Author: joeyh Date: 2006-10-03 09:14:22 +0000 (Tue, 03 Oct 2006) New Revision: 4801 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-10-02 21:14:19 UTC (rev 4800) +++ data/CVE/list 2006-10-03 09:14:22 UTC (rev 4801) @@ -1,3 +1,91 @@ +CVE-2006-5143 + RESERVED +CVE-2006-5142 + RESERVED +CVE-2006-5141 (PHP remote file inclusion vulnerability in script.php in Kevin A. ...) + TODO: check +CVE-2006-5140 (SQL injection vulnerability in display.php in Lappy512 PHP Krazy Image ...) + TODO: check +CVE-2006-5139 (Unspecified vulnerability in MkPortal allows remote attackers to ...) + TODO: check +CVE-2006-5138 (Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain ...) + TODO: check +CVE-2006-5137 (Multiple direct static code injection vulnerabilities in Groupee ...) + TODO: check +CVE-2006-5136 (Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in ...) + TODO: check +CVE-2006-5135 (Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow ...) + TODO: check +CVE-2006-5134 (Mercury SiteScope 8.2 (8.1.2.0) allows remote authenticated users to ...) + TODO: check +CVE-2006-5133 (Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have ...) + TODO: check +CVE-2006-5132 (Multiple PHP remote file inclusion vulnerabilities in phpMyAgenda 3.0 ...) + TODO: check +CVE-2006-5131 (module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another ...) + TODO: check +CVE-2006-5130 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...) + TODO: check +CVE-2006-5129 (Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just ...) + TODO: check +CVE-2006-5128 (SQL injection vulnerability in index.php in Bartels Schoene ConPresso ...) + TODO: check +CVE-2006-5127 (Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ...) + TODO: check +CVE-2006-5126 (PHP remote file inclusion vulnerability in index.php in John Himmelman ...) + TODO: check +CVE-2006-5125 (Directory traversal vulnerability in window.php, possibly used by ...) + TODO: check +CVE-2006-5124 (Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim ...) + TODO: check +CVE-2006-5123 (Multiple PHP remote file inclusion vulnerabilities in Albrecht ...) + TODO: check +CVE-2006-5122 (Multiple cross-site scripting (XSS) vulnerabilities in Mercury ...) + TODO: check +CVE-2006-5121 (SQL injection vulnerability in modules/Downloads/admin.php in the ...) + TODO: check +CVE-2006-5120 (Multiple cross-site scripting (XSS) vulnerabilities in Scott Metoyer ...) + TODO: check +CVE-2006-5119 (Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart 1.3.5 ...) + TODO: check +CVE-2006-5118 (PHP remote file inclusion vulnerability in index.php3 in the PDD ...) + TODO: check +CVE-2006-5117 (phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web ...) + TODO: check +CVE-2006-5116 (Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.1-rc1 ...) + TODO: check +CVE-2006-5115 (Directory traversal vulnerability in kgcall.php in KGB 1.87 allows ...) + TODO: check +CVE-2006-5114 (Multiple cross-site scripting (XSS) vulnerabilities in wgate in SAP ...) + TODO: check +CVE-2006-5113 (Directory traversal vulnerability in common.php in Yuuki Yoshizawa ...) + TODO: check +CVE-2006-5112 (Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote ...) + TODO: check +CVE-2006-5111 (The libksba library 0.9.12 and possibly other versions, as used by ...) + TODO: check +CVE-2006-5110 (Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice ...) + TODO: check +CVE-2006-5109 (Devellion CubeCart 2.0.x allows remote attackers to obtain sensitive ...) + TODO: check +CVE-2006-5108 (Multiple cross-site scripting (XSS) vulnerabilities in Devellion ...) + TODO: check +CVE-2006-5107 (Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x ...) + TODO: check +CVE-2006-5106 (Cross-site scripting (XSS) vulnerability in FacileForms before 1.4.7 ...) + TODO: check +CVE-2006-5105 (Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1 ...) + TODO: check +CVE-2006-5104 (SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x ...) + TODO: check +CVE-2006-5103 (PHP remote file inclusion vulnerability in index2.php in bbsNew 2.0.1 ...) + TODO: check +CVE-2006-5102 (PHP remote file inclusion vulnerability in include/editfunc.inc.php in ...) + TODO: check +CVE-2006-5101 (PHP remote file inclusion vulnerability in include.php in Comdev CSV ...) + TODO: check +CVE-2006-5100 (PHP remote file inclusion vulnerability in parse/parser.php in ...) + TODO: check CVE-2006-5099 (lib/exec/fetch.php in DokuWiki before 2006-03-09e, when ...) TODO: check CVE-2006-5098 (lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote ...) @@ -63,7 +151,7 @@ NOT-FOR-US: eyeOS CVE-2006-5070 (PHP remote file inclusion vulnerability in ...) NOT-FOR-US: faceStones Personal -CVE-2006-5069 (Cross-site scripting (XSS) vulnerability in the Indexed Search 2.9.0 ...) +CVE-2006-5069 (Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php ...) TODO: check CVE-2006-5068 (PHP remote file inclusion vulnerability in admin/index.php in ...) NOT-FOR-US: BrudaNews @@ -1533,32 +1621,32 @@ RESERVED CVE-2006-4400 RESERVED -CVE-2006-4399 - RESERVED +CVE-2006-4399 (User interface inconsistency in Workgroup Manager in Apple Mac OS X ...) + TODO: check CVE-2006-4398 RESERVED -CVE-2006-4397 - RESERVED +CVE-2006-4397 (Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 ...) + TODO: check CVE-2006-4396 RESERVED -CVE-2006-4395 - RESERVED -CVE-2006-4394 - RESERVED -CVE-2006-4393 - RESERVED -CVE-2006-4392 - RESERVED -CVE-2006-4391 - RESERVED -CVE-2006-4390 - RESERVED +CVE-2006-4395 (Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X ...) + TODO: check +CVE-2006-4394 (A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, ...) + TODO: check +CVE-2006-4393 (Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 ...) + TODO: check +CVE-2006-4392 (The Mach kernel, as used in operating systems including (1) Mac OS X ...) + TODO: check +CVE-2006-4391 (Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 ...) + TODO: check +CVE-2006-4390 (CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows ...) + TODO: check CVE-2006-4389 (Apple QuickTime before 7.1.3 allows user-assisted remote attackers to ...) NOT-FOR-US: Apple QuickTime CVE-2006-4388 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...) NOT-FOR-US: Apple QuickTime -CVE-2006-4387 - RESERVED +CVE-2006-4387 (Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the ...) + TODO: check CVE-2006-4386 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...) NOT-FOR-US: Apple QuickTime CVE-2006-4385 (Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...) @@ -2550,7 +2638,7 @@ NOT-FOR-US: php-nuke CVE-2006-3947 (PHP remote file inclusion vulnerability in ...) NOT-FOR-US: Mambatstaff -CVE-2006-3946 (The KHTMLParser::popOneBlock function in Apple Safari 2.0.4 on Mac OS ...) +CVE-2006-3946 (WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote ...) NOT-FOR-US: Apple Safari 2.0.4 NOTE: konqueror 3.5.x is not affected NOTE: PoC http://browserfun.blogspot.com/2006/07/mobb-31-safari-khtmlparserpoponeblock.html