automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@4724 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Joey Hess <joeyh@debian.org> 2006-09-13 09:14:40 +0000
committer: Joey Hess <joeyh@debian.org> 2006-09-13 09:14:40 +0000
commit: 4117764403c291fb4ce5b373c3743fd0f5c2c85b (patch)
tree: 6736393b6e59c9010d9c1894418f1eb160a5544d
parent: bca3a5d85491447ae28dad40bf6ff3b2f48a1bcf (diff)
6 files changed, 339 insertions, 119 deletions
diff --git a/data/CVE/2001.list b/data/CVE/2001.list
index 27aed5deda..a72bf34910 100644
--- a/data/CVE/2001.list
+++ b/data/CVE/2001.list
@@ -239,7 +239,7 @@ CVE-2001-1470 (The IDEA cipher as implemented by SSH1 does not protect the final
 	NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
 CVE-2001-1469 (The RC4 stream cipher as used by SSH1 allows remote attackers to ...)
 	NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
-CVE-2001-1468 (PHP remote code injection vulnerability in checklogin.php in ...)
+CVE-2001-1468 (PHP remote file inclusion vulnerability in checklogin.php in ...)
 	NOT-FOR-US: phpSecurePages
 CVE-2001-1467 (mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, ...)
 	- expect <not-affected> (in expect 5.42.1, mkpasswd does not seed by pid)
diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index f7702a6d78..fa533d750b 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -1,3 +1,5 @@
+CVE-2002-2217 (Multiple PHP remote file inclusion vulnerabilities in Web Server ...)
+	TODO: check
 CVE-2002-2216 (Soft3304 04WebServer before 1.20 does not properly process URL ...)
 	NOT-FOR-US: 04WebServer
 CVE-2002-2215 (The imap_header function in the IMAP functionality for PHP before ...)
@@ -690,11 +692,11 @@ CVE-2002-1889 (Off-by-one buffer overflow in the context_action function in cont
 	NOT-FOR-US: Logsurfer
 CVE-2002-1888 (CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to ...)
 	NOT-FOR-US: CommonName Toolbar
-CVE-2002-1887 (PHP remote code injection vulnerability in customize.php for ...)
+CVE-2002-1887 (PHP remote file inclusion vulnerability in customize.php for ...)
 	NOT-FOR-US: phpMyNewsletter
 CVE-2002-1886 (TightAuction 3.0 stores config.inc under the web document root with ...)
 	NOT-FOR-US: TightAuction
-CVE-2002-1885 (PHP remote code injection vulnerability in showhits.php3 for ...)
+CVE-2002-1885 (PHP remote file inclusion vulnerability in showhits.php3 for ...)
 	NOT-FOR-US: PPhlogger
 CVE-2002-1884 (index.php in Py-Membres 3.1 allows remote attackers to log in as an ...)
 	NOT-FOR-US: Py-Membres
@@ -708,7 +710,7 @@ CVE-2002-1880 (LokwaBB 1.2.2 allows remote attackers to read arbitrary messages
 	NOT-FOR-US: LokwaBB
 CVE-2002-1879 (SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers ...)
 	NOT-FOR-US: LokwaBB
-CVE-2002-1878 (PHP remote code injection vulnerability in w-Agora 4.1.3 allows remote ...)
+CVE-2002-1878 (PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote ...)
 	NOT-FOR-US: w-Agora
 CVE-2002-1877 (NETGEAR FM114P allows remote attackers to bypass access restrictions ...)
 	NOT-FOR-US: Netgear hardware
diff --git a/data/CVE/2003.list b/data/CVE/2003.list
index a2f828497c..fbe5a038f3 100644
--- a/data/CVE/2003.list
+++ b/data/CVE/2003.list
@@ -263,7 +263,7 @@ CVE-2003-1181 (Advanced Poll 2.0.2 allows remote attackers to obtain sensitive .
 	NOT-FOR-US: Advanced Poll
 CVE-2003-1180 (Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote ...)
 	NOT-FOR-US: Advanced Poll
-CVE-2003-1179 (Multiple PHP remote code injection vulnerabilities in Advanced Poll ...)
+CVE-2003-1179 (Multiple PHP remote file inclusion vulnerabilities in Advanced Poll ...)
 	NOT-FOR-US: Advanced Poll
 CVE-2003-1178 (comments.php in Advanced Poll 2.0.2 allows remote attackers to execute ...)
 	NOT-FOR-US: Advanced Poll
@@ -323,7 +323,7 @@ CVE-2003-1150 (Buffer overflow in the portmapper service (PMAP.NLM) in Novell Ne
 	NOT-FOR-US: Novell portmapper
 CVE-2003-1149 (Cross-site scripting (XSS) vulnerability in Symantec Norton Internet ...)
 	NOT-FOR-US: Symantec Norton Internet Security
-CVE-2003-1148 (PHP remote code injection vulnerability in (1) config.inc.php and (2) ...)
+CVE-2003-1148 (PHP remote file inclusion vulnerability in (1) config.inc.php and (2) ...)
 	NOT-FOR-US: Les Visiteurs
 CVE-2003-1147
 	REJECTED
@@ -357,7 +357,7 @@ CVE-2003-1133 (Rit Research Labs The Bat! 1.0.11 through 2.0 creates new account
 	NOT-FOR-US: The Bat!
 CVE-2003-1132 (The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, ...)
 	NOT-FOR-US: Cisco
-CVE-2003-1131 (PHP remote code injection vulnerability in index.php in ...)
+CVE-2003-1131 (PHP remote file inclusion vulnerability in index.php in ...)
 	NOT-FOR-US: ActiveCampaign KnowledgeBuilder
 CVE-2003-1130
 	REJECTED
@@ -447,7 +447,7 @@ CVE-2003-1088 (Cross-site scripting (XSS) vulnerability in index.php for Zorum 3
 	NOT-FOR-US: Zorum 
 CVE-2003-1087 (Unknown vulnerability in diagmond and possibly other applications in ...)
 	NOT-FOR-US: diagmond on HP-UX
-CVE-2003-1086 (PHP remote code injection vulnerability in pm/lib.inc.php in pMachine ...)
+CVE-2003-1086 (PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine ...)
 	NOT-FOR-US: pMachine
 CVE-2003-1085 (The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ...)
 	NOT-FOR-US: Thomson cable modem
diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index 7d180bc723..bd09879586 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -1295,7 +1295,7 @@ CVE-2004-2043 (Buffer overflow in ibserver for Firebird Database 1.0 and other .
 	- firebird2 1.5.3.4870-3 (bug #357580)
 CVE-2004-2042 (Multiple SQL injection vulnerabilities in e107 0.615 allow remote ...)
 	NOT-FOR-US: no_package
-CVE-2004-2041 (PHP remote code injection vulnerability in secure_img_render.php in ...)
+CVE-2004-2041 (PHP remote file inclusion vulnerability in secure_img_render.php in ...)
 	NOT-FOR-US: no_package
 CVE-2004-2040 (Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 ...)
 	NOT-FOR-US: no_package
@@ -1341,7 +1341,7 @@ CVE-2004-2020 (Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6
 	NOT-FOR-US: php-nuke
 CVE-2004-2019 (The WebLinks module in Php-Nuke 6.x through 7.3 allows remote ...)
 	NOT-FOR-US: php-nuke
-CVE-2004-2018 (PHP remote code injection vulnerability in index.php in Php-Nuke 6.x ...)
+CVE-2004-2018 (PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x ...)
 	NOT-FOR-US: php-nuke
 CVE-2004-2017 (Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic ...)
 	NOT-FOR-US: Turbo Traffic Trader C (TTT-C)
@@ -1357,7 +1357,7 @@ CVE-2004-2012 (The systrace_exit function in the systrace utility for NetBSD-cur
 	NOT-FOR-US: NetBSD
 CVE-2004-2011 (msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to ...)
 	NOT-FOR-US: MSIE
-CVE-2004-2010 (PHP remote code injection vulnerability in index.php in phpShop 0.7.1 ...)
+CVE-2004-2010 (PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 ...)
 	NOT-FOR-US: phpShop
 CVE-2004-2009 (NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full ...)
 	NOT-FOR-US: NukeJokes
@@ -1399,9 +1399,9 @@ CVE-2004-1991 (Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5
 	NOT-FOR-US: aweb
 CVE-2004-1990 (Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive ...)
 	NOT-FOR-US: aweb
-CVE-2004-1989 (PHP remote code injection vulnerability in theme.php in Coppermine ...)
+CVE-2004-1989 (PHP remote file inclusion vulnerability in theme.php in Coppermine ...)
 	NOT-FOR-US: Coppermine
-CVE-2004-1988 (PHP remote code injection vulnerability in init.inc.php in Coppermine ...)
