Author: jmm-guest Date: 2006-01-25 13:49:10 +0000 (Wed, 25 Jan 2006) New Revision: 3366 Modified: data/CVE/list Log: new issues in gallery and ecartis unimportant typo3 issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-01-25 13:40:42 UTC (rev 3365) +++ data/CVE/list 2006-01-25 13:49:10 UTC (rev 3366) @@ -89,17 +89,18 @@ CVE-2006-0333 (Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote ...) TODO: check CVE-2006-0332 (Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments ...) - TODO: check + - ecartis <unfixed> (medium; bug #348824) CVE-2006-0331 (Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin ...) TODO: check CVE-2006-0330 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 ...) - TODO: check + - gallery 1.5.2-1 CVE-2006-0329 (SQL injection vulnerability in HITSENSER Data Mart Server BS, BS-S, ...) TODO: check CVE-2006-0328 (Format string vulnerability in Tftpd32 2.81 allows remote attackers to ...) TODO: check CVE-2006-0327 (TYPO3 3.7.1 allows remote attackers to obtain sensitive information ...) - TODO: check + - typo3-src <unfixed> (unimportant) + NOTE: Only path disclosure CVE-2006-0326 RESERVED CVE-2006-0325 (Etomite Content Management System 0.6, and possibly earlier versions, ...) @@ -14106,7 +14107,7 @@ CVE-2005-0659 (phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive ...) - phpbb2 <unfixed> (unimportant) CVE-2005-0658 (SQL injection vulnerability in a third party extension to TYPO3 allows ...) - NOT-FOR-US: Typo3 + NOT-FOR-US: Typo3 extension CVE-2005-0657 (Directory traversal vulnerability in Computalynx CProxy 3.3.x and ...) NOT-FOR-US: Computalynx CProxy CVE-2005-0656 (Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 ...)