Author: joeyh Date: 2005-12-10 09:14:18 +0000 (Sat, 10 Dec 2005) New Revision: 2994 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-12-09 21:14:22 UTC (rev 2993) +++ data/CVE/list 2005-12-10 09:14:18 UTC (rev 2994) @@ -1,3 +1,98 @@ +CVE-2005-4141 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...) + TODO: check +CVE-2005-4140 (SQL injection vulnerability in admin/login/index.php in Website Baker ...) + TODO: check +CVE-2005-4139 (Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 ...) + TODO: check +CVE-2005-4138 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard before ...) + TODO: check +CVE-2005-4137 (SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows ...) + TODO: check +CVE-2005-4136 (Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 ...) + TODO: check +CVE-2005-4135 (Direct static code injection vulnerability in includes/newtopic.php in ...) + TODO: check +CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon up to 0.9 ...) + TODO: check +CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web ...) + TODO: check +CVE-2005-4132 (Unspecified "security leak" vulnerability in Contenido before 4.6.4, ...) + TODO: check +CVE-2005-4131 (** UNVERIFIABLE, PRERELEASE ** ...) + TODO: check +CVE-2005-4130 (** UNVERIFIABLE, PRERELEASE ** ...) + TODO: check +CVE-2005-4129 + REJECTED + TODO: check +CVE-2005-4128 (** UNVERIFIABLE, PRERELEASE ** ...) + TODO: check +CVE-2005-4127 (** UNVERIFIABLE, PRERELEASE ** ...) + TODO: check +CVE-2005-4126 (** UNVERIFIABLE, PRERELEASE ** ...) + TODO: check +CVE-2005-4125 + RESERVED +CVE-2005-4124 + RESERVED +CVE-2005-4123 + RESERVED +CVE-2005-4122 + RESERVED +CVE-2005-4121 + RESERVED +CVE-2005-4120 + RESERVED +CVE-2005-4119 + RESERVED +CVE-2005-4118 + RESERVED +CVE-2005-4117 + RESERVED +CVE-2005-4116 + RESERVED +CVE-2005-4115 + RESERVED +CVE-2005-4114 + RESERVED +CVE-2005-4113 + RESERVED +CVE-2005-4112 + RESERVED +CVE-2005-4111 + RESERVED +CVE-2005-4110 + RESERVED +CVE-2005-4109 + RESERVED +CVE-2005-4108 + RESERVED +CVE-2005-4107 + RESERVED +CVE-2005-4106 + RESERVED +CVE-2005-4105 + RESERVED +CVE-2005-4104 + RESERVED +CVE-2005-4103 + RESERVED +CVE-2005-4102 + RESERVED +CVE-2005-4101 + RESERVED +CVE-2005-4100 + RESERVED +CVE-2005-4099 + RESERVED +CVE-2005-4098 + RESERVED +CVE-2005-4097 + RESERVED +CVE-2005-4096 + RESERVED +CVE-2004-2650 (Spooler in Apache Foundation James 2.2.0 allows local users to cause a ...) + TODO: check CVE-2005-4095 (Directory traversal vulnerability in connector.php in the ...) NOT-FOR-US: DoceboLMS CVE-2005-4094 (connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows ...) @@ -4,7 +99,7 @@ NOT-FOR-US: DoceboLMS CVE-2005-4093 (Unspecified vulnerability in Check Point VPN-1 SecureClient NG with ...) NOT-FOR-US: Check Point -CVE-2005-4092 (Heap-based buffer overflow in Apple QuickTime Player 7.0.3 and iTunes ...) +CVE-2005-4092 (** UNVERIFIABLE, PRERELEASE ** ...) NOT-FOR-US: Apple QuickTime CVE-2005-4091 (Cross-site scripting (XSS) vulnerability in 1search.cgi in 1-Script ...) NOT-FOR-US: 1-Script 1-Search @@ -825,7 +920,7 @@ - phpgroupware 0.9.14.007 CVE-2005-3848 (Memory leak in the icmp_push_reply function in Linux 2.6 before ...) [sarge] - kernel-source-2.6.8 2.6.8-16sarge2 -CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel before ...) +CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up ...) [sarge] - kernel-source-2.6.8 2.6.8-16sarge2 CVE-2005-3849 (Cross-site scripting (XSS) vulnerability in the Search module in ...) - pmwiki <itp> (bug #330117) @@ -1403,7 +1498,7 @@ NOT-FOR-US: ATutor CVE-2005-3562 (Direct code injection vulnerability in ATutor 1.5.1 allows remote ...) NOT-FOR-US: ATutor -CVE-2005-3561 (SQL injection vulnerability in password_reminder.php in ATutor before ...) +CVE-2005-3561 ( ...) NOT-FOR-US: ATutor CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite ...) NOT-FOR-US: Zone Labs @@ -6193,9 +6288,9 @@ NOT-FOR-US: MailEnable CVE-2005-2222 (Unknown vulnerability in the HTTPMail service in MailEnable Professional ...) NOT-FOR-US: MailEnable -CVE-2005-2221 (** DISPUTED ** Multiple SQL injection vulnerabilities in Dragonfly ...) +CVE-2005-2221 (** DISPUTED ** ...) NOT-FOR-US: Dragonfly -CVE-2005-2220 (** DISPUTED ** Dragonfly Commerce allows remote attackers to change a ...) +CVE-2005-2220 (** DISPUTED ** ...) NOT-FOR-US: Dragonfly CVE-2005-2219 (Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to ...) NOT-FOR-US: Hosting Controller @@ -10803,7 +10898,7 @@ NOT-FOR-US: SurgeFTP CVE-2005-1033 (CubeCart 2.0.6 allows remote attackers to obtain sensitive information ...) NOT-FOR-US: CubeCart -CVE-2005-1032 (** DISPUTED ** NOTE: the vendor has disputed this issue. SQL ...) +CVE-2005-1032 (** DISPUTED ** ...) NOT-FOR-US: LiteCommerce CVE-2005-1031 (RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), ...) NOT-FOR-US: exoops