+CVE-2004-1988 (PHP remote file inclusion vulnerability in init.inc.php in Coppermine ...)
 	NOT-FOR-US: Coppermine
 CVE-2004-1987 (picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 ...)
 	NOT-FOR-US: Coppermine
@@ -1491,7 +1491,7 @@ CVE-2004-1945 (Buffer overflow in Kinesphere eXchange POP3 allows remote attacke
 	NOT-FOR-US: Kinesphere eXchange POP3 
 CVE-2004-1944 (Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a ...)
 	NOT-FOR-US: Eudora
-CVE-2004-1943 (PHP remote code injection vulnerability in album_portal.php in phpBB ...)
+CVE-2004-1943 (PHP remote file inclusion vulnerability in album_portal.php in phpBB ...)
 	NOT-FOR-US: phpbb as modified by przemo
 CVE-2004-1942 (The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 ...)
 	NOT-FOR-US: Solaris
@@ -1509,7 +1509,7 @@ CVE-2004-1936 (ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remo
 	NOT-FOR-US: ZoneAlarm
 CVE-2004-1935 (Cross-site scripting (XSS) vulnerability in SCT Campus Pipeline allows ...)
 	NOT-FOR-US: SCT Campus Pipeline
-CVE-2004-1934 (PHP remote code injection vulnerability in affich.php in Gemitel 3.50 ...)
+CVE-2004-1934 (PHP remote file inclusion vulnerability in affich.php in Gemitel 3.50 ...)
 	NOT-FOR-US: Gemitel
 CVE-2004-1933 (Citadel/UX 5.00 through 6.14 installs the database directory and files ...)
 	NOT-FOR-US: Citadel
@@ -1735,7 +1735,7 @@ CVE-2004-1822 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.1
 	NOT-FOR-US: no_package
 CVE-2004-1821 (SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through ...)
 	NOT-FOR-US: no_package
-CVE-2004-1820 (PHP remote code injection vulnerability in displaycategory.php in ...)
+CVE-2004-1820 (PHP remote file inclusion vulnerability in displaycategory.php in ...)
 	NOT-FOR-US: no_package
 CVE-2004-1819 (4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to ...)
 	NOT-FOR-US: no_package
@@ -1783,7 +1783,7 @@ CVE-2004-1798 (RealOne player 6.0.11.868 allows remote attackers to execute arbi
 	NOT-FOR-US: no_package
 CVE-2004-1797 (Cross-site scripting (XSS) vulnerability in search.php for FreznoShop ...)
 	NOT-FOR-US: no_package
-CVE-2004-1796 (PHP remote code injection vulnerability in HotNews 0.7.2 and earlier ...)
+CVE-2004-1796 (PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier ...)
 	NOT-FOR-US: no_package
 CVE-2004-1795 (Info Touch Surfnet kiosk allows local users to access the underlying ...)
 	NOT-FOR-US: no_package
@@ -1911,7 +1911,7 @@ CVE-2004-1736 (Cacti 0.8.5a allows remote attackers to gain sensitive informatio
 	- cacti 0.8.5a-5
 CVE-2004-1735 (Cross-site scripting (XSS) vulnerability in the create list option in ...)
 	- sympa 4.1.5-4 (bug #298105; low)
-CVE-2004-1734 (PHP remote code injection vulnerability in Mantis 0.19.0a allows ...)
+CVE-2004-1734 (PHP remote file inclusion vulnerability in Mantis 0.19.0a allows ...)
 	- mantis 0.19.2-1
 CVE-2004-1733 (Directory traversal vulnerability in MyDMS 1.4.2 and other versions ...)
 	NOT-FOR-US: MyDMS
@@ -1995,7 +1995,7 @@ CVE-2004-1695 (EmuLive Server4 Commerce Edition Build 7560 allows remote attacke
 	NOT-FOR-US: EmuLive Server4
 CVE-2004-1694 (Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default ...)
 	NOT-FOR-US: Symantec
-CVE-2004-1693 (PHP remote code injection vulnerability in Function.php in Mambo 4.5 ...)
+CVE-2004-1693 (PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 ...)
 	NOT-FOR-US: Mambo
 CVE-2004-1692 (Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 ...)
 	NOT-FOR-US: Mambo
@@ -2061,7 +2061,7 @@ CVE-2004-1662 (YaBB SE 1.5.1 allows remote attackers to obtain sensitive informa
 	NOT-FOR-US: YaBB
 CVE-2004-1661 (MailWorks Professional allows remote attackers to bypass ...)
 	NOT-FOR-US: MailWorks
-CVE-2004-1660 (PHP remote code injection vulnerability in CuteNews 1.3.6 and earlier ...)
+CVE-2004-1660 (PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier ...)
 	NOT-FOR-US: CuteNews
 CVE-2004-1659 (Cross-site scripting (XSS) vulnerability in index.php in CuteNews ...)
 	NOT-FOR-US: CuteNews
@@ -2212,7 +2212,7 @@ CVE-2004-1594 (Cross-site scripting (XSS) vulnerability in FuseTalk 4.0 allows r
 	NOT-FOR-US: FuseTalk
 CVE-2004-1593 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: SCT email client
-CVE-2004-1592 (PHP remote code injection vulnerability in index.php in ocPortal 1.0.3 ...)
+CVE-2004-1592 (PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 ...)
 	NOT-FOR-US: ocPortal
 CVE-2004-1591 (The web interface for Micronet Wireless Broadband Router SP916BM ...)
 	NOT-FOR-US: Micronet Wireless Router
@@ -2232,7 +2232,7 @@ CVE-2004-1584 (CRLF injection vulnerability in wp-login.php in WordPress 1.2 all
 	- wordpress 1.2.1-1.1
 CVE-2004-1583 (Directory traversal vulnerability in the FTP server in TriDComm 1.3 ...)
 	NOT-FOR-US: FTP server in TriDComm
-CVE-2004-1582 (PHP remote code injection vulnerability in BlackBoard 1.5.1 allows ...)
+CVE-2004-1582 (PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows ...)
 	NOT-FOR-US: BlackBoard
 CVE-2004-1581 (BlackBoard 1.5.1 allows remote attackers to gains sensitive ...)
 	NOT-FOR-US: BlackBoard
@@ -2291,7 +2291,7 @@ CVE-2004-1556 (MyWebServer 1.0.3 allows remote attackers to cause a denial of se
 	NOT-FOR-US: MyWebServer
 CVE-2004-1555 (Multiple SQL injection vulnerabilities in BroadBoard Instant ASP ...)
 	NOT-FOR-US: BroadBoard Instant ASP Message Board
-CVE-2004-1554 (PHP remote code injection vulnerability in livre_include.php in @lex ...)
+CVE-2004-1554 (PHP remote file inclusion vulnerability in livre_include.php in @lex ...)
 	NOT-FOR-US: @lex GuestBook
 CVE-2004-1553 (SQL injection vulnerability in aspWebAlbum allows remote attackers to ...)
 	NOT-FOR-US: aspWebAlbum
@@ -2329,7 +2329,7 @@ CVE-2004-1537 (Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1
 	NOT-FOR-US: PHPKIT
 CVE-2004-1536 (SQL injection vulnerability in index.php in the ibProArcade module for ...)
 	NOT-FOR-US: Invision Power Board
-CVE-2004-1535 (PHP remote code injection vulnerability in admin_cash.php for the Cash ...)
+CVE-2004-1535 (PHP remote file inclusion vulnerability in admin_cash.php for the Cash ...)
 	NOT-FOR-US: Cash Mod module of phpbb2 
 CVE-2004-1534 (ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, ...)
 	NOT-FOR-US: ZoneAlarm
@@ -2559,7 +2559,7 @@ CVE-2004-1429 (ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of tim
 	NOT-FOR-US: ArGoSoft
 CVE-2004-1428 (ArGoSoft FTP before 1.4.2.1 generates an error message if the user ...)
 	NOT-FOR-US: ArGoSoft
-CVE-2004-1427 (PHP remote code injection vulnerability in main.inc in KorWeblog ...)
+CVE-2004-1427 (PHP remote file inclusion vulnerability in main.inc in KorWeblog ...)
 	NOT-FOR-US: KorWeblog
 CVE-2004-1426 (Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs ...)
 	NOT-FOR-US: KorWeblog
@@ -2567,15 +2567,15 @@ CVE-2004-1425 (Directory traversal vulnerability in file.php in Moodle 1.4.2 and
 	- moodle 1.4.3-1
 CVE-2004-1424 (Cross-site scripting (XSS) vulnerability in Moodle 1.4.2 and earlier ...)
 	- moodle 1.4.3-1
-CVE-2004-1423 (Multiple PHP remote code injection vulnerabilities in (1) calendar.php ...)
