[Secure-testing-commits] r8601 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Apr 23 18:07:17 UTC 2008
Author: nion
Date: 2008-04-23 18:07:16 +0000 (Wed, 23 Apr 2008)
New Revision: 8601
Modified:
data/CVE/list
Log:
NFUs
CVE-2008-1891 non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-04-23 17:46:16 UTC (rev 8600)
+++ data/CVE/list 2008-04-23 18:07:16 UTC (rev 8601)
@@ -5,29 +5,29 @@
NOTE: PMASA-2008-3, CVE id requested
NOTE: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_9/phpMyAdmin/libraries/tbl_replace_fields.inc.php?r1=11211&r2=11210&pathrev=11211
CVE-2008-1914 (Stack-based buffer overflow in the AntServer module (AntServer.exe) in ...)
- TODO: check
+ NOT-FOR-US: BigAnt Messenger
CVE-2008-1913 (SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, ...)
- TODO: check
+ NOT-FOR-US: Lasernet CMS
CVE-2008-1912 (Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and ...)
- TODO: check
+ NOT-FOR-US: DivX Player
CVE-2008-1911 (SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 ...)
- TODO: check
+ NOT-FOR-US: 1024 CMS
CVE-2008-1910 (Stack-based buffer overflow in the database service (ibserver.exe) in ...)
- TODO: check
+ NOT-FOR-US: Borland InterBase
CVE-2008-1909 (SQL injection vulnerability in comment.php in PHP Knowledge Base ...)
- TODO: check
+ NOT-FOR-US: PHPKB
CVE-2008-1908 (Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow ...)
- TODO: check
+ NOT-FOR-US: cpCommerce
CVE-2008-1907 (Multiple SQL injection vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: cpCommerce
CVE-2008-1906 (Cross-site scripting (XSS) vulnerability in calendar.php in cpCommerce ...)
- TODO: check
+ NOT-FOR-US: cpCommerce
CVE-2008-1905 (NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in ...)
- TODO: check
+ NOT-FOR-US: Nero MediaHome
CVE-2008-1904 (Cicoandcico CcMail 1.0.1 and earlier does not verify that the ...)
- TODO: check
+ NOT-FOR-US: CcMail
CVE-2008-1903 (PHP remote file inclusion vulnerability in news_show.php in Newanz ...)
- TODO: check
+ NOT-FOR-US: Newanz NewsOffice
CVE-2008-1902 (The GUI for aptlinex before 0.91 does not sufficiently warn the user ...)
- aptlinex 0.91-1 (low; bug #476572)
NOTE: the user gets a confirmation dialog
@@ -35,39 +35,42 @@
- aptlinex 0.91-1 (medium; bug #476588)
NOTE: code execution via /tmp/gambas-apt-exec is also possible, maintainer confirmed this
CVE-2008-1900 (option_Update.asp in Carbon Communities 2.4 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: Carbon Communities
CVE-2008-1899
RESERVED
CVE-2008-1898 (WkImgSrv.dll 7.03.0616 in Microsoft Works 7 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft Works
CVE-2008-1897
RESERVED
CVE-2008-1896 (Multiple cross-site scripting (XSS) vulnerabilities in Carbon ...)
- TODO: check
+ NOT-FOR-US: Carbon Communities
CVE-2008-1895 (Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and ...)
- TODO: check
+ NOT-FOR-US: Carbon Communities
CVE-2008-1894 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: BusinessObjects InfoView
CVE-2008-1893 (PHP remote file inclusion vulnerability in index.php in W2B Online ...)
- TODO: check
+ NOT-FOR-US: W2B Online Banking
CVE-2008-1892 (Cross-site scripting (XSS) vulnerability in bs_auth.php in ...)
- TODO: check
+ NOT-FOR-US: Blogator-script
CVE-2008-1891 (Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and ...)
- TODO: check
+ - ruby1.8 <unfixed> (unimportant)
+ - ruby1.9 <unfixed> (unimportant)
+ NOTE: corner-case only exploitable if web application is run on windows fs
+
CVE-2008-1890 (SQL injection vulnerability in the Jom Comment 2.0 build 345 component ...)
- TODO: check
+ NOT-FOR-US: Jom Comment for Joomla!
CVE-2008-1889 (SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials ...)
- TODO: check
+ NOT-FOR-US: XplodPHP AutoTutorials
CVE-2008-1888 (Cross-site scripting (XSS) vulnerability in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Windows
CVE-2008-1886 (The NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in ...)
- TODO: check
+ NOT-FOR-US: CDNetworks Nefficient Download
CVE-2008-1885 (Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX ...)
- TODO: check
+ NOT-FOR-US: NeffyLauncher
CVE-2008-1884 (Directory traversal vulnerability in index.php in Wikepage Opus 13 ...)
- TODO: check
+ NOT-FOR-US: Wikepage
CVE-2008-1883 (The server in Blackboard Academic Suite 7.x stores MD5 password hashes ...)
- TODO: check
+ NOT-FOR-US: Blackboard Academic Suite
CVE-2008-1882
RESERVED
CVE-2008-1881 (Stack-based buffer overflow in the ParseSSA function ...)
More information about the Secure-testing-commits
mailing list