[Secure-testing-commits] r3001 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Sun Dec 11 16:34:40 UTC 2005
Author: jmm-guest
Date: 2005-12-11 16:34:36 +0000 (Sun, 11 Dec 2005)
New Revision: 3001
Modified:
data/CVE/list
Log:
one new unimportant firefox issue
several NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-11 16:24:11 UTC (rev 3000)
+++ data/CVE/list 2005-12-11 16:34:36 UTC (rev 3001)
@@ -1,37 +1,38 @@
begin claimed by jmm
CVE-2005-4141 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...)
- TODO: check
+ NOT-FOR-US: ASPMForum
CVE-2005-4140 (SQL injection vulnerability in admin/login/index.php in Website Baker ...)
- TODO: check
+ NOT-FOR-US: Website Baker
CVE-2005-4139 (Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 ...)
- TODO: check
+ NOT-FOR-US: ThWboard
CVE-2005-4138 (Multiple cross-site scripting (XSS) vulnerabilities in ThWboard before ...)
- TODO: check
+ NOT-FOR-US: ThWboard
CVE-2005-4137 (SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows ...)
- TODO: check
+ NOT-FOR-US: DRZES HMS
CVE-2005-4136 (Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 ...)
- TODO: check
+ NOT-FOR-US: DRZES HMS
CVE-2005-4135 (Direct static code injection vulnerability in includes/newtopic.php in ...)
- TODO: check
+ NOT-FOR-US: SimpleBBS
CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon up to 0.9 ...)
- TODO: check
+ - mozilla-firefox <unfixed> (unimportant)
+ NOTE: Not exploitable beyond a sluggish browser startup, see
+ NOTE: http://www.mozilla.org/security/history-title.html
CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2005-4132 (Unspecified "security leak" vulnerability in Contenido before 4.6.4, ...)
- TODO: check
+ NOT-FOR-US: Contenido
CVE-2005-4131 (** UNVERIFIABLE, PRERELEASE ** ...)
- TODO: check
+ NOT-FOR-US: Excel
CVE-2005-4130 (** UNVERIFIABLE, PRERELEASE ** ...)
- TODO: check
+ TODO: Once dislosed, check, whether this affects Helix
CVE-2005-4129
REJECTED
- TODO: check
CVE-2005-4128 (** UNVERIFIABLE, PRERELEASE ** ...)
- TODO: check
+ NOT-FOR-US: Apple Quicktime
CVE-2005-4127 (** UNVERIFIABLE, PRERELEASE ** ...)
- TODO: check
+ NOT-FOR-US: iTunes
CVE-2005-4126 (** UNVERIFIABLE, PRERELEASE ** ...)
- TODO: check
+ TODO: Once dislosed, check, whether this affects Helix
CVE-2005-4125
RESERVED
CVE-2005-4124
@@ -93,8 +94,7 @@
CVE-2005-4096
RESERVED
CVE-2004-2650 (Spooler in Apache Foundation James 2.2.0 allows local users to cause a ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: Apache James
CVE-2005-4095 (Directory traversal vulnerability in connector.php in the ...)
NOT-FOR-US: DoceboLMS
CVE-2005-4094 (connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows ...)
More information about the Secure-testing-commits
mailing list