+CVE-2004-1423 (Multiple PHP remote file inclusion vulnerabilities in (1) calendar.php ...)
 	NOT-FOR-US: PHP-Calendar
 CVE-2004-1422 (WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain ...)
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-1421 (Multiple PHP remote code injection vulnerabilities (1) step_one.php, ...)
+CVE-2004-1421 (Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, ...)
 	NOT-FOR-US: WHM AutoPilot
 CVE-2004-1420 (Multiple cross-site scripting (XSS) vulnerabilities in header.php in ...)
 	NOT-FOR-US: WHM AutoPilot
-CVE-2004-1419 (PHP remote code injection vulnerability in ZeroBoard 4.1pl4 and ...)
+CVE-2004-1419 (PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and ...)
 	NOT-FOR-US: ZeroBoard
 CVE-2004-1418 (Cross-site scripting (XSS) vulnerability in WPKontakt 3.0.1 and ...)
 	NOT-FOR-US: WPKontakt
@@ -2607,7 +2607,7 @@ CVE-2004-1405 (MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does
 	- mediawiki 1.4.9 (bug #276057)
 CVE-2004-1404 (Attachment Mod 2.3.10 module for phpBB, when used with Apache ...)
 	NOT-FOR-US: Attachment Mod for phpBB
-CVE-2004-1403 (PHP remote code injection vulnerability in index.php in GNUBoard 3.39 ...)
+CVE-2004-1403 (PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 ...)
 	NOT-FOR-US: GNUBoard
 CVE-2004-1402 (SQL injection vulnerability in iWebNegar allows remote attackers to ...)
 	NOT-FOR-US: iWebNegar
@@ -3310,7 +3310,7 @@ CVE-2004-1096 (Archive::Zip Perl module before 1.14, when used by antivirus prog
 CVE-2004-1095 (Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) ...)
 	{DSA-608-1}
 	- zgv 5.7-1.3 (bug #284124)
-CVE-2004-1094 (Buffer overflow in a third-party compression library, InnerMedia ...)
+CVE-2004-1094 (Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version ...)
 	NOT-FOR-US: RealPlayer
 CVE-2004-1093 (Midnight commander (mc) 4.5.55 and earlier allows remote attackers to ...)
 	{DSA-639-1}
@@ -4546,7 +4546,7 @@ CVE-2004-0626 (The tcp_find_option function of the netfilter subsystem in Linux
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8)
 CVE-2004-0625 (SQL injection vulnerability in Infinity WEB 1.0 allows remote ...)
 	NOT-FOR-US: Infinity WEB
-CVE-2004-0624 (PHP remote code injection vulnerability in index.php for Artmedic ...)
+CVE-2004-0624 (PHP remote file inclusion vulnerability in index.php for Artmedic ...)
 	NOT-FOR-US: Artmedic links
 CVE-2004-0623 (Format string vulnerability in misc.c in GNU GNATS 4.00 may allow ...)
 	{DSA-590-1}
@@ -5323,7 +5323,7 @@ CVE-2004-0287 (Xlight FTP server 1.52 allows remote authenticated users to cause
 	NOT-FOR-US: Xlight FTP server 1.52; 
 CVE-2004-0286 (Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote ...)
 	NOT-FOR-US: RobotFTP; 
-CVE-2004-0285 (PHP remote code injection vulnerabilities in (1) AllMyVisitors, (2) ...)
+CVE-2004-0285 (PHP remote file inclusion vulnerabilities in (1) AllMyVisitors, (2) ...)
 	NOT-FOR-US: PHP scripts 
 CVE-2004-0284 (Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow ...)
 	NOT-FOR-US: MSIE bugs
@@ -5610,7 +5610,7 @@ CVE-2004-0134 (cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain
 CVE-2004-0133 (The XFS file system code in Linux 2.4.x has an information leak in ...)
 	- kernel-source-2.4.27 <not-affected> (Fixed before upload into archive; 2.4.26-rc2)
 	TODO: Check 2.6
-CVE-2004-0132 (Multiple PHP remote code injection vulnerabilities in ezContents 2.0.2 ...)
+CVE-2004-0132 (Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 ...)
 	NOT-FOR-US: ezContents
 CVE-2004-0130 (login.php in phpGedView 2.65 and earlier allows remote attackers to ...)
 	NOT-FOR-US: phpGedView
@@ -5698,7 +5698,7 @@ CVE-2004-0076
 	REJECTED
 CVE-2004-0074 (Multiple buffer overflows in xsok 1.02 allows local users to gain ...)
 	- xsok <not-affected> (Not vulnerable. See bug #278777)
-CVE-2004-0073 (PHP remote code injection vulnerability in (1) config.php and (2) ...)
+CVE-2004-0073 (PHP remote file inclusion vulnerability in (1) config.php and (2) ...)
 	NOT-FOR-US: EasyDynamicPages
 CVE-2004-0072 (Directory traversal vulnerability in Accipiter Direct Server 6.0 ...)
 	NOT-FOR-US: Accipiter Direct Server 6.0
@@ -5768,7 +5768,7 @@ CVE-2004-0037 (FirstClass Desktop Client 7.1 allows remote attackers to execute
 	NOT-FOR-US: FistClass Desktop Client
 CVE-2004-0034 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 ...)
 	NOT-FOR-US: Phorum
-CVE-2004-0030 (PHP remote code injection vulnerability in (1) functions.php, (2) ...)
+CVE-2004-0030 (PHP remote file inclusion vulnerability in (1) functions.php, (2) ...)
 	NOT-FOR-US: PHPGEDVIEW
 CVE-2004-0029 (Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration ...)
 	NOT-FOR-US: Lotus Notes Domino
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 2ae61301fc..6d3ed566cf 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -35,7 +35,7 @@ CVE-2005-4805 (Unspecified vulnerability in Sun Java System Application Server 7
 	NOT-FOR-US: Sun Java System Application Server
 CVE-2005-4804 (Unspecified vulnerability in Sun Java System Application Server ...)
 	NOT-FOR-US: Sun Java System Application Server
-CVE-2005-1755 (PHP remote code injection vulnerability in poll_vote.php in PHP Poll ...)
+CVE-2005-1755 (PHP remote file inclusion vulnerability in poll_vote.php in PHP Poll ...)
 	NOT-FOR-US: PHP Poll Creator
 CVE-2005-1754 (JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, ...)
 	NOT-FOR-US: JavaMail API
@@ -4751,7 +4751,7 @@ CVE-2005-2795
 CVE-2005-2794 (store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to ...)
 	{DSA-809-3 DSA-809-1}
 	- squid 2.5.10-5 (medium)
-CVE-2005-2793 (PHP remote code injection vulnerability in welcome.php in phpLDAPadmin ...)
+CVE-2005-2793 (PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin ...)
 	[sarge] - phpldapadmin <not-affected> (code not present in sarge)
 	- phpldapadmin 0.9.6c-7 (bug #325785; medium)
 	- egroupware <not-affected> (copy included is older and not vulnerable; bug #339583)
@@ -6730,7 +6730,7 @@ CVE-2005-1998 (Directory traversal vulnerability in admin.php in McGallery 1.1 a
 	NOT-FOR-US: McGallery
 CVE-2005-1997 (show.php in McGallery 1.1 allows remote attackers to connect to ...)
 	NOT-FOR-US: McGallery
-CVE-2005-1996 (PHP remote code injection vulnerability in start.php in Bitrix Site ...)
+CVE-2005-1996 (PHP remote file inclusion vulnerability in start.php in Bitrix Site ...)
 	NOT-FOR-US: Bitrix Site Manager
 CVE-2005-1995 (Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Bitrix Site Manager
@@ -6795,9 +6795,9 @@ CVE-2005-1967 (Multiple SQL injection vulnerabilities in ProductCart Ecommerce b
 	NOT-FOR-US: ProductCart Ecommerce
 CVE-2005-1966 (The eTrace_validaddr function in eTrace plugin for e107 portal allows ...)
 	NOT-FOR-US: e107
-CVE-2005-1965 (PHP remote code injection vulnerability in siteframe.php for Broadpool ...)
+CVE-2005-1965 (PHP remote file inclusion vulnerability in siteframe.php for Broadpool ...)
 	NOT-FOR-US: Broadpool Siteframe
-CVE-2005-1964 (PHP remote code injection vulnerability in utilit.php for Ovidentia ...)
+CVE-2005-1964 (PHP remote file inclusion vulnerability in utilit.php for Ovidentia ...)
 	NOT-FOR-US: Ovidentia Portal
 CVE-2005-1963 (Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: Cerberus Helpdesk
@@ -6978,7 +6978,7 @@ CVE-2005-1884 (Directory traversal vulnerability in the (1) rmdir or (2) mkdir .
