Author: stef-guest
Date: 2006-04-30 19:47:36 +0000 (Sun, 30 Apr 2006)
New Revision: 3899
Modified:
data/CVE/list
Log:
gcc issue
amaya issue
new phpbb2 issues
some NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-04-30 19:06:01 UTC (rev 3898)
+++ data/CVE/list 2006-04-30 19:47:36 UTC (rev 3899)
@@ -261,38 +261,36 @@
NOT-FOR-US: AnimeGenesis Gallery
CVE-2006-1903 (Multiple cross-site scripting (XSS) vulnerabilities in UserLand
Manila ...)
NOT-FOR-US: UserLand Manila
-begin claimed by stef-guest
CVE-2006-1902 (fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1
...)
- TODO: check
+ - gcc-4.1 (bug #356896; low)
CVE-2006-1901 (Mozilla Camino 1.0 and earlier allow remote attackers to cause a
...)
- TODO: check
+ NOT-FOR-US: Mozilla Camino
CVE-2006-1900 (Multiple buffer overflows in World Wide Web Consortium (W3C)
Amaya ...)
- TODO: check
+ - amaya <unfixed> (bug #362575; medium)
CVE-2006-1899 (Multiple cross-site scripting (XSS) vulnerabilities in dev
Neuron Blog ...)
- TODO: check
+ NOT-FOR-US: Neuron Blog
CVE-2006-1898 (Multiple cross-site scripting (XSS) vulnerabilities in Ralph
Capper ...)
- TODO: check
+ NOT-FOR-US: Tiny PHP Forum
CVE-2006-1897 (Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for
"Script ...)
- TODO: check
+ NOT-FOR-US: Webplus (aka talentsoft) Web+Shop
CVE-2006-1896 (Unspecified vulnerability in phpBB allows remote authenticated
users ...)
- TODO: check
+ - phpbb2 <unfixed> (bug filed; medium)
CVE-2006-1895 (Direct static code injection vulnerability in
includes/template.php in ...)
- TODO: check
+ - phpbb2 <unfixed> (bug filed; medium)
CVE-2006-1894 (Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as
derived ...)
- TODO: check
+ NOT-FOR-US: RevoBoard / PunBB
CVE-2006-1893 (Cross-site scripting (XSS) vulnerability in print.php in ar-blog
5.2 ...)
- TODO: check
+ NOT-FOR-US: ar-blog
CVE-2006-1892 (avast! 4 Linux Home Edition 1.0.5 allows local users to modify
...)
- TODO: check
+ NOT-FOR-US: avast! 4 Linux Home Edition
CVE-2006-1891 (Cross-site scripting (XSS) vulnerability in Martin Scheffler
betaboard ...)
- TODO: check
+ NOT-FOR-US: betaboard
CVE-2006-1890 (Multiple PHP remote file inclusion vulnerabilities in myWebland
...)
- TODO: check
+ NOT-FOR-US: myWebland
CVE-2006-1889 (Cross-site scripting (XSS) vulnerability in the search action
handler ...)
- TODO: check
+ NOT-FOR-US: Boardsolution
CVE-2006-1888 (phpGraphy 0.9.11 and earlier allows remote attackers to bypass
...)
- TODO: check
-end claimed by stef-guest
+ NOT-FOR-US: phpGraphy
CVE-2006-1887 (Unspecified vulnerability in Oracle JD Edwards EnterpriseOne
Security ...)
NOT-FOR-US: Oracle JD Edwards EnterpriseOne
CVE-2006-1886 (Unspecified vulnerability in the PeopleTools component in Oracle
...)
@@ -1877,7 +1875,7 @@
CVE-2006-1248 (Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11,
and ...)
NOT-FOR-US: HP-UX
CVE-2006-1247 (rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0
allows ...)
- TODO: check
+ NOT-FOR-US: AIX
CVE-2006-1246 (Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX
5.3 ...)
NOT-FOR-US: AIX
CVE-2006-1245 (Buffer overflow in mshtml.dll in Microsoft Internet Explorer
...)
@@ -2987,7 +2985,7 @@
CVE-2006-0751 (Multiple unspecified vulnerabilities in the (1) Filesystem in
...)
TODO: check
CVE-2006-0750 (SQL injection vulnerability in index.php in supersmashbrothers
(SSB) ...)
- TODO: check
+ NOT-FOR-US: supersmashbrothers
CVE-2006-0749 (Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before
1.0.8, ...)
{DSA-1046-1 DSA-1044-1}
- firefox <unfixed> (low)
@@ -3716,7 +3714,7 @@
CVE-2005-4683 (PADL MigrationTools 46, when a failure occurs, stores contents
of ...)
- migrationtools 46-2.1 (bug #338920; medium)
CVE-2005-4682 (Cross-site scripting (XSS) vulnerability in error.asp in
AudienceView ...)
- TODO: check
+ NOT-FOR-US: AudienceView
CVE-2005-4681 (** DISPUTED ** Buffer overflow in mIRC 5.91, 6.03, 6.12, and
6.16 ...)
TODO: check
CVE-2005-4680 (Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before
4.6.9, ...)
@@ -3904,7 +3902,7 @@
{DSA-989-1}
- zoph 0.5-1 (bug #350717)
CVE-2006-0401 (Unspecified vulnerability in Mac OS X before 10.4.6, when
running on ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2006-0400 (CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote
attackers ...)
NOT-FOR-US: Apple
CVE-2006-0399 (Unspecified vulnerability in Safari, LaunchServices, and/or
CoreTypes ...)
@@ -7570,9 +7568,9 @@
[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was
introduced later)
NOTE:
http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-3527?op=file&rev=0&sc=0
CVE-2005-3526 (Buffer overflow in the IMAP daemon in Ipswitch Collaboration
Suite ...)
- TODO: check
+ NOT-FOR-US: Ipswitch Collaboration Suite
CVE-2005-3525 (Stack-based buffer overflow in an ActiveX control for the
installer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2005-3522 (Cross-site scripting (XSS) vulnerability in index.jsp in
ManageEngine ...)
NOT-FOR-US: ManageEngine NetflowAnalyzer
CVE-2005-3521 (SQL injection vulnerability in resetcore.php in e107 0.617
through ...)
@@ -8694,7 +8692,7 @@
- ethereal 0.10.13-1 (bug #334880; medium)
NOTE: The ISAKMP issue only affects sid, the other three Woody and Sarge
CVE-2005-3240 (Race condition in Microsoft Internet Explorer allows
user-complicit ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2005-3238 (Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket
Option ...)
NOT-FOR-US: Solaris
CVE-2005-3257 (The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and
...)