[Secure-testing-commits] r8496 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Apr 9 17:50:36 UTC 2008
Author: nion
Date: 2008-04-09 17:50:34 +0000 (Wed, 09 Apr 2008)
New Revision: 8496
Modified:
data/CVE/list
Log:
NFUs
new flashplugin-nonfree issue (CVE-2008-1654)
new mondo issue (CVE-2008-1633)
cuteflow has an itp open (CVE-2008-163[0-2])
new auditd issue (CVE-2008-1628)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-04-09 13:34:35 UTC (rev 8495)
+++ data/CVE/list 2008-04-09 17:50:34 UTC (rev 8496)
@@ -103,7 +103,7 @@
CVE-2008-1655
RESERVED
CVE-2008-1654 (Interaction error between Adobe Flash and multiple Universal Plug and ...)
- TODO: check
+ - flashplugin-nonfree <unfixed>
CVE-2008-1653 (Directory traversal vulnerability in index.php in Sava's Link Manager ...)
NOT-FOR-US: Sava's Link Manager
CVE-2008-1652 (Directory traversal vulnerability in the _serve_request_multiple ...)
@@ -145,33 +145,34 @@
CVE-2008-1634 (Cross-site scripting (XSS) vulnerability in index.php in JV2 Folder ...)
NOT-FOR-US: JV2 Folder Gallery
CVE-2008-1633 (Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown ...)
- TODO: check
+ - mondo <unfixed> (bug #475221)
CVE-2008-1632 (Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote ...)
- TODO: check
+ - cuteflow <itp> (bug #465372)
CVE-2008-1631 (SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 ...)
- TODO: check
+ - cuteflow <itp> (bug #465372)
CVE-2008-1630 (Multiple cross-site scripting (XSS) vulnerabilities in CuteFlow 1.5.0 ...)
- TODO: check
+ - cuteflow <itp> (bug #465372)
CVE-2008-1629 (Cross-site scripting (XSS) vulnerability in PHPkrm before 1.5.0 allows ...)
- TODO: check
+ NOT-FOR-US: PHPkrm
CVE-2008-1628 (Stack-based buffer overflow in the audit_log_user_command function in ...)
- TODO: check
+ - auditd <unfixed> (medium; bug #475227)
+ NOTE: auditd runs as root
CVE-2008-1627 (CDS Invenio 0.92.1 and earlier allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: CDS Invenio
CVE-2008-1626 (SQL injection vulnerability in eggBlog before 4.0.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: eggBlog
CVE-2008-1625 (aavmker4.sys in avast! Home and Professional 4.7 for Windows does not ...)
- TODO: check
+ NOT-FOR-US: avast! Home and Professional
CVE-2008-1624 (Directory traversal vulnerability in v2demo/page.php in Jshop Server ...)
- TODO: check
+ NOT-FOR-US: Jshop Server
CVE-2008-1623 (SQL injection vulnerability in admin_view_image.php in Smoothflash ...)
- TODO: check
+ NOT-FOR-US: Smoothflash
CVE-2008-1622 (Multiple PHP remote file inclusion vulnerabilities in GeeCarts allow ...)
- TODO: check
+ NOT-FOR-US: GeeCarts
CVE-2008-1621 (Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow ...)
- TODO: check
+ NOT-FOR-US: GeeCarts
CVE-2008-1620 (Directory traversal vulnerability in 2X TFTP service (TFTPd.exe) ...)
- TODO: check
+ NOT-FOR-US: ThinClientServer
CVE-2008-1619 (The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers ...)
TODO: check
CVE-2008-1618 (The PPTP VPN service in Watchguard Firebox before 10, when performing ...)
More information about the Secure-testing-commits
mailing list