Author: micah Date: 2006-12-06 02:59:32 +0100 (Wed, 06 Dec 2006) New Revision: 5076 Modified: data/CVE/list Log: some NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-12-05 22:26:55 UTC (rev 5075) +++ data/CVE/list 2006-12-06 01:59:32 UTC (rev 5076) @@ -10,15 +10,15 @@ - ruby1.8 1.8.5-4 (low) TODO: check other ruby versions CVE-2006-6273 (sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Simple PHP Gallery CVE-2006-6272 (Cross-site scripting (XSS) vulnerability in sp_index.php in Simple PHP ...) - TODO: check + NOT-FOR-US: Simple PHP Gallery CVE-2006-6271 (Multiple cross-site scripting (XSS) vulnerabilities in PHPOLL 0.96 ...) - TODO: check + NOT-FOR-US: PHPOLL CVE-2006-6270 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...) - TODO: check + NOT-FOR-US: ASPMForum CVE-2006-6269 (Multiple SQL injection vulnerabilities in Infinitytechs Restaurants CM ...) - TODO: check + NOT-FOR-US: Infinitytechs Restaurants CM CVE-2006-6268 (SQL injection vulnerability in system/core/profile/profile.inc.php in ...) NOT-FOR-US: Neocrome Land Down Under CVE-2006-6267 (PostNuke 0.7.5.0, and certain minor versions, allows remote attackers ...) @@ -36,11 +36,11 @@ NOTE: Potential firewall bypass is inherent to tunneling software. NOTE: Not a bug. CVE-2006-6262 (Directory traversal vulnerability in mboard.php in PHPJunkYard (aka ...) - TODO: check + NOT-FOR-US: PHPJunkYard MBoard CVE-2006-6261 (Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows ...) - TODO: check + NOT-FOR-US: Quintessential Player CVE-2006-6260 (SQL injection vulnerability in login.asp in Redbinaria Sistema ...) - TODO: check + NOT-FOR-US: Redbinaria Sistema Integrado de Administracion de Portales (SIAP) CVE-2006-6259 (Multiple directory traversal vulnerabilities in (a) ...) NOT-FOR-US: AlternC CVE-2006-6258 (The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the ...) @@ -52,17 +52,17 @@ CVE-2006-6255 (Direct static code injection vulnerability in util.php in the NukeAI ...) NOT-FOR-US: NukeAI CVE-2006-6254 (administration/telecharger.php in Cahier de texte 2.0 allows remote ...) - TODO: check + NOT-FOR-US: Cahier de texte CVE-2006-6253 (Cahier de texte 2.0 stores sensitive information under the web root, ...) - TODO: check + NOT-FOR-US: Cahier de texte CVE-2006-6252 (Microsoft Windows Live Messenger 8.0 and earlier, when gestual ...) - TODO: check + NOT-FOR-US: Microsoft Windows Live Messenger CVE-2006-6251 (Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote ...) - TODO: check + NOT-FOR-US: VUPlayer CVE-2006-6250 (Format string vulnerability in Songbird Media Player 0.2 and earlier ...) - TODO: check + NOT-FOR-US: Songbird Media Player CVE-2006-6249 (Cross-site scripting (XSS) vulnerability in Chama Cargo 4.36 and ...) - TODO: check + NOT-FOR-US: Chama Cargo CVE-2006-6248 (index.php in GPhotos 1.5 allows remote attackers to obtain sensitive ...) TODO: check CVE-2006-6247 (Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery ...)