[Secure-testing-commits] r10712 - data/CVE
atomo64-guest at alioth.debian.org
atomo64-guest at alioth.debian.org
Wed Dec 17 02:36:23 UTC 2008
Author: atomo64-guest
Date: 2008-12-17 02:36:22 +0000 (Wed, 17 Dec 2008)
New Revision: 10712
Modified:
data/CVE/list
Log:
NFUs, some issues CVEified
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-16 21:14:09 UTC (rev 10711)
+++ data/CVE/list 2008-12-17 02:36:22 UTC (rev 10712)
@@ -289,7 +289,7 @@
- axel <unfixed> (low)
[etch] - axel <no-dsa> (Minor issue)
NOTE: http://alioth.debian.org/forum/forum.php?forum_id=2846
-CVE-2008-XXXX [roundcube remote code execution via preg_replace in html2text.php]
+CVE-2008-5619 [roundcube remote code execution via preg_replace in html2text.php]
- roundcube 0.1.1-9 (high; bug #508628)
NOTE: According to the bug report, this is being exploited.
[sid] - moodle <unfixed> (bug #508909)
@@ -548,7 +548,7 @@
TODO: check
CVE-2008-5361 (The ActionScript 2 virtual machine in Adobe Flash Player 10.x before ...)
TODO: check
-CVE-2008-XXXX [phpMyAdmin PMASA-2008-10 SQL injection]
+CVE-2008-5621 [phpMyAdmin PMASA-2008-10 SQL injection]
- phpmyadmin 4:2.11.8.1-5
CVE-2008-XXXX [RSyslog "AllowedSender" Security Bypass Vulnerability]
- rsyslog 3.18.6-1 (bug #508027)
@@ -3426,6 +3426,7 @@
RESERVED
CVE-2008-4122
RESERVED
+ NOT-FOR-US: Joomla
CVE-2008-4121 (Multiple cross-site scripting (XSS) vulnerabilities in cpCommerce ...)
NOT-FOR-US: cpCommerce
CVE-2008-4120 (Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 ...)
@@ -10761,6 +10762,7 @@
NOT-FOR-US: Sun Solaris
CVE-2008-1094
RESERVED
+ NOT-FOR-US: Barracuda Spam Firewall
CVE-2008-1093 (Acresso InstallShield Update Agent does not properly verify the ...)
NOT-FOR-US: FLEXnet Connect
CVE-2008-1092 (Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet ...)
@@ -11035,6 +11037,7 @@
RESERVED
CVE-2008-0971
RESERVED
+ NOT-FOR-US: Barracuda Networks products
CVE-2008-0970
RESERVED
CVE-2008-0969
More information about the Secure-testing-commits
mailing list