Author: stef-guest Date: 2006-09-24 20:41:32 +0000 (Sun, 24 Sep 2006) New Revision: 4761 Modified: data/CVE/list Log: some more NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-09-24 20:32:21 UTC (rev 4760) +++ data/CVE/list 2006-09-24 20:41:32 UTC (rev 4761) @@ -266,7 +266,7 @@ CVE-2006-4793 (Multiple SQL injection vulnerabilities in icerik.asp in TualBLOG 1.0 ...) NOT-FOR-US: TualBLOG CVE-2004-2665 (Unspecified vulnerability in the Address and Routing Parameter Area ...) - TODO: check + NOT-FOR-US: HP-UX CVE-2006-XXXX [linux-ftpd allows chdir to disallowed directories] - linux-ftpd 0.17-22 (low; bug #384454) CVE-2006-XXXX [linux-ftpd does not check return code of setuid] @@ -3198,11 +3198,11 @@ CVE-2006-3510 (The Remote Data Service Object (RDS.DataControl) in Microsoft Internet ...) NOT-FOR-US: Microsoft Internet Explorer CVE-2006-3509 (Integer overflow in the API for the AirPort wireless driver on Apple ...) - TODO: check + NOT-FOR-US: Apple CVE-2006-3508 (Heap-based buffer overflow in the AirPort wireless driver on Apple Mac ...) - TODO: check + NOT-FOR-US: Apple CVE-2006-3507 (Multiple stack-based buffer overflows in the AirPort wireless driver ...) - TODO: check + NOT-FOR-US: Apple CVE-2006-3506 (Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and ...) NOT-FOR-US: Mac OS X CVE-2006-3505 (WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to ...) @@ -3320,7 +3320,7 @@ CVE-2006-3455 RESERVED CVE-2006-3454 (Multiple format string vulnerabilities in Symantec AntiVirus Corporate ...) - TODO: check + NOT-FOR-US: Symantec CVE-2006-3453 (Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers ...) NOT-FOR-US: Adobe acrobat CVE-2006-3452 (Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure ...) @@ -3344,7 +3344,7 @@ CVE-2006-3443 (Untrusted search path vulnerability in Winlogon in Microsoft Windows ...) NOT-FOR-US: Microsoft CVE-2006-3442 (Unspecified vulnerability in Pragmatic General Multicast (PGM) in ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2006-3441 (Buffer overflow in the DNS Client service in Microsoft Windows 2000 ...) NOT-FOR-US: Microsoft CVE-2006-3440 (Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP ...) @@ -5108,6 +5108,7 @@ NOTE: application error - php5 5.1.6-1 (low) CVE-2006-2658 (Directory traversal vulnerability in the xsp component in mod_mono in ...) + NOTE: maybe this is the same as apache mod_mono? TODO: check CVE-2006-2657 REJECTED @@ -5520,7 +5521,7 @@ CVE-2006-2483 (PHP remote file inclusion vulnerability in cart_content.php in ...) NOT-FOR-US: Squirrelcart CVE-2006-2482 (Heap-based buffer overflow in ZipTV for Delphi 7 2006.1.26 and for C++ ...) - TODO: check + NOT-FOR-US: ZipTV CVE-2006-2481 (VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 ...) NOT-FOR-US: VMware ESX CVE-2006-2480 (Format string vulnerability in Dia 0.94 allows user-assisted ...) @@ -13133,7 +13134,7 @@ CVE-2006-0033 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...) NOT-FOR-US: Microsoft CVE-2006-0032 (Cross-site scripting (XSS) vulnerability in the Indexing Service in ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2006-0031 (Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, ...) NOT-FOR-US: Microsoft CVE-2006-0030 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in ...) @@ -13961,7 +13962,7 @@ CVE-2006-0002 (Unspecified vulnerability in Microsoft Outlook 2000 through 2003, ...) NOT-FOR-US: Microsoft CVE-2006-0001 (Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2005-3714 (The network interface for Apple AirPort Express 6.x before Firmware ...) NOT-FOR-US: Apple AirPort CVE-2005-3713 (Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows ...)