Author: joeyh
Date: 2006-06-14 09:14:26 +0000 (Wed, 14 Jun 2006)
New Revision: 4207
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-06-14 08:48:15 UTC (rev 4206)
+++ data/CVE/list 2006-06-14 09:14:26 UTC (rev 4207)
@@ -1,3 +1,7 @@
+CVE-2006-3010 (Multiple SQL injection vulnerabilities in Open Business
Management ...)
+ TODO: check
+CVE-2006-3009 (Multiple cross-site scripting (XSS) vulnerabilities in Open
Business ...)
+ TODO: check
CVE-2006-3008 (SQL injection vulnerability in index.php in Particle Links 1.2.2
...)
TODO: check
CVE-2006-3007 (Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast
1.9.5 ...)
@@ -593,6 +597,7 @@
CVE-2006-2763 (SQL injection vulnerability in Pre News Manager 1.0 allows
remote ...)
NOT-FOR-US: Pre News Manager
CVE-2006-2762 (PHP remote file inclusion vulnerability in includes/config.php
in ...)
+ {DSA-1096-1}
- webcalendar 1.0.4-1 (medium)
CVE-2006-2761 (SQL injection vulnerability in Hitachi HITSENSER3
HITSENSER3/PRP, ...)
NOT-FOR-US: Hitachi
@@ -796,8 +801,8 @@
CVE-2006-2661 (ftutil.c in Freetype before 2.2 allows remote attackers to cause
a ...)
{DSA-1095-1}
- freetype 2.2.1-1 (medium)
-CVE-2006-2660
- RESERVED
+CVE-2006-2660 (Buffer consumption vulnerability in the tempnam function in PHP
5.1.4 ...)
+ TODO: check
CVE-2006-2658
RESERVED
CVE-2006-2657
@@ -1188,7 +1193,7 @@
CVE-2005-1752 (viewFile.php in the scm component of Gforge before 4.0 allows
remote ...)
- gforge 3.1-30
NOTE: viewFile.php disabled in 3.1-30
-CVE-2006-2492 (Buffer overflow in Microsoft Word XP and Word 2003 allows ...)
+CVE-2006-2492 (Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP
SP3, ...)
NOT-FOR-US: Microsoft
CVE-2006-2491 (Cross-site scripting (XSS) vulnerability in (1) index.php and
(2) ...)
NOT-FOR-US: BoastMachine
@@ -1405,38 +1410,38 @@
RESERVED
CVE-2006-2386
RESERVED
-CVE-2006-2385
- RESERVED
-CVE-2006-2384
- RESERVED
-CVE-2006-2383
- RESERVED
-CVE-2006-2382
- RESERVED
+CVE-2006-2385 (Unspecified vulnerability in Microsoft Internet Explorer 5.01
SP4 and ...)
+ TODO: check
+CVE-2006-2384 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier
allows ...)
+ TODO: check
+CVE-2006-2383 (Unspecified vulnerability in Microsoft Internet Explorer 5.01
SP4 and ...)
+ TODO: check
+CVE-2006-2382 (Heap-based buffer overflow in Microsoft Internet Explorer 5.01
SP4 and ...)
+ TODO: check
CVE-2006-2381
RESERVED
-CVE-2006-2380
- RESERVED
-CVE-2006-2379
- RESERVED
-CVE-2006-2378
- RESERVED
+CVE-2006-2380 (Microsoft Windows XP SP1 and SP2, Server 2003 SP1 and earlier,
Windows ...)
+ TODO: check
+CVE-2006-2379 (Buffer overflow in the TCP/IP Protocol driver in Microsoft
Windows ...)
+ TODO: check
+CVE-2006-2378 (Buffer overflow in the ART Image Rendering component
(jgdw400.dll) in ...)
+ TODO: check
CVE-2006-2377
RESERVED
-CVE-2006-2376
- RESERVED
+CVE-2006-2376 (Heap-based buffer overflow in the PolyPolygon function in
Graphics ...)
+ TODO: check
CVE-2006-2375
RESERVED
-CVE-2006-2374
- RESERVED
-CVE-2006-2373
- RESERVED
+CVE-2006-2374 (The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft
...)
+ TODO: check
+CVE-2006-2373 (The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft
...)
+ TODO: check
CVE-2006-2372
RESERVED
-CVE-2006-2371
- RESERVED
-CVE-2006-2370
- RESERVED
+CVE-2006-2371 (Buffer overflow in the Remote Access Connection Manager service
...)
+ TODO: check
+CVE-2006-2370 (Buffer overflow in the Routing and Remote Access service (RRAS)
in ...)
+ TODO: check
CVE-2006-2369 (RealVNC 4.1.1, and other products that use RealVNC such as
AdderLink ...)
- vnc4 4.1.1+X4.3.0-10 (high)
[sarge] - vnc4 <not-affected> (vuln not in 4.0)
@@ -1785,7 +1790,7 @@
RESERVED
CVE-2006-2219
RESERVED
-CVE-2006-2218 (Unspecified vulnerability in Internet Explorer 6.0 on Microsoft
...)
+CVE-2006-2218 (Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote
...)
NOT-FOR-US: MS IE
CVE-2006-2217 (SQL injection vulnerability in index.php in Invision Power Board
...)
NOT-FOR-US: Invision Power Board
@@ -4060,8 +4065,8 @@
RESERVED
CVE-2006-1314
RESERVED
-CVE-2006-1313
- RESERVED
+CVE-2006-1313 (Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6
on ...)
+ TODO: check
CVE-2006-1312
RESERVED
CVE-2006-1311
@@ -4080,8 +4085,8 @@
RESERVED
CVE-2006-1304
RESERVED
-CVE-2006-1303
- RESERVED
+CVE-2006-1303 (Unspecified vulnerability in Microsoft Internet Explorer 5.01
SP4 and ...)
+ TODO: check
CVE-2006-1302
RESERVED
CVE-2006-1301
@@ -4349,8 +4354,8 @@
NOT-FOR-US: Enet lib (Cube, Sauerbraten)
CVE-2006-1194 (Integer signedness error in the
enet_protocol_handle_incoming_commands ...)
NOT-FOR-US: Enet lib (Cube, Sauerbraten)
-CVE-2006-1193
- RESERVED
+CVE-2006-1193 (Microsoft Exchange Server 2000 SP1 through SP3, when running
Outlook ...)
+ TODO: check
CVE-2006-1192 (Microsoft Internet Explorer 5.01 through 6 allows remote
attackers to ...)
NOT-FOR-US: Microsoft
CVE-2006-1191 (Microsoft Internet Explorer 5.01 through 6 does not always
correctly ...)
@@ -8736,15 +8741,15 @@
NOT-FOR-US: Microsoft
CVE-2006-0026
RESERVED
-CVE-2006-0025
- RESERVED
+CVE-2006-0025 (Stack-based buffer overflow in Microsoft Windows Media Player 9
and 10 ...)
+ TODO: check
CVE-2006-0024 (Multiple unspecified vulnerabilities in Adobe Flash Player
8.0.22.0 ...)
- flashplugin-nonfree 7.0.61-4 (bug #357038; bug #357105)
[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash
plugin)
CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and
possibly ...)
NOT-FOR-US: Microsoft
-CVE-2006-0022
- RESERVED
+CVE-2006-0022 (Unspecified vulnerability in Microsoft PowerPoint in Microsoft
Office ...)
+ TODO: check
CVE-2006-0021 (Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1,
allows ...)
NOT-FOR-US: Microsoft
CVE-2006-0020 (An unspecified Microsoft WMF parsing application, as used in
Internet ...)