Author: jmm-guest Date: 2006-06-09 08:11:44 +0000 (Fri, 09 Jun 2006) New Revision: 4166 Modified: data/CVE/list Log: new asterisk issue mediawiki not-affected mozilla non-issue NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-06-08 12:28:44 UTC (rev 4165) +++ data/CVE/list 2006-06-09 08:11:44 UTC (rev 4166) @@ -1,27 +1,30 @@ CVE-2006-2899 (Unspecified vulnerability in ESTsoft InternetDISK versions before ...) - TODO: check + NOT-FOR-US: ESTsoft InternetDISK CVE-2006-2898 (Unspecified vulnerability in the IAX2 channel driver (chan_iax2) for ...) - TODO: check + - asterisk <unfixed> CVE-2006-2897 (Cross-site scripting (XSS) vulnerability in FunkBoard 0.71 allows ...) - TODO: check + NOT-FOR-US: Funkboard CVE-2006-2896 (profile.php in FunkBoard CF0.71 allows remote attackers to change ...) - TODO: check + NOT-FOR-US: Funkboard CVE-2006-2895 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to ...) - TODO: check + - mediawiki <not-affected> (Affects only 1.6.0-1.6.6) CVE-2006-2894 (Mozilla Firefox 1.5.0.4, Mozilla Suite 1.7.13, Mozilla SeaMonkey ...) - TODO: check + NOTE: There are very few scenarios, where this could be exploited + NOTE: We can probably ignore this + TODO: check further CVE-2006-2893 (index.php in GANTTy 1.0.3 allows remote attackers to obtain the full ...) + NOT-FOR-US: GANTTy TODO: check CVE-2006-2892 (Cross-site scripting (XSS) vulnerability in index.php in GANTTy 1.0.3 ...) - TODO: check + NOT-FOR-US: GANTTy CVE-2006-2891 (Cross-site scripting (XSS) vulnerability in admin/index.php for ...) - TODO: check + NOT-FOR-US: Pixelpost CVE-2006-2890 (Pixelpost 1-5rc1-2 and earlier, when register_globals is enabled, ...) - TODO: check + NOT-FOR-US: Pixelpost CVE-2006-2889 (Multiple SQL injection vulnerabilities in index.php in Pixelpost ...) - TODO: check + NOT-FOR-US: Pixelpost CVE-2006-2888 (PHP remote file inclusion vulnerability in _wk/wk_lang.php in Wikiwig ...) - TODO: check + NOT-FOR-US: Wikiwig CVE-2006-2887 (Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and ...) TODO: check CVE-2006-2886 (view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote ...)