Author: joeyh Date: 2006-06-22 21:14:22 +0000 (Thu, 22 Jun 2006) New Revision: 4282 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-06-22 20:59:53 UTC (rev 4281) +++ data/CVE/list 2006-06-22 21:14:22 UTC (rev 4282) @@ -1,6 +1,110 @@ +CVE-2006-3133 + RESERVED +CVE-2006-3132 (Cross-site scripting (XSS) vulnerability in qtofm.php4 in ...) + TODO: check +CVE-2006-3131 (Multiple cross-site scripting (XSS) vulnerabilities in Clubpage allow ...) + TODO: check +CVE-2006-3130 (SQL injection vulnerability in index.php in Clubpage allows remote ...) + TODO: check +CVE-2006-3129 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in NC ...) + TODO: check +CVE-2006-3128 (choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does ...) + TODO: check +CVE-2006-3127 (Memory leak in Network Security Services (NSS) 3.11, as used in Sun ...) + TODO: check +CVE-2006-3126 + RESERVED +CVE-2006-3125 + RESERVED +CVE-2006-3124 + RESERVED +CVE-2006-3123 + RESERVED +CVE-2006-3122 + RESERVED +CVE-2006-3121 + RESERVED +CVE-2006-3120 + RESERVED +CVE-2006-3119 + RESERVED +CVE-2006-3118 + RESERVED +CVE-2006-3117 + RESERVED +CVE-2006-3116 + RESERVED +CVE-2006-3115 + RESERVED +CVE-2006-3114 + RESERVED +CVE-2006-3113 + RESERVED +CVE-2006-3112 (Chipmailer 1.09 allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2006-3111 (Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09 ...) + TODO: check +CVE-2006-3110 (Cross-site scripting (XSS) vulnerability in main.php in Chipmailer ...) + TODO: check +CVE-2006-3109 (Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 ...) + TODO: check +CVE-2006-3108 (Cross-site scripting (XSS) vulnerability in EmailArchitect Email ...) + TODO: check +CVE-2006-3107 (Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and ...) + TODO: check +CVE-2006-3106 (Cross-site scripting (XSS) vulnerability in index.php in ...) + TODO: check +CVE-2006-3105 (CRLF injection vulnerability in Bitweaver 1.3 allows remote attackers ...) + TODO: check +CVE-2006-3104 (users/index.php in Bitweaver 1.3 allows remote attackers to obtain ...) + TODO: check +CVE-2006-3103 (Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows ...) + TODO: check +CVE-2006-3102 (Race condition in articles/BitArticle.php in Bitweaver 1.3, when run ...) + TODO: check +CVE-2006-3101 (Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco ...) + TODO: check +CVE-2006-3099 + RESERVED +CVE-2006-3098 + RESERVED +CVE-2006-3097 (Unspecified vulnerability in Support Tools Manager (xstm, cstm, and ...) + TODO: check +CVE-2006-3096 (Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier ...) + TODO: check +CVE-2006-3095 (Multiple cross-site scripting (XSS) vulnerabilities in iPostMX 2005 ...) + TODO: check +CVE-2006-3094 (Multiple SQL injection vulnerabilities in Calendarix Basic ...) + TODO: check +CVE-2006-3093 (Multiple unspecified vulnerabilities in Adobe Reader before 7.0.8 have ...) + TODO: check +CVE-2006-3092 (PhpMyFactures 1.2 and earlier allows remote attackers to bypass ...) + TODO: check +CVE-2006-3091 (PhpMyFactures 1.0, and possibly 1.2 and earlier, allows remote ...) + TODO: check +CVE-2006-3090 (Multiple SQL injection vulnerabilities in PhpMyFactures 1.0, and ...) + TODO: check +CVE-2006-3089 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFactures ...) + TODO: check +CVE-2006-3088 (Cross-site scripting (XSS) vulnerability in index.php in Car ...) + TODO: check +CVE-2006-3087 (Multiple cross-site scripting (XSS) vulnerabilities in EZGallery 1.5 ...) + TODO: check +CVE-2006-3086 (Buffer overflow in Microsoft Hyperlink Object Library (hlink.dll) ...) + TODO: check +CVE-2006-3084 + RESERVED +CVE-2006-3083 + RESERVED +CVE-2006-3082 (parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, ...) + TODO: check +CVE-2006-3081 (mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x ...) + TODO: check CVE-2006-3100 [termnetd buffer overflow] + RESERVED - termnetd 3.3-7 (bug #358028; medium) CVE-2006-3085 [linux endless loop in xt_sctp] + RESERVED - linux-2.6 2.6.16-15 CVE-2006-XXXX [webalizer-stonesteps XSS] - webalizer-stonesteps 2.4.1.2-1 @@ -58,7 +162,7 @@ NOT-FOR-US: VBZooM CVE-2006-3054 (Multiple SQL injection vulnerabilities in VBZooM 1.11 allow remote ...) NOT-FOR-US: VBZooM -CVE-2006-3053 (PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 ...) +CVE-2006-3053 (** DISPUTED ** ...) NOT-FOR-US: PHORUM CVE-2006-3052 (Cross-site scripting (XSS) vulnerability in Event Registration allows ...) NOT-FOR-US: Event Registration @@ -80,7 +184,7 @@ NOT-FOR-US: Foing CVE-2006-3044 (Cross-site scripting (XSS) vulnerability in LogiSphere 1.6.0 allows ...) NOT-FOR-US: LogiSphere -CVE-2006-3043 (Cross-site scripting (XSS) vulnerability in search.cfm in CFXe-CMS 2.0 ...) +CVE-2006-3043 (Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe ...) NOT-FOR-US: CFXe-CMS CVE-2006-3042 (Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 ...) NOT-FOR-US: ISPConfig @@ -138,8 +242,8 @@ - php5 5.1.4-0.1 (medium) CVE-2006-3015 (Argument injection vulnerability in WinSCP 3.8.1 build 328 allows ...) NOT-FOR-US: WinSCP -CVE-2006-3014 - RESERVED +CVE-2006-3014 (Microsoft Excel allows user-complicit attackers to execute arbitrary ...) + TODO: check CVE-2006-3013 (Interpretation conflict in resetpw.php in phpBannerExchange before 2.0 ...) NOT-FOR-US: phpBannerExchange CVE-2006-3012 (SQL injection vulnerability in phpBannerExchange before 2.0 Update 6 ...) @@ -295,8 +399,8 @@ NOT-FOR-US: FORM2MAIL CVE-2006-2943 (Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows ...) NOT-FOR-US: WebFORM -CVE-2006-2942 - RESERVED +CVE-2006-2942 (TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki ...) + TODO: check CVE-2006-2941 RESERVED CVE-2006-2940 @@ -317,8 +421,8 @@ RESERVED CVE-2006-2932 RESERVED -CVE-2006-2931 - RESERVED +CVE-2006-2931 (CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, ...) + TODO: check CVE-2006-2930 (Unspecified vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid ...) NOT-FOR-US: Sun CVE-2006-2929 (PHP remote file inclusion vulnerability in ...) @@ -362,8 +466,8 @@ NOT-FOR-US: SelectaPix CVE-2006-2912 (Multiple SQL injection vulnerabilities in SelectaPix 1.31 allow remote ...) NOT-FOR-US: SelectaPix -CVE-2006-2911 - RESERVED +CVE-2006-2911 (SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 ...) + TODO: check CVE-2006-2910 RESERVED CVE-2006-2909 (Stack-based buffer overflow in the info tip shell extension ...) @@ -6076,7 +6180,7 @@ NOTE: http://www.securityfocus.com/bid/16551 CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...) NOT-FOR-US: Solaris -CVE-2006-0515 (Cisco PIX 7.0.x before 7.0.x and 6.3.x before 6.3.5(112), and FWSM ...) +CVE-2006-0515 (Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x ...) NOT-FOR-US: Cisco CVE-2006-0514 RESERVED