thr3ads.net - Secure testing commits - [Secure-testing-commits] r5205

If this information is useful, please help other people find it:
Share via:
Joey Hess
2007-Jan-02 09:14 UTC
[Secure-testing-commits] r5205 - data/CVE

Author: joeyh
Date: 2007-01-02 09:14:25 +0100 (Tue, 02 Jan 2007)
New Revision: 5205

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-12-30 22:56:43 UTC (rev 5204)
+++ data/CVE/list	2007-01-02 08:14:25 UTC (rev 5205)
@@ -1,3 +1,169 @@
+CVE-2007-0015 (Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers
to ...)
+	TODO: check
+CVE-2007-0014
+	RESERVED
+CVE-2007-0013
+	RESERVED
+CVE-2007-0012
+	RESERVED
+CVE-2007-0011
+	RESERVED
+CVE-2006-6836 (Multiple unspecified vulnerabilities in osp-cert in IBM OS/400
V5R3M0 ...)
+	TODO: check
+CVE-2006-6835 (SQL injection vulnerability in Journal.inc.php in Neocrome Land
Down ...)
+	TODO: check
+CVE-2006-6834 (Multiple unspecified vulnerabilities in Joomla! before 1.0.12
have ...)
+	TODO: check
+CVE-2006-6833 (com_categories in Joomla! before 1.0.12 does not validate input,
which ...)
+	TODO: check
+CVE-2006-6832 (Cross-site scripting (XSS) vulnerability in Joomla! before
1.0.12 ...)
+	TODO: check
+CVE-2006-6831 (SQL injection vulnerability in faqDsp.asp in aFAQ 1.0 allows
remote ...)
+	TODO: check
+CVE-2006-6830 (PHP remote file inclusion vulnerability in b2verifauth.php in b2
Blog ...)
+	TODO: check
+CVE-2006-6829 (Efkan Forum 1.0 and earlier store sensitive information under
the web ...)
+	TODO: check
+CVE-2006-6828 (Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and
earlier ...)
+	TODO: check
+CVE-2006-6827 (Flash8b.ocx in Macromedia Flash 8 allows remote attackers to
cause a ...)
+	TODO: check
+CVE-2006-6826 (Unspecified vulnerability in the tab editor for Personal .NET
Portal ...)
+	TODO: check
+CVE-2006-6825 (Calendar MX BASIC 1.0.2 and earlier store sensitive information
under ...)
+	TODO: check
+CVE-2006-6824 (Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu
and Chad ...)
+	TODO: check
+CVE-2006-6823 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-6822 (myprofile.asp in Enthrallweb eClassifieds does not properly
validate ...)
+	TODO: check
+CVE-2006-6821 (myprofile.asp in Enthrallweb eNews does not properly validate
the ...)
+	TODO: check
+CVE-2006-6820 (myprofile.asp in Enthrallweb eCoupons does not properly validate
the ...)
+	TODO: check
+CVE-2006-6819 (AlstraSoft Web Host Directory stores sensitive information under
the ...)
+	TODO: check
+CVE-2006-6818 (AlstraSoft Web Host Directory allows remote attackers to bypass
...)
+	TODO: check
+CVE-2006-6817 (AlstraSoft Web Host Directory allows remote attackers to obtain
...)
+	TODO: check
+CVE-2006-6816 (Multiple SQL injection vulnerabilities in DMXReady Secure Login
...)
+	TODO: check
+CVE-2006-6815 (Multiple cross-site scripting (XSS) vulnerabilities in DMXReady
Secure ...)
+	TODO: check
+CVE-2006-6814 (Directory traversal vulnerability in
FolderManager/FolderManager.aspx ...)
+	TODO: check
+CVE-2006-6813 (SQL injection vulnerability in detail.asp in Mxmania File Upload
...)
+	TODO: check
+CVE-2006-6812 (Multiple PHP remote file inclusion vulnerabilities in
myPHPCalendar ...)
+	TODO: check
+CVE-2006-6811 (Buffer overflow in KsIRC 1.3.12 allows remote attackers to
execute ...)
+	TODO: check
+CVE-2006-6810 (Unspecified vulnerability in the clear_user_list function in
...)
+	TODO: check
+CVE-2006-6809 (Multiple PHP remote file inclusion vulnerabilities in
process.php in ...)
+	TODO: check
+CVE-2006-6808 (Cross-site scripting (XSS) vulnerability in
wp-admin/templates.php in ...)
+	TODO: check
+CVE-2006-6807 (SQL injection vulnerability in list.asp in Softwebs Nepal (aka
Ananda ...)
+	TODO: check
+CVE-2006-6806 (SQL injection vulnerability in newsdetail.asp in Enthrallweb
eMates ...)
+	TODO: check
+CVE-2006-6805 (SQL injection vulnerability in newsdetail.asp in Enthrallweb
eJobs ...)
+	TODO: check
+CVE-2006-6804 (SQL injection vulnerability in bus_details.asp in Dragon
Business ...)
+	TODO: check
+CVE-2006-6803 (SQL injection vulnerability in Types.asp in Enthrallweb eCars
1.0 ...)
+	TODO: check
+CVE-2006-6802 (SQL injection vulnerability in actualpic.asp in Enthrallweb
ePages ...)
+	TODO: check
+CVE-2006-6801 (PHP remote file inclusion vulnerability in misc.php in SH-News
0.93, ...)
+	TODO: check
+CVE-2006-6800 (PHP remote file inclusion in eventcal/mod_eventcal.php in the
event ...)
+	TODO: check
+CVE-2006-6799 (SQL injection vulnerability in Cacti 0.8.6i and earlier, when
