[Secure-testing-commits] r10704 - data/CVE

atomo64-guest at alioth.debian.org atomo64-guest at alioth.debian.org
Tue Dec 16 05:47:15 UTC 2008 

Author: atomo64-guest
Date: 2008-12-16 05:47:14 +0000 (Tue, 16 Dec 2008)
New Revision: 10704

Modified:
   data/CVE/list
Log:
NFUs, phpbb3 issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-16 04:59:59 UTC (rev 10703)
+++ data/CVE/list	2008-12-16 05:47:14 UTC (rev 10704)
@@ -1,3 +1,5 @@
+CVE-2008-XXXX [phpBB3 Account Re-activation Security Bypass]
+	- phpbb3 <unfixed> (low; bug #508872)
 CVE-2008-5556 (** DISPUTED ** ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2008-5555 (Microsoft Internet Explorer 8.0 Beta 2 relies on the ...)
@@ -121,29 +123,29 @@
 	- libgd2 <not-affected> (code is specific to php's libgd)
 	NOTE: http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027.2.547.2.1361
 CVE-2008-5497 (BandSite CMS 1.1.4 allows remote attackers to bypass authentication ...)
-	TODO: check
+	NOT-FOR-US: BandSite CMS
 CVE-2008-5496 (SQL injection vulnerability in showcategory.php in PozScripts Business ...)
-	TODO: check
+	NOT-FOR-US: PozScripts Business Directory Script
 CVE-2008-5495 (Unspecified vulnerability in the GungHo LoadPrgAx ActiveX control ...)
-	TODO: check
+	NOT-FOR-US: GungHo LoadPrgAx
 CVE-2008-5494 (SQL injection vulnerability in the Contact Information Module ...)
-	TODO: check
+	NOT-FOR-US: Contact Information Module (com_contactinfo) component for Joomla!
 CVE-2008-5493 (SQL injection vulnerability in track.php in PHPStore Wholesales (aka ...)
-	TODO: check
+	NOT-FOR-US: PHPStore Wholesales
 CVE-2008-5492 (Heap-based buffer overflow in the PDFVIEW.PdfviewCtrl.1 ActiveX ...)
-	TODO: check
+	NOT-FOR-US: PDFVIEW.PdfviewCtrl.1
 CVE-2008-5491 (SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier ...)
 	TODO: check
 CVE-2008-5490 (SQL injection vulnerability in index.php in PHPStore Yahoo Answers ...)
-	TODO: check
+	NOT-FOR-US: PHPStore Yahoo Answers
 CVE-2008-5489 (SQL injection vulnerability in channel_detail.php in ClipShare Pro 4, ...)
 	TODO: check
 CVE-2008-5488 (SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 ...)
 	TODO: check
 CVE-2008-5487 (Cross-site scripting (XSS) vulnerability in admin.php in TurnkeyForms ...)
-	TODO: check
+	NOT-FOR-US: TurnkeyForms Text Link Sales
 CVE-2008-5486 (SQL injection vulnerability in admin.php in TurnkeyForms Text Link ...)
-	TODO: check
+	NOT-FOR-US: TurnkeyForms Text Link Sales
 CVE-2008-XXXX [mplayer buffer overflow in twinvq parsing]
 	- mplayer <unfixed> (medium; bug #508803)
 	TODO: request CVE id

More information about the Secure-testing-commits mailing list