Author: jmm-guest Date: 2005-12-11 16:34:36 +0000 (Sun, 11 Dec 2005) New Revision: 3001 Modified: data/CVE/list Log: one new unimportant firefox issue several NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-12-11 16:24:11 UTC (rev 3000) +++ data/CVE/list 2005-12-11 16:34:36 UTC (rev 3001) @@ -1,37 +1,38 @@ begin claimed by jmm CVE-2005-4141 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...) - TODO: check + NOT-FOR-US: ASPMForum CVE-2005-4140 (SQL injection vulnerability in admin/login/index.php in Website Baker ...) - TODO: check + NOT-FOR-US: Website Baker CVE-2005-4139 (Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 ...) - TODO: check + NOT-FOR-US: ThWboard CVE-2005-4138 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard before ...) - TODO: check + NOT-FOR-US: ThWboard CVE-2005-4137 (SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows ...) - TODO: check + NOT-FOR-US: DRZES HMS CVE-2005-4136 (Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 ...) - TODO: check + NOT-FOR-US: DRZES HMS CVE-2005-4135 (Direct static code injection vulnerability in includes/newtopic.php in ...) - TODO: check + NOT-FOR-US: SimpleBBS CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon up to 0.9 ...) - TODO: check + - mozilla-firefox <unfixed> (unimportant) + NOTE: Not exploitable beyond a sluggish browser startup, see + NOTE: http://www.mozilla.org/security/history-title.html CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web ...) - TODO: check + NOT-FOR-US: Solaris CVE-2005-4132 (Unspecified "security leak" vulnerability in Contenido before 4.6.4, ...) - TODO: check + NOT-FOR-US: Contenido CVE-2005-4131 (** UNVERIFIABLE, PRERELEASE ** ...) - TODO: check + NOT-FOR-US: Excel CVE-2005-4130 (** UNVERIFIABLE, PRERELEASE ** ...) - TODO: check + TODO: Once dislosed, check, whether this affects Helix CVE-2005-4129 REJECTED - TODO: check CVE-2005-4128 (** UNVERIFIABLE, PRERELEASE ** ...) - TODO: check + NOT-FOR-US: Apple Quicktime CVE-2005-4127 (** UNVERIFIABLE, PRERELEASE ** ...) - TODO: check + NOT-FOR-US: iTunes CVE-2005-4126 (** UNVERIFIABLE, PRERELEASE ** ...) - TODO: check + TODO: Once dislosed, check, whether this affects Helix CVE-2005-4125 RESERVED CVE-2005-4124 @@ -93,8 +94,7 @@ CVE-2005-4096 RESERVED CVE-2004-2650 (Spooler in Apache Foundation James 2.2.0 allows local users to cause a ...) - TODO: check -end claimed by jmm + NOT-FOR-US: Apache James CVE-2005-4095 (Directory traversal vulnerability in connector.php in the ...) NOT-FOR-US: DoceboLMS CVE-2005-4094 (connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows ...)