[Secure-testing-commits] r9573 - data/CVE

thomasbl-guest at alioth.debian.org thomasbl-guest at alioth.debian.org
Thu Aug 14 14:13:37 UTC 2008 

Author: thomasbl-guest
Date: 2008-08-14 14:13:36 +0000 (Thu, 14 Aug 2008)
New Revision: 9573

Modified:
   data/CVE/list
Log:
some not-for-us and some claimed by me



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-08-14 13:57:23 UTC (rev 9572)
+++ data/CVE/list	2008-08-14 14:13:36 UTC (rev 9573)
@@ -159,25 +159,35 @@
 	NOT-FOR-US: Twentyone Degrees Symphony 1.7.01
 	TODO: check if there are packages which have this source included
 CVE-2008-3591 (SQL injection vulnerability in lib/class.admin.php in Twentyone ...)
-	TODO: check
+	NOT-FOR-US: Twentyone Degrees Symphony 1.7.01
+	TODO: check if there are packages which have this source included
+begin claimed by thomasbl
 CVE-2008-3590 (Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. ...)
 	TODO: check
+end claimed by thomasbl
 CVE-2008-3589 (Directory traversal vulnerability in download.php in moziloCMS 1.10.1, ...)
-	TODO: check
+	NOT-FOR-US: mozilo CMS 1.10.1
+	TODO: check if there are packages which have this source included
 CVE-2008-3588 (Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote ...)
-	TODO: check
+	NOT-FOR-US: phsBlog 0.1.1
+	TODO: check if there are packages which have this source included
 CVE-2008-3587 (Cross-site scripting (XSS) vulnerability in result.php in Chris ...)
-	TODO: check
+	NOT-FOR-US: Homes 4 Sale
+	TODO: check if there are packages which have this source included
+begin claimed by thomasbl
 CVE-2008-3586 (SQL injection vulnerability in the EZ Store (com_ezstore) component ...)
 	TODO: check
+end claimed by thomasbl
 CVE-2008-3585 (Multiple SQL injection vulnerabilities in PozScripts GreenCart PHP ...)
-	TODO: check
+	NOT-FOR-US: PozScripts GreenCart PHP Shopping Cart
+	TODO: check if there are packages which have this source included
 CVE-2008-3584
 	RESERVED
 CVE-2008-3583 (Buffer overflow in the HTML parser in IntelliTamper 2.07 allows remote ...)
-	TODO: check
+	NOT-FOR-US: IntelliTamper 2.07
 CVE-2008-3582 (SQL injection vulnerability in login.php in Keld PHP-MySQL News Script ...)
-	TODO: check
+	NOT-FOR-US: Keld PHP-MySQL News Script 0.7.1
+	TODO: check if there are packages which have this source included
 CVE-2008-3581 (Cross-site scripting (XSS) vulnerability in index.php in Qsoft K-Links ...)
 	TODO: check
 CVE-2008-3580 (Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote ...)

More information about the Secure-testing-commits mailing list