...)
+	TODO: check
+CVE-2006-6798
+	RESERVED
+CVE-2006-6797 (The Client Server Run-Time Subsystem (CSRSS) in Microsoft
Windows ...)
+	TODO: check
+CVE-2006-6796 (PHP remote file inclusion vulnerability in
admin/admin_settings.php in ...)
+	TODO: check
+CVE-2006-6795 (PHP remote file inclusion vulnerability in
gallery/displayCategory.php ...)
+	TODO: check
+CVE-2006-6794 (SQL injection vulnerability in default.asp in Efkan Forum 1.0
allows ...)
+	TODO: check
+CVE-2006-6793 (PHP remote file inclusion vulnerability in ataturk.php in Okul
Merkezi ...)
+	TODO: check
+CVE-2006-6792 (SQL injection vulnerability in calendar_detail.asp in Calendar
MX ...)
+	TODO: check
+CVE-2006-6791 (SQL injection vulnerability in SelGruFra.asp in chatwm 1.0
allows ...)
+	TODO: check
+CVE-2006-6790 (Direct static code injection vulnerability in chat/login.php in
...)
+	TODO: check
+CVE-2006-6789 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-6788 (Multiple PHP remote file inclusion vulnerabilities in LuckyBot 3
allow ...)
+	TODO: check
+CVE-2006-6787 (SQL injection vulnerability in admin/admin_mail_adressee.asp in
...)
+	TODO: check
+CVE-2006-6786 (Open Newsletter 2.5 and earlier allows remote authenticated ...)
+	TODO: check
+CVE-2006-6785 (The admin PHP scripts in Open Newsletter 2.5 and earlier do not
exit ...)
+	TODO: check
+CVE-2006-6784 (SQL injection vulnerability in Netbula Anyboard allows remote
...)
+	TODO: check
+CVE-2006-6783 (Unrestricted file upload vulnerability in logahead UNU 1.0
allows ...)
+	TODO: check
+CVE-2006-6782 (Cross-site scripting (XSS) vulnerability in pnamazu 2006.02.28
and ...)
+	TODO: check
+CVE-2006-6781 (HLstats 1.20 through 1.34 allows remote attackers to obtain
sensitive ...)
+	TODO: check
+CVE-2006-6780 (SQL injection vulnerability in the login form in HLstats 1.20
through ...)
+	TODO: check
+CVE-2006-6779 (Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin
allows ...)
+	TODO: check
+CVE-2006-6778 (Cross-site scripting (XSS) vulnerability in shownews.php in
TimberWolf ...)
+	TODO: check
+CVE-2006-6777 (Cross-site scripting (XSS) vulnerability in index.cfm in Future
...)
+	TODO: check
+CVE-2006-6776 (Multiple SQL injection vulnerabilities in Future Internet allow
remote ...)
+	TODO: check
+CVE-2006-6775 (acFTP 1.5 allows remote authenticated users to cause a denial of
...)
+	TODO: check
+CVE-2006-6774 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-6773 (pages/register/register.php in Fishyshoop 0.930 beta allows
remote ...)
+	TODO: check
+CVE-2006-6772 (Format string vulnerability in w3m 0.5.1, when run with the dump
or ...)
+	TODO: check
+CVE-2006-6771 (Multiple PHP remote file inclusion vulnerabilities in Irokez CMS
0.7.1 ...)
+	TODO: check
+CVE-2006-6770 (Multiple PHP remote file inclusion vulnerabilities in Jinzora
Media ...)
+	TODO: check
+CVE-2006-6769 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Live!
3.2.2 ...)
+	TODO: check
+CVE-2005-4822 (SQL injection vulnerability in projects/project-edit.asp in
Digger ...)
+	TODO: check
+CVE-2005-4821 (Multiple SQL injection vulnerabilities in Land Down Under (LDU)
v801 ...)
+	TODO: check
+CVE-2005-4820 (SMC Wireless Router model SMC7904WBRA allows remote attackers to
cause ...)
+	TODO: check
+CVE-2005-4819 (Cross-site scripting (XSS) vulnerability in Lotus Domino
versions ...)
+	TODO: check
+CVE-2005-4818 (Multiple SQL injection vulnerabilities in Copernicus Europa
allow ...)
+	TODO: check
+CVE-2005-4817 (Format string vulnerability in ui.c in Textbased MSN Client
(TMSNC) ...)
+	TODO: check
+CVE-2004-2669 (Multiple SQL injection vulnerabilities in Land Down Under (LDU)
v701 ...)
+	TODO: check
+CVE-2004-2668 (SQL injection vulnerability in Interchange before 4.8.9 allows
remote ...)
+	TODO: check
+CVE-2004-2667 (Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x
before ...)
+	TODO: check
+CVE-2003-1315 (SQL injection vulnerability in auth.php in Land Down Under (LDU)
v601 ...)
+	TODO: check
 CVE-2006-XXXX [cacti "cmd.php" Command Execution and SQL Injection]
 	- cacti <unfixed> (bug #404818)
 CVE-2006-6768 (Multiple cross-site scripting (XSS) vulnerabilities in
default.asp in ...)
@@ -1071,8 +1237,7 @@
 	RESERVED
 CVE-2006-6319
 	RESERVED
-CVE-2006-6318
-	RESERVED
+CVE-2006-6318 (elogd in elog 2.6.2 and earlier allows remote authenticated
users to cause a ...)
 	{DSA-1242-1}
 CVE-2006-6317
 	RESERVED
Secure testing commits - Jan 2007 - r5205 - data/CVE

[Secure-testing-commits] r5205 - data/CVE
