Author: micah Date: 2006-02-09 18:04:10 +0000 (Thu, 09 Feb 2006) New Revision: 3450 Modified: data/CVE/list Log: CVE ids obtained for SPIP issues, one already existed but we had marked as NOT-FOR-US for some reason Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-02-09 16:20:20 UTC (rev 3449) +++ data/CVE/list 2006-02-09 18:04:10 UTC (rev 3450) @@ -175,15 +175,12 @@ - spip <unfixed> (medium; bug #351335) CVE-2006-0517 (Multiple SQL injection vulnerabilities in ...) - spip <unfixed> (medium; bug #351334) -CVE-2006-XXXX (Input validation vulnerability in SPIP Spip_RSS.PHP) +CVE-2006-0625 (Input validation vulnerability in SPIP Spip_RSS.PHP) - spip <unfixed> (medium; bug #352076) NOTE: http://www.securityfocus.com/bid/16556 -CVE-2006-XXXX (SQL injection vulnerability in SPIP Spip_acces_doc.PHP) +CVE-2006-0626 (SQL injection vulnerability in SPIP Spip_acces_doc.PHP) - spip <unfixed> (medium; bug #352077) NOTE: http://www.securityfocus.com/bid/16551 -CVE-2006-XXXX (XSS in SPIP spip_login.php3 and spip_pass.php3) - - spip <unfixed> (medium; bug #352078) - NOTE: http://pridels.blogspot.com/2005/12/spip-xss-vuln.html CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...) NOT-FOR-US: Solaris CVE-2006-0515 @@ -1706,7 +1703,7 @@ CVE-2005-4495 (** DISPUTED ** ...) NOT-FOR-US: SpireMedia CVE-2005-4494 (Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and earlier ...) - NOT-FOR-US: SPIP + - spip <unfixed> (medium; bug #352078) CVE-2005-4493 (Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier ...) NOT-FOR-US: SpearTek CVE-2005-4492 (Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 ...)