 	NOT-FOR-US: YaPiG
 CVE-2005-1883 (global.php in YaPiG 0.92b allows remote attackers to include arbitrary ...)
 	NOT-FOR-US: YaPiG
-CVE-2005-1882 (PHP remote code injection vulnerability in last_gallery.php in YaPiG ...)
+CVE-2005-1882 (PHP remote file inclusion vulnerability in last_gallery.php in YaPiG ...)
 	NOT-FOR-US: YaPiG
 CVE-2005-1881 (upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict ...)
 	NOT-FOR-US: YaPiG
@@ -7002,9 +7002,9 @@ CVE-2005-1872 (Buffer overflow in the administrative console in IBM WebSphere ..
 	NOT-FOR-US: WebSphere
 CVE-2005-1871 (Unknown vulnerability in the privilege system in Drupal 4.4.0 through ...)
 	- drupal 4.5.3-1
-CVE-2005-1870 (PHP remote code injection vulnerability in childwindow.inc.php in ...)
+CVE-2005-1870 (PHP remote file inclusion vulnerability in childwindow.inc.php in ...)
 	NOT-FOR-US: Popper
-CVE-2005-1869 (PHP remote code injection vulnerability in start_lobby.php in MWChat ...)
+CVE-2005-1869 (PHP remote file inclusion vulnerability in start_lobby.php in MWChat ...)
 	NOT-FOR-US: MWChat
 CVE-2005-1868 (I-Man 0.9, and possibly earlier versions, allows remote attackers to ...)
 	NOT-FOR-US: I-Man
@@ -7014,7 +7014,7 @@ CVE-2005-1866 (Cross-site scripting (XSS) vulnerability in calendar.php in Calen
 	NOT-FOR-US: Calendarix
 CVE-2005-1865 (Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 ...)
 	NOT-FOR-US: Calendarix
-CVE-2005-1864 (PHP remote code injection vulnerability in cal_admintop.php in ...)
+CVE-2005-1864 (PHP remote file inclusion vulnerability in cal_admintop.php in ...)
 	NOT-FOR-US: Calendarix
 CVE-2005-1863
 	RESERVED
@@ -7129,7 +7129,7 @@ CVE-2005-1823 (Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam
 	NOT-FOR-US: Qualiteam X-Cart
 CVE-2005-1822 (Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow ...)
 	NOT-FOR-US: Qualiteam X-Cart
-CVE-2005-1821 (PHP remote code injection vulnerability in pdl_header.inc.php in ...)
+CVE-2005-1821 (PHP remote file inclusion vulnerability in pdl_header.inc.php in ...)
 	NOT-FOR-US: PowerDownload
 CVE-2005-1820 (zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote ...)
 	NOT-FOR-US: Zeroboard
@@ -7784,7 +7784,7 @@ CVE-2005-1528 (Untrusted search path vulnerability in the crttrap command in QNX
 CVE-2005-1527 (Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, ...)
 	{DSA-892-1}
 	- awstats 6.4-1.1 (bug #322591; bug #334833; bug #336137; medium)
-CVE-2005-1526 (PHP file inclusion vulnerability in config_settings.php in Cacti ...)
+CVE-2005-1526 (PHP remote file inclusion vulnerability in config_settings.php in ...)
 	{DSA-764-1}
 	- cacti 0.8.6e-1 (bug #315703; high)
 CVE-2005-1525 (SQL injection vulnerability in config_settings.php for Cacti before ...)
@@ -8011,7 +8011,7 @@ CVE-2005-1449 (Unknown vulnerability in serendipity_config_local.inc.php for ...
 	- serendipity 1.0-1
 CVE-2005-1448 (Cross-site scripting (XSS) vulnerability in the BBCode plugin for ...)
 	- serendipity 1.0-1
-CVE-2005-1447 (PHP remote code injection vulnerability in main.php in SitePanel 2.6.1 ...)
+CVE-2005-1447 (PHP remote file inclusion vulnerability in main.php in SitePanel 2.6.1 ...)
 	NOT-FOR-US: SitePanel
 CVE-2005-1446 (SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to ...)
 	NOT-FOR-US: SitePanel
@@ -8029,7 +8029,7 @@ CVE-2005-1440 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop
 	NOT-FOR-US: ViArt Shop
 CVE-2005-1439 (Directory traversal vulnerability in attachments.php in osTicket ...)
 	NOT-FOR-US: osTicket
-CVE-2005-1438 (PHP remote code injection vulnerability in main.php in osTicket allows ...)
+CVE-2005-1438 (PHP remote file inclusion vulnerability in main.php in osTicket allows ...)
 	NOT-FOR-US: osTicket
 CVE-2005-1437 (Multiple SQL injection vulnerabilities in osTicket allow remote ...)
 	NOT-FOR-US: osTicket
@@ -8153,7 +8153,7 @@ CVE-2005-1379 (The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on .
 	- lam <not-affected> (Mandrake specific packaging flaw)
 CVE-2005-1378 (SQL injection vulnerability in posting_notes.php in the notes module ...)
 	NOT-FOR-US: phpbb mod
-CVE-2005-1377 (Multiple PHP remote code injection vulnerabilities in Claroline 1.5.3 ...)
+CVE-2005-1377 (Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 ...)
 	NOT-FOR-US: Claroline
 CVE-2005-1376 (Multiple directory traversal vulnerabilities in (1) document.php or ...)
 	NOT-FOR-US: Claroline
@@ -8195,7 +8195,7 @@ CVE-2005-1362 (Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal
 	NOT-FOR-US: MetaCart
 CVE-2005-1361 (Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow ...)
 	NOT-FOR-US: MetaCart
-CVE-2005-1360 (PHP remote code injection vulnerability in error.php in GrayCMS 1.1 ...)
+CVE-2005-1360 (PHP remote file inclusion vulnerability in error.php in GrayCMS 1.1 ...)
 	NOT-FOR-US: GrayCMS
 CVE-2005-1359 (Cross-site scripting (XSS) vulnerability in text.cgi script allows ...)
 	NOT-FOR-US: text.cgi
@@ -8296,7 +8296,7 @@ CVE-2005-1314 (Cross-site scripting (XSS) vulnerability in Horde Kronolith modul
 	- kronolith 1.1.4-1
 CVE-2005-1313 (Cross-site scripting (XSS) vulnerability in Horde Passwd module before ...)
 	- sork-passwd 2.2.2-1
-CVE-2005-1312 (PHP remote code injection vulnerability in Yappa-NG before 2.3.2 ...)
+CVE-2005-1312 (PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 ...)
 	NOT-FOR-US: Yappa-NG
 CVE-2005-1311 (Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 ...)
 	NOT-FOR-US: Yappa-NG
@@ -8544,7 +8544,7 @@ CVE-2005-1202 (Multiple cross-site scripting (XSS) vulnerabilities in eGroupware
 	- egroupware 1.0.0.007-2.dfsg-1
 CVE-2005-1201 (Multiple directory traversal vulnerabilities in AZ Bulletin board ...)
 	NOT-FOR-US: AZbb
-CVE-2005-1200 (PHP remote code injection vulnerability in main_index.php in AZ ...)
+CVE-2005-1200 (PHP remote file inclusion vulnerability in main_index.php in AZ ...)
 	NOT-FOR-US: AZbb
 CVE-2005-1199 (SQL injection vulnerability in printthread.php in UBB.Threads allows ...)
 	NOT-FOR-US: UBB.threads
@@ -8735,7 +8735,7 @@ CVE-2005-1119 (Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbit
 	NOTE: That's a policy violation, but not a security problem
 CVE-2005-1118 (Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the ...)
 	NOT-FOR-US: RSA authentication agent
-CVE-2005-1117 (PHP remote code injection vulnerability in index.php in ...)
+CVE-2005-1117 (PHP remote file inclusion vulnerability in index.php in ...)
 	NOT-FOR-US: All4WWW Homepage creator
 CVE-2005-1116 (Cross-site scripting (XSS) vulnerability in the Calendar module for ...)
 	NOT-FOR-US: phpbb2 calendar addon
@@ -8871,7 +8871,7 @@ CVE-2005-1056 (Unknown vulnerability in HP OpenView Network Node Manager (NMM) 6
 	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2005-1055 (TowerBlog 0.6 and earlier stores the login data file under the web ...)
 	NOT-FOR-US: TowerBlog
-CVE-2005-1054 (PHP remote code injection vulnerability in news.php in ModernBill ...)
+CVE-2005-1054 (PHP remote file inclusion vulnerability in news.php in ModernBill ...)
 	NOT-FOR-US: ModernBill
 CVE-2005-1053 (Multiple cross-site scripting (XSS) vulnerabilities in orderwiz.php in ...)
