Author: micah
Date: 2006-12-06 02:59:32 +0100 (Wed, 06 Dec 2006)
New Revision: 5076
Modified:
data/CVE/list
Log:
some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-05 22:26:55 UTC (rev 5075)
+++ data/CVE/list 2006-12-06 01:59:32 UTC (rev 5076)
@@ -10,15 +10,15 @@
- ruby1.8 1.8.5-4 (low)
TODO: check other ruby versions
CVE-2006-6273 (sp_index.php in Simple PHP Gallery 1.1 allows remote attackers
to ...)
- TODO: check
+ NOT-FOR-US: Simple PHP Gallery
CVE-2006-6272 (Cross-site scripting (XSS) vulnerability in sp_index.php in
Simple PHP ...)
- TODO: check
+ NOT-FOR-US: Simple PHP Gallery
CVE-2006-6271 (Multiple cross-site scripting (XSS) vulnerabilities in PHPOLL
0.96 ...)
- TODO: check
+ NOT-FOR-US: PHPOLL
CVE-2006-6270 (Multiple SQL injection vulnerabilities in ASPMForum allow
remote ...)
- TODO: check
+ NOT-FOR-US: ASPMForum
CVE-2006-6269 (Multiple SQL injection vulnerabilities in Infinitytechs
Restaurants CM ...)
- TODO: check
+ NOT-FOR-US: Infinitytechs Restaurants CM
CVE-2006-6268 (SQL injection vulnerability in
system/core/profile/profile.inc.php in ...)
NOT-FOR-US: Neocrome Land Down Under
CVE-2006-6267 (PostNuke 0.7.5.0, and certain minor versions, allows remote
attackers ...)
@@ -36,11 +36,11 @@
NOTE: Potential firewall bypass is inherent to tunneling software.
NOTE: Not a bug.
CVE-2006-6262 (Directory traversal vulnerability in mboard.php in PHPJunkYard
(aka ...)
- TODO: check
+ NOT-FOR-US: PHPJunkYard MBoard
CVE-2006-6261 (Buffer overflow in Quintessential Player 4.50.1.82 and earlier
allows ...)
- TODO: check
+ NOT-FOR-US: Quintessential Player
CVE-2006-6260 (SQL injection vulnerability in login.asp in Redbinaria Sistema
...)
- TODO: check
+ NOT-FOR-US: Redbinaria Sistema Integrado de Administracion de Portales
(SIAP)
CVE-2006-6259 (Multiple directory traversal vulnerabilities in (a) ...)
NOT-FOR-US: AlternC
CVE-2006-6258 (The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits
the ...)
@@ -52,17 +52,17 @@
CVE-2006-6255 (Direct static code injection vulnerability in util.php in the
NukeAI ...)
NOT-FOR-US: NukeAI
CVE-2006-6254 (administration/telecharger.php in Cahier de texte 2.0 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Cahier de texte
CVE-2006-6253 (Cahier de texte 2.0 stores sensitive information under the web
root, ...)
- TODO: check
+ NOT-FOR-US: Cahier de texte
CVE-2006-6252 (Microsoft Windows Live Messenger 8.0 and earlier, when gestual
...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Live Messenger
CVE-2006-6251 (Stack-based buffer overflow in VUPlayer 2.44 and earlier allows
remote ...)
- TODO: check
+ NOT-FOR-US: VUPlayer
CVE-2006-6250 (Format string vulnerability in Songbird Media Player 0.2 and
earlier ...)
- TODO: check
+ NOT-FOR-US: Songbird Media Player
CVE-2006-6249 (Cross-site scripting (XSS) vulnerability in Chama Cargo 4.36
and ...)
- TODO: check
+ NOT-FOR-US: Chama Cargo
CVE-2006-6248 (index.php in GPhotos 1.5 allows remote attackers to obtain
sensitive ...)
TODO: check
CVE-2006-6247 (Multiple SQL injection vulnerabilities in Uapplication
UPhotoGallery ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
