Author: joeyh Date: 2006-09-21 09:14:32 +0000 (Thu, 21 Sep 2006) New Revision: 4750 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-09-20 18:48:06 UTC (rev 4749) +++ data/CVE/list 2006-09-21 09:14:32 UTC (rev 4750) @@ -1,3 +1,53 @@ +CVE-2006-4923 (Cross-site scripting (XSS) vulnerability in search.php in eSyndiCat ...) + TODO: check +CVE-2006-4922 (Unrestricted file upload vulnerability in ...) + TODO: check +CVE-2006-4921 (PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 ...) + TODO: check +CVE-2006-4920 (Multiple PHP remote file inclusion vulnerabilities in Site@School ...) + TODO: check +CVE-2006-4919 (Directory traversal vulnerability in ...) + TODO: check +CVE-2006-4918 (Multiple PHP remote file inclusion vulnerabilities in Simple ...) + TODO: check +CVE-2006-4917 (Cross-site scripting (XSS) vulnerability in search.php in PT News ...) + TODO: check +CVE-2006-4916 (SQL injection vulnerability in uye_profil.asp in Tekman Portal (TR) ...) + TODO: check +CVE-2006-4915 (Cross-site scripting (XSS) vulnerability in index.php in Innovate ...) + TODO: check +CVE-2006-4914 (Directory traversal vulnerability in A.l-Pifou 1.8p2 allows remote ...) + TODO: check +CVE-2006-4913 (Directory traversal vulnerability in chat/getStartOptions.php in ...) + TODO: check +CVE-2006-4912 (PHP remote file inclusion vulnerability in PHP DocWriter 0.3 and ...) + TODO: check +CVE-2006-4911 (Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 ...) + TODO: check +CVE-2006-4910 (The web administration interface (mainApp) to Cisco IDS before ...) + TODO: check +CVE-2006-4909 (Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS ...) + TODO: check +CVE-2006-4908 (OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2006-4907 (OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2006-4906 (SQL injection vulnerability in modules/calendar/week.php in ...) + TODO: check +CVE-2006-4905 (PHP remote file inclusion vulnerability in index.php in Artmedic Links ...) + TODO: check +CVE-2006-4904 (Dynamic variable evaluation vulnerability in cmpi.php in Qualiteam ...) + TODO: check +CVE-2006-4903 + RESERVED +CVE-2006-4902 + RESERVED +CVE-2006-4901 + RESERVED +CVE-2006-4900 + RESERVED +CVE-2006-4899 + RESERVED CVE-2006-4898 (PHP remote file inclusion vulnerability in include/phpxd/phpXD.php in ...) TODO: check CVE-2006-4897 (CMtextS 1.0 and earlier stores users_logins/admin.txt under the web ...) @@ -283,7 +333,7 @@ NOT-FOR-US: SharpReader CVE-2006-4760 (Multiple cross-site scripting (XSS) vulnerabilities in Benjamin Pasero ...) NOT-FOR-US: RSSOwl -CVE-2006-4759 (PunBB 1.2.12 does not properly handle pathnames ending in %00, which ...) +CVE-2006-4759 (** DISPUTED ** ...) NOT-FOR-US: PunBB CVE-2006-4758 (phpBB 2.0.21 does not properly handle pathnames ending in %00, which ...) - phpbb2 <unfixed> (bug #388120) @@ -791,7 +841,7 @@ NOT-FOR-US: OpenVMS CVE-2006-4536 (SQL injection vulnerability in module/rejestracja.php in CMS Frogss ...) NOT-FOR-US: CMS Frogss -CVE-2006-4535 (The Linux kernel 2.6.10 through 2.6.15 allows local users to cause a ...) +CVE-2006-4535 (The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local ...) TODO: check CVE-2006-4534 (Unspecified vulnerability in Microsoft Word 2000 allows remote ...) NOT-FOR-US: Microsoft @@ -1013,8 +1063,8 @@ NOT-FOR-US: Ay System Solutions CMS CVE-2006-4439 (pkgadd in Sun Solaris 10 before 20060825 installs files with insecure ...) NOT-FOR-US: Solaris -CVE-2006-4438 - RESERVED +CVE-2006-4438 (Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux ...) + TODO: check CVE-2006-4437 (Eval injection vulnerability in Tagger LE allows remote attackers to ...) TODO: check CVE-2005-4810 (Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote ...)