Author: joeyh Date: 2006-04-12 21:14:27 +0000 (Wed, 12 Apr 2006) New Revision: 3790 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-12 20:10:22 UTC (rev 3789) +++ data/CVE/list 2006-04-12 21:14:27 UTC (rev 3790) @@ -1,3 +1,71 @@ +CVE-2006-1709 (Cross-site scripting (XSS) vulnerability in shop_main.cgi in ...) + TODO: check +CVE-2006-1708 (SQL injection vulnerability in member.php in Clansys 1.1 allows remote ...) + TODO: check +CVE-2006-1707 (index.php in Shopweezle 2.0 allows remote attackers to include ...) + TODO: check +CVE-2006-1706 (Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote ...) + TODO: check +CVE-2006-1705 (Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" ...) + TODO: check +CVE-2006-1704 (Sire 2.0 nws allows remote attackers to upload arbitrary image files ...) + TODO: check +CVE-2006-1703 (PHP remote file inclusion vulnerability in lire.php in Sire 2.0 nws ...) + TODO: check +CVE-2006-1702 (PHP remote file inclusion vulnerability in spip_login.php3 in SPIP ...) + TODO: check +CVE-2006-1701 (Cross-site scripting (XSS) vulnerability in the Pages module in ...) + TODO: check +CVE-2006-1700 (Buy.php in Aweb Scripts Seller uses predictable cookies for ...) + TODO: check +CVE-2006-1699 (Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner ...) + TODO: check +CVE-2006-1698 (Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook ...) + TODO: check +CVE-2006-1697 (Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook ...) + TODO: check +CVE-2006-1696 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 ...) + TODO: check +CVE-2006-1695 (The fbgs script in the fbi package 2.01-1.4, when the TMPDIR ...) + TODO: check +CVE-2006-1694 (SQL injection vulnerability in members.php in XBrite Members 1.1 and ...) + TODO: check +CVE-2006-1693 (Unspecified vulnerability in GlobalSCAPE Secure FTP Server before ...) + TODO: check +CVE-2006-1692 (Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow ...) + TODO: check +CVE-2006-1691 (SQL injection vulnerability in MWNewsletter 1.0.0b allows remote ...) + TODO: check +CVE-2006-1690 (Cross-site scripting (XSS) vulnerability in subscribe.php in ...) + TODO: check +CVE-2006-1689 (Unspecified vulnerability in su in HP HP-UX B.11.11, when using the ...) + TODO: check +CVE-2006-1688 (Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and ...) + TODO: check +CVE-2006-1687 (Cross-site scripting (XSS) vulnerability in APT-webshop-system 4.0 ...) + TODO: check +CVE-2006-1686 (Unspecified vulnerability in modules.php in APT-webshop-system 4.0 ...) + TODO: check +CVE-2006-1685 (Multiple SQL injection vulnerabilities in modules.php in ...) + TODO: check +CVE-2006-1684 (Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier ...) + TODO: check +CVE-2006-1683 (SQL injection vulnerability in admin/login.php in Chipmunk Guestbook ...) + TODO: check +CVE-2006-1682 (Cross-site scripting (XSS) vulnerability in webplus.exe in TalentSoft ...) + TODO: check +CVE-2006-1681 (Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and ...) + TODO: check +CVE-2006-1680 (Jupiter CMS 1.1.5, when display_errors is enabled, allows remote ...) + TODO: check +CVE-2006-1679 (Cross-site scripting (XSS) vulnerability in modules/online.php Jupiter ...) + TODO: check +CVE-2006-1678 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...) + TODO: check +CVE-2006-1677 (MAXdev MD-Pro 1.0.73 and 1.0.72 allows remote attackers to obtain the ...) + TODO: check +CVE-2006-1676 (SQL injection vulnerability in the display function in the Topics ...) + TODO: check CVE-2006-XXXX [Insecure temp files in fbgs] - fbi <unfixed> (bug #361370) CVE-2006-XXXX [Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service] @@ -284,8 +352,7 @@ NOT-FOR-US: Apple CVE-2006-1551 RESERVED -CVE-2006-1549 [function *() php/apache Crash] - RESERVED +CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation ...) - php4 <unfixed> (bug #361854) - php5 <unfixed> (bug #361917) CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 ...) @@ -1412,8 +1479,8 @@ - curl 7.15.3-1 [woody] - curl <not-affected> (Vulnerable code not present) [sarge] - curl <not-affected> (Vulnerable code not present) -CVE-2006-1060 - RESERVED +CVE-2006-1060 (Heap-based buffer overflow in xzgv allows user-complicit attackers to ...) + TODO: check CVE-2006-1059 (The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine ...) - samba 3.0.22-1 [woody] - samba <not-affected>