[Secure-testing-commits] r5327 - data/CVE
Alex de Oliveira Silva
enerv-guest at alioth.debian.org
Mon Jan 22 21:45:00 CET 2007
Author: enerv-guest
Date: 2007-01-22 21:44:58 +0100 (Mon, 22 Jan 2007)
New Revision: 5327
Modified:
data/CVE/list
Log:
some NFUs.
new mambo and joomla issues.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-22 20:14:11 UTC (rev 5326)
+++ data/CVE/list 2007-01-22 20:44:58 UTC (rev 5327)
@@ -1,15 +1,15 @@
CVE-2007-0397 (The Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-0396 (Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in ...)
- TODO: check
+ NOT-FOR-US: HP-UX
CVE-2007-0395 (PHP remote file inclusion vulnerability in ...)
TODO: check
CVE-2007-0394 (HP HP-UX B11.11 does not properly verify the status of file ...)
- TODO: check
+ NOT-FOR-US: HP-UX
CVE-2007-0393 (Sun Solaris 9 does not properly verify the status of file descriptors ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2007-0392 (IBM AIX 5.3 does not properly verify the status of file descriptors ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2007-0391 (Format string vulnerability in the log creation functionality of ...)
TODO: check
CVE-2007-0390 (Cross-site scripting (XSS) vulnerability in index.php in sabros.us 1.7 ...)
@@ -21,9 +21,9 @@
CVE-2007-0387 (SQL injection vulnerability in models/category.php in the Weblinks ...)
TODO: check
CVE-2007-0386 (Unspecified vulnerability in the rating section in PostNuke 0.764 has ...)
- TODO: check
+ NOT-FOR-US: PostNuke
CVE-2007-0385 (The faq section in PostNuke 0.764 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: PostNuke
CVE-2007-0384 (Cross-site scripting (XSS) vulnerability in preview in the reviews ...)
TODO: check
CVE-2007-0383 (** DISPUTED ** ...)
@@ -31,7 +31,7 @@
CVE-2007-0382 (Multiple SQL injection vulnerabilities in letterman.class.php in the ...)
TODO: check
CVE-2007-0381 (Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote ...)
- TODO: check
+ NOT-FOR-US: ATutor
CVE-2007-0380 (DocMan 1.3 RC2 allows remote attackers to obtain sensitive information ...)
TODO: check
CVE-2007-0379 (Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows ...)
@@ -39,17 +39,20 @@
CVE-2007-0378 (Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow ...)
TODO: check
CVE-2007-0377 (Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote ...)
- TODO: check
+ NOT-FOR-US: Xoops
CVE-2007-0376 (Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows ...)
TODO: check
CVE-2007-0375 (Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive ...)
- TODO: check
+ - joomla <not-affected>
CVE-2007-0374 (SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and ...)
- TODO: check
+ - mambo <unfixed>
+ - joomla <unfixed>
+ NOTE: Mantainer working in new upstream version of Joomla and waiting patch
+ NOTE: for Mambo.
CVE-2007-0373 (Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow ...)
- TODO: check
+ - joomla <not-affected>
CVE-2007-0372 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 ...)
- TODO: check
+ NOT-FOR-US: PHP-Nuke
CVE-2007-0371 (A certain ActiveX control in the Common Controls Replacement Project ...)
TODO: check
CVE-2007-0370 (Unrestricted file upload vulnerability in index.php in phpBP RC3 ...)
More information about the Secure-testing-commits
mailing list