Author: jmm-guest Date: 2006-03-17 11:03:23 +0000 (Fri, 17 Mar 2006) New Revision: 3636 Modified: data/CVE/list Log: capi4hylafax n-a NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-03-17 10:55:24 UTC (rev 3635) +++ data/CVE/list 2006-03-17 11:03:23 UTC (rev 3636) @@ -32,15 +32,14 @@ NOT-FOR-US: DSCounter CVE-2006-1233 (Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow ...) NOT-FOR-US: WMNews -begin claimed by jmm CVE-2006-1232 (Multiple SQL injection vulnerabilities in DSDownload 1.0, with ...) - TODO: check + NOT-FOR-US: DSDownload CVE-2006-1231 (CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, ...) - TODO: check + - capi4hylafax <not-affected> (Affected DEFINE not defined) CVE-2006-1230 (Multiple cross-site scripting (XSS) vulnerabilities in create.php in ...) - TODO: check + NOT-FOR-US: vCard CVE-2006-1229 (SQL injection vulnerability in search.asp in Hosting Controller 6.1 ...) - TODO: check + NOT-FOR-US: Hosting Controller CVE-2006-1228 (Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x ...) - drupal 4.5.8-1 CVE-2006-1227 (Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is ...) @@ -50,40 +49,40 @@ CVE-2006-1225 (CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x ...) - drupal 4.5.8-1 CVE-2006-1224 (Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows ...) - TODO: check + NOT-FOR-US: GuppY CVE-2006-1223 (Cross-site scripting (XSS) vulnerability in Jupiter Content Manager ...) - TODO: check + NOT-FOR-US: Jupiter Content Manager CVE-2006-1222 (Multiple cross-site scripting (XSS) vulnerabilities in zeroboard 4.1 ...) - TODO: check + NOT-FOR-US: zeroboard CVE-2006-1221 (Untrusted search path vulnerability in the TrueVector service ...) - TODO: check + NOT-FOR-US: TrueVector CVE-2005-4730 (Unspecified vulnerability in PEAR Text_Password 1.0 has unknown impact ...) - TODO: check + TODO: Someone please check, if this is included in the standard PEAR packages CVE-2006-XXXX [Insufficient filename sanitising in darcsweb] - darcsweb 0.15-1 CVE-2006-1220 (Integer overflow in the mach_msg_send function in the kernel for Mac ...) - TODO: check + NOT-FOR-US: MacOS X CVE-2006-1219 (Directory traversal vulnerability in Gallery 2.0.3 and earlier, and ...) - gallery2 2.0.4-1 CVE-2006-1218 (Unspecified vulnerability in the HTTP proxy in Novell BorderManager ...) - TODO: check + NOT-FOR-US: Novell BorderManager CVE-2006-1217 (SQL injection vulnerability in DSPoll 1.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: DSPoll CVE-2006-1216 (Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x ...) - TODO: check + NOT-FOR-US: Runcms CVE-2006-1215 (Cross-site scripting (XSS) vulnerability in misc.php in Woltlab ...) - TODO: check + NOT-FOR-US: Woltlab BB CVE-2006-1214 (UnrealIRCd 3.2.3 allows remote attackers to cause an unspecified ...) - TODO: check + NOT-FOR-US: UnrealIRCd CVE-2006-1213 (JiRo''s Banner System Experience and Professional 1.0 and earlier ...) - TODO: check + NOT-FOR-US: JiRo''s Banner System Experience and Professional CVE-2006-1212 (Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows ...) - TODO: check + NOT-FOR-US: CoreNews CVE-2006-1211 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL ...) - TODO: check + NOT-FOR-US: Tivoli CVE-2006-1210 (The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 ...) - TODO: check -end claimed by jmm + NOT-FOR-US: Tivoli +begin claimed by jmm CVE-2006-1209 (PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive ...) TODO: check CVE-2006-1208 (Sergey Korostel PHP Upload Center allows remote attackers to execute ...) @@ -140,6 +139,7 @@ TODO: check CVE-2006-1182 (Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe ...) TODO: check +end claimed by jmm CVE-2006-1181 RESERVED CVE-2006-1180