 	NOT-FOR-US: ModernBill
@@ -9041,7 +9041,7 @@ CVE-2005-0982 (Multiple cross-site scripting (XSS) vulnerabilities in Yet Anothe
 	NOT-FOR-US: Yet Another Forum.net
 CVE-2005-0981 (Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay ...)
 	NOT-FOR-US: Alstrasoft EPay
-CVE-2005-0980 (PHP remote code injection vulnerability in index.php in AlstraSoft ...)
+CVE-2005-0980 (PHP remote file inclusion vulnerability in index.php in AlstraSoft ...)
 	NOT-FOR-US: Alstrasoft EPay
 CVE-2005-0979 (Multiple buffer overflows in RUMBA 7.3 and earlier allow remote ...)
 	NOT-FOR-US: Rumba
@@ -9154,7 +9154,7 @@ CVE-2005-0933 (Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.
 	NOT-FOR-US: phpCOIN
 CVE-2005-0932 (Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier ...)
 	NOT-FOR-US: phpCOIN
-CVE-2005-0931 (PHP remote code injection vulnerability in The Includer 1.0 and 1.1 ...)
+CVE-2005-0931 (PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 ...)
 	NOT-FOR-US: The Includer
 CVE-2005-0930 (Cross-site scripting (XSS) vulnerability in message.php in Chatness ...)
 	NOT-FOR-US: Chatness
@@ -9183,7 +9183,7 @@ CVE-2005-0919 (Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to i
 	NOT-FOR-US: Adventia E-Data
 CVE-2005-0918 (The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, ...)
 	NOT-FOR-US: Adobe SVG Viewer
-CVE-2005-0917 (PHP remote code injection vulnerability in index_header.php for ...)
+CVE-2005-0917 (PHP remote file inclusion vulnerability in index_header.php for ...)
 	NOT-FOR-US: EncapsBB 
 CVE-2005-0916 (AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with ...)
 	- kernel-source-2.6.8 2.6.8-16
@@ -9202,7 +9202,7 @@ CVE-2005-0911 (Multiple SQL injection vulnerabilities in exoops may allow remote
 	NOT-FOR-US: exoops
 CVE-2005-0910 (Multiple cross-site scripting (XSS) vulnerabilities in exoops allow ...)
 	NOT-FOR-US: exoops
-CVE-2005-0909 (PHP remote code injection vulnerability in shoutact.php for TKai's ...)
+CVE-2005-0909 (PHP remote file inclusion vulnerability in shoutact.php for TKai's ...)
 	NOT-FOR-US: THai's Shoutbox
 CVE-2005-0908 (Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft ...)
 	NOT-FOR-US: Valdersoft Shopping Cart
@@ -9226,7 +9226,7 @@ CVE-2005-0899 (AS/400 running OS400 5.2 installs and enables LDAP by default, wh
 	NOT-FOR-US: AS/400 running OS400
 CVE-2005-0898 (Cross-site scripting (XSS) vulnerability in downloadform.php in ...)
 	NOT-FOR-US: E-Store Kit-2 PayPal Edition
-CVE-2005-0897 (PHP remote code injection vulnerability in catalog.php in E-Store ...)
+CVE-2005-0897 (PHP remote file inclusion vulnerability in catalog.php in E-Store ...)
 	NOT-FOR-US: E-Store Kit-2 PayPal Edition
 CVE-2005-0896 (Multiple cross-site scripting (XSS) vulnerabilities in review.php in ...)
 	NOT-FOR-US: phpMyDirectory
@@ -9310,13 +9310,13 @@ CVE-2005-0864 (The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 an
 	NOT-FOR-US: Samsung ASDL modems, Debian's boa has been fixed years ago
 CVE-2005-0863 (Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows ...)
 	NOT-FOR-US: PHPOpenChat
-CVE-2005-0862 (Multiple PHP remote code injection vulnerabilities in PHPOpenChat ...)
+CVE-2005-0862 (Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat ...)
 	NOT-FOR-US: PHPOpenChat
 CVE-2005-0861 (Multiple buffer overflows in DeleGate before 8.11.1 may allow ...)
 	NOT-FOR-US: Delegate 
-CVE-2005-0860 (PHP remote code injection vulnerability in TRG News Script 3.0 allows ...)
+CVE-2005-0860 (PHP remote file inclusion vulnerability in TRG News Script 3.0 allows ...)
 	NOT-FOR-US: TRG News Script
-CVE-2005-0859 (PHP remote code injection vulnerability in CzarNews 1.13b allows ...)
+CVE-2005-0859 (PHP remote file inclusion vulnerability in CzarNews 1.13b allows ...)
 	NOT-FOR-US: CzarNews
 CVE-2005-0858 (Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier ...)
 	NOT-FOR-US: CoolForum
@@ -9443,7 +9443,7 @@ CVE-2005-0802 (Cross-site scripting (XSS) vulnerability in search.asp in ACS Blo
 	NOT-FOR-US: ACS Blog
 CVE-2005-0801 (Directory traversal vulnerability in includer.cgi in The Includer ...)
 	NOT-FOR-US: The Includer
-CVE-2005-0800 (PHP remote code injection vulnerability in install.php in mcNews 1.3 ...)
+CVE-2005-0800 (PHP remote file inclusion vulnerability in install.php in mcNews 1.3 ...)
 	NOT-FOR-US: mcNews
 CVE-2005-0799 (MySQL 4.1.9, and possibly earlier versions, allows remote attackers ...)
 	NOT-FOR-US: MySQL on Windows
@@ -9457,7 +9457,7 @@ CVE-2005-0795 (HolaCMS 1.4.9 does not restrict file access to the holaDB/votes .
 	NOT-FOR-US: Hola CMS
 CVE-2005-0794 (ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation ...)
 	NOT-FOR-US: ZPanel 
-CVE-2005-0793 (PHP remote code injection vulnerability in zpanel.php in ZPanel allows ...)
+CVE-2005-0793 (PHP remote file inclusion vulnerability in zpanel.php in ZPanel allows ...)
 	NOT-FOR-US: ZPanel 
 CVE-2005-0792 (SQL injection vulnerability in ZPanel 2.0 allows remote attackers to ...)
 	NOT-FOR-US: ZPanel 
@@ -9570,7 +9570,7 @@ CVE-2005-0787 (Wine 20050211 and earlier creates temp files with world readable
 	- wine 0.0.20050310-1.1
 CVE-2005-0769 (Multiple buffer overflows in OpenSLP before 1.1.5 allow remote ...)
 	- openslp 1.0.11a-2
-CVE-2005-0748 (PHP remote code injection vulnerability in initdb.php for WEBInsta ...)
+CVE-2005-0748 (PHP remote file inclusion vulnerability in initdb.php for WEBInsta ...)
 	NOT-FOR-US: WEBInsta
 CVE-2005-0747 (ApplyYourself i-Class allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: ApplyYourself
@@ -9627,9 +9627,9 @@ CVE-2005-0723 (Cross-site scripting (XSS) vulnerability in the jumpmenu function
 	NOT-FOR-US: paFileDB
 CVE-2005-0722 (eXPerience2 allows remote attackers to obtain the full path for the ...)
 	NOT-FOR-US: eXPerience2
-CVE-2005-0721 (PHP remote code injection vulnerability in modules.php in eXPerience2 ...)
+CVE-2005-0721 (PHP remote file inclusion vulnerability in modules.php in eXPerience2 ...)
 	NOT-FOR-US: eXPerience2
-CVE-2005-0720 (PHP remote code injection vulnerability in header.php in PHP mcNews ...)
+CVE-2005-0720 (PHP remote file inclusion vulnerability in header.php in PHP mcNews ...)
 	NOT-FOR-US: mcNews
 CVE-2005-0719 (Unknown vulnerability in the systems message queue in HP Tru64 Unix ...)
 	NOT-FOR-US: Tru64
@@ -9683,7 +9683,7 @@ CVE-2005-0700 (The export_index action in myadmin.php for Aztek Forum 4.0 allows
 	NOT-FOR-US: Aztek
 CVE-2005-0699 (Multiple buffer overflows in the dissect_a11_radius function in the ...)
 	- ethereal 0.10.9-2
-CVE-2005-0698 (PHP remote code injection vulnerability in PHPWebLog 0.5.3 and earlier ...)
+CVE-2005-0698 (PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier ...)
 	NOT-FOR-US: PHPWebLog
 CVE-2005-0697 (SQL injection vulnerability in the process_picture function ...)
 	NOT-FOR-US: CopperExport
@@ -9697,7 +9697,7 @@ CVE-2005-0693 (Buffer overflow in JoWood Chaser 1.50 and earlier allows remote .
