:23:51 UTC (rev 2783)
@@ -337,84 +337,82 @@
RESERVED
CVE-2005-3525
RESERVED
-begin claimed by jmm
CVE-2005-3522 (Cross-site scripting (XSS) vulnerability in index.jsp in
ManageEngine ...)
- TODO: check
+ NOT-FOR-US: ManageEngine NetflowAnalyzer
CVE-2005-3521 (SQL injection vulnerability in resetcore.php in e107 0.617
through ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2005-3520 (Multiple cross-site scripting (XSS) vulnerabilities in MySource
2.14.0 ...)
- TODO: check
+ NOT-FOR-US: MySource
CVE-2005-3519 (Multiple PHP file inclusion vulnerabilities in MySource 2.14.0
allow ...)
- TODO: check
+ NOT-FOR-US: MySource
CVE-2005-3518 (SQL injection vulnerability in search.php in PunBB 1.2.7 and
1.2.8 ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2005-3517 (Chipmunk Scripts Guestbook allows remote attackers to obtain the
...)
- TODO: check
+ NOT-FOR-US: Chipmunk Scripts Guestbook
CVE-2005-3516 (Cross-site scripting (XSS) vulnerability in recommend.php in
Chipmunk ...)
- TODO: check
+ NOT-FOR-US: Chipmunk Directory
CVE-2005-3515 (Cross-site scripting (XSS) vulnerability in recommend.php in
Chipmunk ...)
- TODO: check
+ NOT-FOR-US: Chipmunk Topsites
CVE-2005-3514 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk
Forum ...)
- TODO: check
+ NOT-FOR-US: Chipmunk Forum
CVE-2005-3513 (index.php in VUBB alpha rc1 allows remote attackers to obtain
the ...)
- TODO: check
+ NOT-FOR-US: VUBB
CVE-2005-3512 (Cross-site scripting (XSS) vulnerability in index.php in VUBB
alpha ...)
- TODO: check
+ NOT-FOR-US: VUBB
CVE-2005-3511 (Multiple cross-site scripting (XSS) vulnerabilities in Spymac
Web OS ...)
- TODO: check
+ NOT-FOR-US: Spymac Web OS
CVE-2005-3510 (Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a
...)
- TODO: check
+ - tomcat5 <not-affected> (Debian''s 5.0 version is not
vulnerable)
CVE-2005-3509 (Multiple SQL injection vulnerabilities in JPortal allow remote
...)
- TODO: check
+ NOT-FOR-US: JPortal
CVE-2005-3508 (SQL injection vulnerability in showGallery.php in Gallery
(Galerie) ...)
TODO: check
CVE-2005-3507 (Directory traversal vulnerability in CuteNews 1.4.1 allows
remote ...)
- TODO: check
+ NOT-FOR-US: CuteNews
CVE-2005-3506 (Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar
Server ...)
- TODO: check
+ NOT-FOR-US: Sambar
CVE-2005-3505 (Cross-site scripting (XSS) vulnerability in the Entropy Chat
script in ...)
- TODO: check
+ NOT-FOR-US: Entropy Chat Script
CVE-2005-3504 (Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is
...)
- TODO: check
+ NOT-FOR-US: AIX
CVE-2005-3503 (chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly
other ...)
- TODO: check
+ NOT-FOR-US: SuSE fork of passwd
CVE-2005-3502 (attachment_send.php in Cerberus Helpdesk allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: Cerberus Helpdesk
CVE-2005-3499 (Frisk F-Prot Antivirus allows remote attackers to bypass
protection ...)
- TODO: check
+ NOT-FOR-US: F-Prot Antivirus
CVE-2005-3498 (IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x
before ...)
- TODO: check
+ NOT-FOR-US: WebSphere
CVE-2005-3497 (SQL injection vulnerability in process_signup.php in PHP
Handicapper ...)
- TODO: check
+ NOT-FOR-US: PHP Handicapper
CVE-2005-3496 (Multiple cross-site scripting (XSS) vulnerabilities in PHP
Handicapper ...)
- TODO: check
+ NOT-FOR-US: PHP Handicapper
CVE-2005-3495 (Ar-blog 5.2 and earlier allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: Ar-blog
CVE-2005-3494 (Cross-site scripting (XSS) vulnerability in Ar-blog 5.2 and
earlier ...)
- TODO: check
+ NOT-FOR-US: Ar-blog
CVE-2005-3493 (Battle Carry .005 and earlier allows remote attackers to cause a
...)
- TODO: check
+ NOT-FOR-US: Battle Carry
CVE-2005-3492 (FlatFrag 0.3 and earlier allows remote attackers to cause a
denial of ...)
- TODO: check
+ NOT-FOR-US: FlatFrag
CVE-2005-3491 (Multiple buffer overflows in the receiver function in loop.c in
...)
- TODO: check
+ NOT-FOR-US: FlatFrag
CVE-2005-3490 (Directory traversal vulnerability in the web server in Asus
Video ...)
- TODO: check
+ NOT-FOR-US: Asus Video Security
CVE-2005-3489 (Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when
using ...)
- TODO: check
+ NOT-FOR-US: Asus Video Security
CVE-2005-3488 (Scorched 3D 39.1 (bf) and earlier allows remote attackers to
cause a ...)
- TODO: check
+ - scorched3d <unfixed> (bug #337403; medium)
CVE-2005-3487 (Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier
allow ...)
- TODO: check
+ - scorched3d <unfixed> (bug #337403; medium)
CVE-2005-3486 (Multiple format string vulnerabilities in Scorched 3D 39.1 (bf)
and ...)
- TODO: check
+ - scorched3d <unfixed> (bug #337403; medium)
CVE-2005-3485 (Buffer overflow in Glider Collect''n kill 1.0.0.0 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Glider Collect''n kill
CVE-2005-3484 (Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier
...)
- TODO: check
+ NOT-FOR-US: NeroNET
CVE-2005-3483 (Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier
allows ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: GO-Global
CVE-2004-2540 (readObject in (1) Java Runtime Environment (JRE) and (2)
Software ...)
TODO: check
CVE-2003-1283 (KaZaA Media Desktop (KMD) 2.0 launches advertisements in the
Internet ...)
@@ -723,8 +721,6 @@
CVE-2005-3501 (The cabd_find function in cabd.c of the the libmspack library
(mspack) ...)
{DSA-887-1 DTSA-21-1}
- clamav 0.87.1-1 (medium)
-CVE-2005-XXXX [Multiple security issues in Scorched 3D]
- - scorched3d <unfixed> (bug #337403; medium)
CVE-2005-3482 (Cisco 1200, 1131, and 1240 series Access Points, when operating
in ...)
NOT-FOR-US: Cisco hardware
CVE-2005-3481 (Cisco IOS 12.0 to 12.4 might allow remote attackers to execute
...)