Author: micah Date: 2006-02-04 05:35:17 +0000 (Sat, 04 Feb 2006) New Revision: 3418 Modified: data/CVE/list Log: bunch of NFUs and 3 spip issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-02-04 04:44:55 UTC (rev 3417) +++ data/CVE/list 2006-02-04 05:35:17 UTC (rev 3418) @@ -1,34 +1,42 @@ begin claim by micah CVE-2006-0530 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...) - TODO: check + NOT-FOR-US: CA Message Queuing + NOTE: CA Message Queuing is embeded in a lot of products, but they all seem + NOTE: to be commercial products (see list in referenced URL) CVE-2006-0529 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...) - TODO: check + NOT-FOR-US: CA Message Queuing + NOTE: CA Message Queuing is embeded in a lot of products, but they all seem + NOTE: to be commercial products (see list in referenced URL) CVE-2006-0528 (GNOME Evolution allows remote attackers to cause a denial of service ...) - TODO: check + - evolution 2.2.3-4 (low) + [sarge] - evolution <not-affected> (Vulnerability was apparantly introduced in 2.3.1) + [woody] - evolution <not-affected> (Vulnerability was apparantly introduced in 2.3.1) CVE-2006-0527 (Unspecified vulnerability in Berkeley Internet Name Domain (BIND) on ...) - TODO: check + NOTE: CVE says, "due to the lack of relevant details from the vendor, it is not + NOTE: known whether this is a duplicate of an existing CVE or a brand-new issue that + NOTE: applies to BIND on other operating systems." CVE-2006-0526 (The default configuration of the America Online (AOL) client software ...) - TODO: check + NOT-FOR-US: AOL CVE-2006-0525 (Multiple unspecified Adobe products install a large number of .EXE and ...) - TODO: check + NOT-FOR-US: Windows issue CVE-2006-0524 (Cross-site scripting (XSS) vulnerability in ashnews.php in Derek ...) - TODO: check + NOT-FOR-US: Derek Ashauer ashnews CVE-2006-0523 (SQL injection vulnerability in global.php in MyBB before 1.03 allows ...) - TODO: check + NOT-FOR-US: MyBB CVE-2006-0522 (SQL injection vulnerability in the Authentication Servlet in Symantec ...) - TODO: check + NOT-FOR-US: Symantec Sygate Management Server CVE-2006-0521 (Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM ...) - TODO: check + NOT-FOR-US: Browser CRM CVE-2006-0520 (SQL injection vulnerability index.php in Dragoran Portal module 1.3 ...) - TODO: check + NOT-FOR-US: Invision Power Board CVE-2006-0519 (SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows ...) - TODO: check + - spip <unfixed> (medium; bug #351336) CVE-2006-0518 (Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e ...) - TODO: check + - spip <unfixed> (medium; bug #351335) CVE-2006-0517 (Multiple SQL injection vulnerabilities in ...) - TODO: check + - spip <unfixed> (medium; bug #351334) CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...) - TODO: check + NOT-FOR-US: Solaris CVE-2006-0515 RESERVED CVE-2006-0514 @@ -36,23 +44,23 @@ CVE-2006-0513 RESERVED CVE-2006-0512 (PADL MigrationTools 46 creates temporary files insecurely, which ...) - TODO: check + NOT-FOR-US: PADL MigrationTools CVE-2006-0511 (** DISPUTED ** Blackboard Academic Suite 6.0 and earlier does not ...) - TODO: check + NOT-FOR-US: Blackboard Academic Suite CVE-2006-0510 (SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 ...) - TODO: check + NOT-FOR-US: Daffodil CVE-2006-0509 (Multiple cross-site scripting (XSS) vulnerabilities in clients.php in ...) - TODO: check + NOT-FOR-US: Cerberus Helpdesk CVE-2006-0508 (Easy CMS stores the images directory under the web document root with ...) - TODO: check + NOT-FOR-US: Easy CMS CVE-2006-0507 (Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow ...) - TODO: check + NOT-FOR-US: Easy CMS CVE-2006-0506 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-klaN ...) - TODO: check + NOT-FOR-US: Nuked-klaN CVE-2006-0505 (zbattle.net Zbattle client 1.09 SR-1 beta allows remote attackers to ...) - TODO: check + NOT-FOR-US: Zbattle CVE-2006-0504 (Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 ...) - TODO: check + NOT-FOR-US: MailEnable Enterprise Edition end claimed by micah CVE-2006-0503 (IMAP service in MailEnable Professional Edition before 1.72 allows ...) TODO: check