 	NOT-FOR-US: JoWood Chaser (for Windows)
 CVE-2005-0692 (Cross-site scripting (XSS) vulnerability in fusion_core.php for ...)
 	NOT-FOR-US: PHP-Fusion 
-CVE-2005-0691 (PHP remote code injection vulnerability in article mode for ...)
+CVE-2005-0691 (PHP remote file inclusion vulnerability in article mode for ...)
 	NOT-FOR-US: SocialMPN 
 CVE-2005-0690 (Gene6 FTP Server does not properly restrict access to the control ...)
 	NOT-FOR-US: Gene6 FTP Server for Win
@@ -9719,11 +9719,11 @@ CVE-2005-0682 (Cross-site scripting (XSS) vulnerability in common.inc in Drupal
 	- drupal 4.5.2
 CVE-2005-0681 (Nokia Symbian 60 allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Nokia
-CVE-2005-0680 (PHP remote code injection vulnerability in ...)
+CVE-2005-0680 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: Download Center Lite 
-CVE-2005-0679 (PHP remote code injection vulnerability in tell_a_friend.inc.php for ...)
+CVE-2005-0679 (PHP remote file inclusion vulnerability in tell_a_friend.inc.php for ...)
 	NOT-FOR-US: Tell A Friend Script 
-CVE-2005-0678 (PHP remote code injection vulnerability in formmail.inc.php for Form ...)
+CVE-2005-0678 (PHP remote file inclusion vulnerability in formmail.inc.php for Form ...)
 	NOT-FOR-US: Form Mail Script 
 CVE-2005-0677 (index.php for Zorum 3.5 allows remote attackers to perform certain ...)
 	NOT-FOR-US: Zorum 
@@ -9973,7 +9973,7 @@ CVE-2005-0569 (Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remot
 	NOT-FOR-US: PunBB
 CVE-2005-0568 (Soldier of Fortune II 1.03 gold allows remote attackers to cause a ...)
 	NOT-FOR-US: Soldier of Fortune II
-CVE-2005-0567 (Multiple PHP remote code injection vulnerabilities in phpMyAdmin 2.6.1 ...)
+CVE-2005-0567 (Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 ...)
 	- phpmyadmin 3:2.6.1-pl2-1
 CVE-2005-0566 (Buffer overflow in Golden FTP Server Pro 2.x allows remote attackers ...)
 	NOT-FOR-US: Golden FTP Server
@@ -10096,9 +10096,9 @@ CVE-2005-0515 (Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other ..
 	NOT-FOR-US: My Firewall Plus
 CVE-2005-0514 (Cross-site scripting (XSS) vulnerability in Verity Ultraseek before ...)
 	NOT-FOR-US: Verity Ultraseek
-CVE-2005-0513 (PHP remote code injection vulnerability in mail_autocheck.php in the ...)
+CVE-2005-0513 (PHP remote file inclusion vulnerability in mail_autocheck.php in the ...)
 	NOT-FOR-US: pMachine
-CVE-2005-0512 (PHP remote code injection vulnerability in Tar.php in Mambo 4.5.2 ...)
+CVE-2005-0512 (PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 ...)
 	NOT-FOR-US: Mambo
 CVE-2005-0511 (Direct code injection vulnerability in misc.php for vBulletin 3.0.6 ...)
 	NOT-FOR-US: vBulletin
@@ -10412,7 +10412,7 @@ CVE-2005-0382 (Breed patch 1 and earlier allows remote attackers to cause a deni
 	NOT-FOR-US: Breed game
 CVE-2005-0381 (Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 ...)
 	NOT-FOR-US: forumKIT
-CVE-2005-0380 (Multiple PHP remote code injection vulnerabilities in (1) ...)
+CVE-2005-0380 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
 	NOT-FOR-US: ZeroBoard
 CVE-2005-0379 (Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and ...)
 	NOT-FOR-US: ZeroBoard
@@ -10421,7 +10421,7 @@ CVE-2005-0378 (Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0
 	TODO: check horde3
 CVE-2005-0377 (SQL injection vulnerability in imageview.php for SGallery 1.01 allows ...)
 	NOT-FOR-US: sgallery
-CVE-2005-0376 (PHP remote code injection vulnerability in SGallery 1.01 allows local ...)
+CVE-2005-0376 (PHP remote file inclusion vulnerability in SGallery 1.01 allows local ...)
 	NOT-FOR-US: sgallery
 CVE-2005-0375 (imageview.php in SGallery 1.01 allows remote attackers to obtain ...)
 	NOT-FOR-US: sgallery
@@ -10932,7 +10932,7 @@ CVE-2005-0154
 	RESERVED
 CVE-2005-0153
 	RESERVED
-CVE-2005-0152 (PHP remote code injection vulnerability in Squirrelmail 1.2.6 allows ...)
+CVE-2005-0152 (PHP remote file inclusion vulnerability in Squirrelmail 1.2.6 allows ...)
 	{DSA-662-1}
 	- squirrelmail 1:1.2.7-1
 	NOTE: This bug exists only in version 1.2.6.
@@ -11054,7 +11054,7 @@ CVE-2005-0105 (Unknown vulnerability in typespeed 0.4.1 and earlier allows local
 CVE-2005-0104 (Cross-site scripting (XSS) vulnerability in webmail.php in ...)
 	{DSA-662-1}
 	- squirrelmail 2:1.4.4
-CVE-2005-0103 (PHP remote code injection vulnerability in webmail.php in SquirrelMail ...)
+CVE-2005-0103 (PHP remote file inclusion vulnerability in webmail.php in SquirrelMail ...)
 	- squirrelmail 2:1.4.4-1
 CVE-2005-0102 (Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier ...)
 	{DSA-673-1}
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index a0c2216e76..268044d825 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -1,3 +1,221 @@
+CVE-2006-4731 (Directory traversal vulnerability in login.pl in (1) SQL-Ledger before ...)
+	TODO: check
+CVE-2006-4730
+	RESERVED
+CVE-2006-4729
+	RESERVED
+CVE-2006-4728
+	RESERVED
+CVE-2006-4727
+	RESERVED
+CVE-2006-4726
+	RESERVED
+CVE-2006-4725
+	RESERVED
+CVE-2006-4724
+	RESERVED
+CVE-2006-4723 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-4722 (PHP remote file inclusion vulnerability in Open Bulletin Board ...)
+	TODO: check
+CVE-2006-4721 (Directory traversal vulnerability in admin.php in CCleague Pro Sports ...)
+	TODO: check
+CVE-2006-4720 (PHP remote file inclusion vulnerability in random2.php in mcGalleryPRO ...)
+	TODO: check
+CVE-2006-4719 (Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb ...)
+	TODO: check
+CVE-2006-4718 (Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in ...)
+	TODO: check
+CVE-2006-4717 (The login redirection mechanism in the Drupal 4.7 Pubcookie module ...)
+	TODO: check
+CVE-2006-4716 (PHP remote file inclusion vulnerability in demarrage.php in Fire Soft ...)
+	TODO: check
+CVE-2006-4715 (SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo ...)
+	TODO: check
+CVE-2006-4714 (PHP remote file inclusion vulnerability in index.php in SpoonLabs ...)
+	TODO: check
+CVE-2006-4713 (PHP remote file inclusion vulnerability in config.php in PSYWERKS PUMA ...)
+	TODO: check
+CVE-2006-4712 (Multiple cross-site scripting (XSS) vulnerabilities in Sage allow ...)
+	TODO: check
+CVE-2006-4711 (Multiple cross-site scripting (XSS) vulnerabilities in Sage allow ...)
+	TODO: check
+CVE-2006-4710 (Multiple cross-site scripting (XSS) vulnerabilities in NewsGator ...)
+	TODO: check
+CVE-2006-4709 (SQL injection vulnerability in topic.php in Vikingboard 0.1b allows ...)
+	TODO: check
+CVE-2006-4708 (Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard ...)
+	TODO: check
+CVE-2006-4707 (Cross-site scripting (XSS) vulnerability in admin/global.php (aka the ...)
+	TODO: check
+CVE-2006-4706 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in ...)
+	TODO: check
+CVE-2006-4705 (SQL injection vulnerability in login.php in dwayner79 and Dominic ...)
+	TODO: check
+CVE-2006-4704
+	RESERVED
+CVE-2006-4703
+	RESERVED
+CVE-2006-4702
+	RESERVED
+CVE-2006-4701
+	RESERVED
+CVE-2006-4700
+	RESERVED
+CVE-2006-4699
+	RESERVED
+CVE-2006-4698
+	RESERVED
+CVE-2006-4697
+	RESERVED
+CVE-2006-4696
+	RESERVED
+CVE-2006-4695
+	RESERVED
+CVE-2006-4694
+	RESERVED
+CVE-2006-4693
+	RESERVED
+CVE-2006-4692
+	RESERVED
+CVE-2006-4691
+	RESERVED
+CVE-2006-4690
+	RESERVED
+CVE-2006-4689
+	RESERVED
+CVE-2006-4688
+	RESERVED
+CVE-2006-4687
+	RESERVED
+CVE-2006-4686
+	RESERVED
+CVE-2006-4685
+	RESERVED
+CVE-2006-4684
+	RESERVED
+CVE-2006-4683 (IBM Director before 5.10 allows remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2006-4682 (Multiple unspecified vulnerabilities in IBM Director before 5.10 allow ...)
+	TODO: check
+CVE-2006-4681 (Directory traversal vulnerability in Redirect.bat in IBM Director ...)
+	TODO: check
+CVE-2006-4680 (The Remote UI in Canon imageRUNNER includes usernames and passwords ...)
+	TODO: check
+CVE-2006-4679 (DokuWiki before 2006-03-09c enables the debug feature by default, ...)
+	TODO: check
+CVE-2006-4678 (PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows ...)
+	TODO: check
+CVE-2006-4677 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-4676 (TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and ...)
+	TODO: check
+CVE-2006-4675 (Unrestricted file upload vulnerability in lib/exe/media.php in ...)
+	TODO: check
+CVE-2006-4674 (Direct static code injection vulnerability in doku.php in DokuWiki ...)
+	TODO: check
+CVE-2006-4673 (Global variable overwrite vulnerability in maincore.php in PHP-Fusion ...)
+	TODO: check
+CVE-2006-4672 (PHP remote file inclusion vulnerability in profitCode ppalCart 2.5 EE, ...)
+	TODO: check
+CVE-2006-4671 (PHP remote file inclusion vulnerability in headlines.php in Fantastic ...)
+	TODO: check
+CVE-2006-4670 (Multiple PHP remote file inclusion vulnerabilities in PhotoKorn ...)
+	TODO: check
+CVE-2006-4669 (PHP remote file inclusion vulnerability in admin/system/include.php in ...)
+	TODO: check
+CVE-2006-4668 (Cross-site scripting (XSS) vulnerability in index.php in Rob Hensley ...)
+	TODO: check
+CVE-2006-4667 (Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote ...)
+	TODO: check
+CVE-2006-4666 (Multiple PHP remote file inclusion vulnerabilities in WM-News 0.5 ...)
+	TODO: check
+CVE-2006-4665 (Cross-site scripting (XSS) vulnerability in index.php in MKPortal M1.1 ...)
+	TODO: check
+CVE-2006-4664 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-4663 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-4662 (Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ ...)
+	TODO: check
+CVE-2006-4661 (AOL ICQ Toolbar 1.3 for Internet Explorer (toolbaru.dll) does not ...)
+	TODO: check
+CVE-2006-4660 (Multiple cross-site scripting (XSS) vulnerabilities in the RSS Feed ...)
+	TODO: check
+CVE-2006-4659 (The Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 ...)
+	TODO: check
+CVE-2006-4658 (Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses ...)
+	TODO: check
+CVE-2006-4657 (Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 ...)
+	TODO: check
+CVE-2006-4656 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-4655 (Buffer overflow in the Strcmp function in the XKEYBOARD extension in X ...)
+	TODO: check
+CVE-2006-4654 (Format string vulnerability in Easy Address Book Web Server 1.2 allows ...)
+	TODO: check
+CVE-2006-4653 ((1) Amazing Little Poll and (2) Amazing Little Picture Poll store ...)
+	TODO: check
+CVE-2006-4652 ((1) Amazing Little Poll and (2) Amazing Little Picture Poll have a ...)
+	TODO: check
+CVE-2006-4651 (Directory traversal vulnerability in download/index.php, and possibly ...)
+	TODO: check
+CVE-2006-4650 (Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the ...)
+	TODO: check
+CVE-2006-4649 (PHP remote file inclusion vulnerability in bp_news.php in BinGo News ...)
+	TODO: check
+CVE-2006-4648 (PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News ...)
+	TODO: check
+CVE-2006-4647 (PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 ...)
+	TODO: check
+CVE-2006-4646 (Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Pathauto ...)
+	TODO: check
+CVE-2006-4645 (PHP remote file inclusion vulnerability in akarru.gui/main_content.php ...)
+	TODO: check
+CVE-2006-4644 (PHP remote file inclusion vulnerability in modules/home.module.php in ...)
+	TODO: check
+CVE-2006-4643 (SQL injection vulnerability in consult/joueurs.php in Uni-Vert ...)
+	TODO: check
+CVE-2006-4642 (AuditWizard 6.3.2, when using &quot;Remote Audit,&quot; logs the administrator ...)
+	TODO: check
+CVE-2006-4641 (SQL injection vulnerability in kategori.asp in Muratsoft Haber Portal ...)
+	TODO: check
+CVE-2006-4640 (Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows ...)
+	TODO: check
+CVE-2006-4639 (Multiple PHP remote file inclusion vulnerabilities in C-News.fr C-News ...)
+	TODO: check
+CVE-2006-4638 (PHP remote file inclusion vulnerability in article.php in ACGV News ...)
+	TODO: check
+CVE-2006-4637 (Multiple PHP remote file inclusion vulnerabilities in ACGV News 0.9.1 ...)
+	TODO: check
+CVE-2006-4636 (Directory traversal vulnerability in SZEWO PhpCommander 3.0 and ...)
+	TODO: check
+CVE-2006-4635 (Unspecified vulnerability in MySource Classic 2.14.6, and possibly ...)
+	TODO: check
+CVE-2006-4634 (Cross-site scripting (XSS) vulnerability in index.php in VBZooM allows ...)
+	TODO: check
+CVE-2006-4633 (index.php in SoftBB 0.1, and possibly earlier, allows remote attackers ...)
+	TODO: check
+CVE-2006-4632 (Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly ...)
+	TODO: check
+CVE-2006-4631 (Direct static code injection vulnerability in admin/save_opt.php in ...)
+	TODO: check
+CVE-2006-4630 (PHP remote file inclusion vulnerability in jscript.php in Sky GUNNING ...)
+	TODO: check
+CVE-2006-4629 (PHP remote file inclusion vulnerability in affichage/commentaires.php ...)
+	TODO: check
+CVE-2006-4628 (Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows ...)
+	TODO: check
+CVE-2006-4627 (System Information ActiveX control (msinfo.dll), when accessed via ...)
+	TODO: check
+CVE-2006-4626 (Heap-based buffer overflow in alwil avast! Anti-virus Engine before ...)
+	TODO: check
+CVE-2006-4625 (PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass ...)
+	TODO: check
+CVE-2006-4624 (CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 ...)
+	TODO: check
+CVE-2006-4623 (The Unidirectional Lightweight Encapsulation (ULE) decapsulation ...)
+	TODO: check
 CVE-2006-XXXX [gnutls signature forgery]
 	NOTE: GNUTLS-SA-2006-4
 	NOTE: fix for gnutls13 reverted in 1.4.3-2
@@ -15,7 +233,7 @@ CVE-2006-4621 (PHP remote file inclusion vulnerability in settings.php in Pheap
 	NOT-FOR-US: Pheap
 CVE-2006-4620 (The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with ...)
 	NOT-FOR-US: Alt-N WebAdmin
-CVE-2006-4619 (The start update window in Avira AntiVir PersonalEdition Classic ...)
+CVE-2006-4619 (The start update window in update.exe in Avira AntiVir PersonalEdition ...)
 	NOT-FOR-US: Avira
 CVE-2006-4618 (PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in ...)
 	- libphp-adodb <not-affected> (vulnerable code seems to be In-link specific)
@@ -132,7 +350,7 @@ CVE-2006-4565
 	RESERVED
 CVE-2006-4564 (SQL injection vulnerability in Sources/ManageBoards.php in Simple ...)
 	NOT-FOR-US: Simple Machines Forum
-CVE-2006-4563 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke ...)
+CVE-2006-4563 (Cross-site scripting (XSS) vulnerability in the MyHeadlines before ...)
 	NOT-FOR-US: PHP-Nuke
 CVE-2006-4562 (** DISPUTED ** ...)
 	NOT-FOR-US: Symantec
@@ -507,31 +725,31 @@ CVE-2006-4391
 	RESERVED
 CVE-2006-4390
 	RESERVED
-CVE-2006-4389
-	RESERVED
-CVE-2006-4388
-	RESERVED
+CVE-2006-4389 (Apple QuickTime before 7.1.3 allows user-assisted remote attackers to ...)
+	TODO: check
+CVE-2006-4388 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
+	TODO: check
 CVE-2006-4387
 	RESERVED
-CVE-2006-4386
-	RESERVED
-CVE-2006-4385
-	RESERVED
-CVE-2006-4384
-	RESERVED
+CVE-2006-4386 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
+	TODO: check
+CVE-2006-4385 (Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
+	TODO: check
+CVE-2006-4384 (Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows ...)
+	TODO: check
 CVE-2006-4383
 	RESERVED
-CVE-2006-4382
-	RESERVED
-CVE-2006-4381
-	RESERVED
+CVE-2006-4382 (Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
+	TODO: check
+CVE-2006-4381 (Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted ...)
+	TODO: check
 CVE-2006-4380 (MySQL before 4.1.13 allows local users to cause a denial of service ...)
 	{DSA-1169}
 	- mysql-dfsg-5.0 <not-affected> (only 4.1 affected)
 	- mysql-dfsg <not-affected> (only 4.1 affected)
 	- mysql-dfsg-4.1 <removed>
-CVE-2006-4379
-	RESERVED
+CVE-2006-4379 (Stack-based buffer overflow in the SMTP Daemon in Ipswitch ...)
+	TODO: check
 CVE-2006-4378 (** DISPUTED ** ...)
 	NOT-FOR-US: Rssxt component for Joomla! (com_rssxt)
 CVE-2006-4377 (Multiple SQL injection vulnerabilities in Guder und Koch ...)
@@ -607,7 +825,7 @@ CVE-2006-4343
 CVE-2006-4342
 	RESERVED
 CVE-2006-4341
-	RESERVED
+	REJECTED
 CVE-2006-4340
 	RESERVED
 CVE-2006-4339 (OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, ...)
@@ -694,7 +912,7 @@ CVE-2006-4306 (Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821
 	NOT-FOR-US: Solaris
 CVE-2006-4305 (Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote ...)
 	- maxdb-7.5.00 <unfixed> (high; bug #386182)
-CVE-2006-4304 (Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1 and ...)
+CVE-2006-4304 (Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD ...)
 	NOT-FOR-US: FreeBSD NetBSD
 CVE-2006-4303 (Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun ...)
 	NOT-FOR-US: Solaris
@@ -714,8 +932,8 @@ CVE-2006-4296 (PHP remote file inclusion vulnerability in classes/Tar.php in ...
 	NOT-FOR-US: bigAPE-Backup component (com_babackup) for Mambo
 CVE-2006-4295 (Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ...)
 	NOT-FOR-US: Panda ActiveScan
-CVE-2006-4294
-	RESERVED
+CVE-2006-4294 (Directory traversal vulnerability in viewfile in TWiki 4.0.0 through 4.0.4 ...)
+	TODO: check
 CVE-2006-4293 (Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow ...)
 	NOT-FOR-US: cPanel
 CVE-2006-4292 (Unspecified vulnerability in Niels Provos Honeyd before 1.5b allows ...)
@@ -960,7 +1178,7 @@ CVE-2006-4182
 CVE-2006-4181
 	RESERVED
 CVE-2006-4180
-	RESERVED
+	REJECTED
 CVE-2006-4179
 	RESERVED
 CVE-2006-4178
@@ -1619,8 +1837,8 @@ CVE-2006-3875
 	RESERVED
 CVE-2006-3874
 	RESERVED
-CVE-2006-3873
-	RESERVED
+CVE-2006-3873 (Heap-based buffer overflow in URLMON.DLL in Microsoft Internet ...)
+	TODO: check
 CVE-2006-3872
 	RESERVED
 CVE-2006-3871
@@ -1936,7 +2154,7 @@ CVE-2006-3763 (SQL injection vulnerability in category.php in Diesel Joke Site a
 	NOT-FOR-US: Diesel Joke Site
 CVE-2006-3762 (The Touch Control ActiveX control 2.0.0.55 allows remote attackers to ...)
 	NOT-FOR-US: Touch Control ActiveX control
-CVE-2006-3761 (Cross-site scripting (XSS) vulnerability in inc/function_post.php in ...)
+CVE-2006-3761 (Cross-site scripting (XSS) vulnerability in inc/functions_post.php in ...)
 	NOT-FOR-US: MyBB
 CVE-2006-3760 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) ...)
 	NOT-FOR-US: MyBB
@@ -2330,9 +2548,9 @@ CVE-2006-3590 (mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allow
 	NOT-FOR-US: Microsoft PowerPoint
 CVE-2006-3589 (vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure ...)
 	NOT-FOR-US: VMware
-CVE-2006-3588 (Unspecified vulnerability in Macromedia Flash Player 8.0.24.0 allows ...)
+CVE-2006-3588 (Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 ...)
 	NOT-FOR-US: Macromedia Flash Player 8
-CVE-2006-3587 (Unspecified vulnerability in Macromedia Flash Player 8.0.24.0 allows ...)
+CVE-2006-3587 (Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 ...)
 	NOT-FOR-US: Macromedia Flash Player 8
 CVE-2006-3586 (SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote ...)
 	NOT-FOR-US: Jetbox CMS
@@ -2633,8 +2851,8 @@ CVE-2006-3444 (Unspecified vulnerability in the kernel in Microsoft Windows 2000
 	NOT-FOR-US: Microsoft
 CVE-2006-3443 (Untrusted search path vulnerability in Winlogon in Microsoft Windows ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-3442
-	RESERVED
+CVE-2006-3442 (Unspecified vulnerability in Pragmatic General Multicast (PGM) in ...)
+	TODO: check
 CVE-2006-3441 (Buffer overflow in the DNS Client service in Microsoft Windows 2000 ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-3440 (Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP ...)
@@ -2916,8 +3134,8 @@ CVE-2006-3313 (Cross-site scripting (XSS) vulnerability in search.jsp in Netsoft
 	NOT-FOR-US: Netsoft smartNet
 CVE-2006-3312 (Multiple cross-site scripting (XSS) vulnerabilities in ashmans and ...)
 	NOT-FOR-US: QaTraq
-CVE-2006-3311
-	RESERVED
+CVE-2006-3311 (Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash ...)
+	TODO: check
 CVE-2006-3310
 	RESERVED
 CVE-2006-3309 (SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal ...)
@@ -4368,8 +4586,8 @@ CVE-2006-2660 (Buffer consumption vulnerability in the tempnam function in PHP 5
 	NOTE: tempnam function is taking unsanitized input, it's an
 	NOTE: application error
 	- php5 5.1.6-1 (low)
-CVE-2006-2658
-	RESERVED
+CVE-2006-2658 (Directory traversal vulnerability in the xsp component in mod_mono in ...)
+	TODO: check
 CVE-2006-2657
 	REJECTED
 CVE-2006-2655 (The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally ...)
@@ -4749,8 +4967,8 @@ CVE-2006-2484 (Cross-site scripting (XSS) vulnerability in index.html in IceWarp
 	NOT-FOR-US: IceWarp
 CVE-2006-2483 (PHP remote file inclusion vulnerability in cart_content.php in ...)
 	NOT-FOR-US: Squirrelcart
-CVE-2006-2482
-	RESERVED
+CVE-2006-2482 (Heap-based buffer overflow in ZipTV for Delphi 7 2006.1.26 and for C++ ...)
+	TODO: check
 CVE-2006-2481 (VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 ...)
 	NOT-FOR-US: VMware ESX 
 CVE-2006-2480 (Format string vulnerability in Dia 0.94 allows user-assisted ...)
@@ -10393,8 +10611,8 @@ CVE-2006-0034 (Heap-based buffer overflow in the CRpcIoManagerServer::BuildConte
 	NOT-FOR-US: Microsoft
 CVE-2006-0033 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0032
-	RESERVED
+CVE-2006-0032 (Cross-site scripting (XSS) vulnerability in the Indexing Service in ...)
+	TODO: check
 CVE-2006-0031 (Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0030 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in ...)
@@ -10454,5 +10672,5 @@ CVE-2006-0003 (Unspecified vulnerability in the RDS.Dataspace ActiveX control, w
 	NOT-FOR-US: RDS.Dataspace
 CVE-2006-0002 (Unspecified vulnerability in Microsoft Outlook 2000 through 2003, ...)
 	NOT-FOR-US: Microsoft
-CVE-2006-0001
-	RESERVED
+CVE-2006-0001 (Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 ...)
+	TODO: check
author	Joey Hess <joeyh@debian.org>	2006-09-13 09:14:40 +0000
committer	Joey Hess <joeyh@debian.org>	2006-09-13 09:14:40 +0000
commit	4117764403c291fb4ce5b373c3743fd0f5c2c85b (patch)
tree	6736393b6e59c9010d9c1894418f1eb160a5544d
parent	bca3a5d85491447ae28dad40bf6ff3b2f48a1bcf (diff)