[Secure-testing-commits] r8236 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Feb 27 17:36:10 UTC 2008
Author: nion
Date: 2008-02-27 17:36:08 +0000 (Wed, 27 Feb 2008)
New Revision: 8236
Modified:
data/CVE/list
Log:
a bunch of NFUs
checking back status of CVE-2008-059{6,7} with redhat
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-02-27 16:36:06 UTC (rev 8235)
+++ data/CVE/list 2008-02-27 17:36:08 UTC (rev 8236)
@@ -213,143 +213,145 @@
CVE-2008-0877 (Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media ...)
NOT-FOR-US: Jinzora Media Jukebox
CVE-2008-0876 (Unspecified vulnerability in the SEWB3 messaging service in Hitachi ...)
- TODO: check
+ NOT-FOR-US: Hitachi SEWB3
CVE-2008-0875 (Unspecified vulnerability in Hitachi EUR Print Manager, and related ...)
- TODO: check
+ NOT-FOR-US: Hitachi EUR Print Manager
CVE-2008-0874 (SQL injection vulnerability in index.php in the eEmpregos module for ...)
- TODO: check
+ NOT-FOR-US: eEmpregos module for XOOPS
CVE-2008-0873 (SQL injection vulnerability in index.php in the jlmZone Classifieds ...)
- TODO: check
+ NOT-FOR-US: jlmZone Classifieds module for XOOPS
CVE-2008-0872 (Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail ...)
- TODO: check
+ NOT-FOR-US: SmarterTools SmarterMail Enterprise
CVE-2008-0871 (Multiple stack-based buffer overflows in Now SMS/MMS Gateway ...)
- TODO: check
+ NOT-FOR-US: Now SMS/MMS Gateway
CVE-2008-0870 (BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-0869 (Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-0868 (Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-0867 (Cross-site scripting (XSS) vulnerability in portal/server.pt in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-0866 (Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-0865 (Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-0864 (Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-0863 (BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-0862 (IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes
CVE-2008-0861 (Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Quickplace
CVE-2008-0860 (Unspecified vulnerability in the AVG plugin in Kerio MailServer before ...)
- TODO: check
+ NOT-FOR-US: Kerio MailServer
CVE-2008-0859 (Unspecified vulnerability in Kerio MailServer before 6.5.0 allows ...)
- TODO: check
+ NOT-FOR-US: Kerio MailServer
CVE-2008-0858 (Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer ...)
- TODO: check
+ NOT-FOR-US: Kerio MailServer
CVE-2008-0857 (SQL injection vulnerability in index.php in WoltLab Burning Board ...)
- TODO: check
+ NOT-FOR-US: WoltLab Burning Board
CVE-2008-0856 (Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow ...)
- TODO: check
+ NOT-FOR-US: e-Vision CMS
CVE-2008-0855 (SQL injection vulnerability in the Facile Forms (com_facileforms) ...)
- TODO: check
+ NOT-FOR-US: com_facileforms component for Joomla! and Mambo
CVE-2008-0854 (SQL injection vulnerability in the com_salesrep component for Joomla! ...)
- TODO: check
+ NOT-FOR-US: com_salesrep component for Joomla! and Mambo
CVE-2008-0853 (SQL injection vulnerability in the com_detail component for Joomla! ...)
- TODO: check
+ NOT-FOR-US: com_detail component for Joomla! and Mambo
CVE-2008-0852 (freeSSHd 1.2 and earlier allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: freeSSHd
CVE-2008-0851 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 ...)
- TODO: check
+ NOT-FOR-US: Dokeos
+ NOTE: there is an RFP for Dokeos #433352
CVE-2008-0850 (Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote ...)
- TODO: check
+ NOT-FOR-US: Dokeos
+ NOTE: there is an RFP for Dokeos #433352
CVE-2008-0849 (SQL injection vulnerability in index.php in the Downloads ...)
- TODO: check
+ NOT-FOR-US: com_downloads component for Mambo and Joomla!
CVE-2008-0848 (Cross-site scripting (XSS) vulnerability in lostsheep.php in Crafty ...)
- TODO: check
+ NOT-FOR-US: Crafty Syntax Live Help
CVE-2008-0847 (SQL injection vulnerability in print.php in the myTopics module for ...)
- TODO: check
+ NOT-FOR-US: myTopics module for XOOPS
CVE-2008-0846 (SQL injection vulnerability in index.php in the com_profile component ...)
- TODO: check
+ NOT-FOR-US: com_profile component for Mambo and Joomla!
CVE-2008-0845 (SQL injection vulnerability in wp-people-popup.php in Dean Logan ...)
- TODO: check
+ NOT-FOR-US: WP-People plugin for WordPress
CVE-2008-0844 (SQL injection vulnerability in index.php in the PccookBook ...)
- TODO: check
+ NOT-FOR-US: com_pccookbook component for Joomla!
CVE-2008-0843 (StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: StatCounteX
CVE-2008-0842 (SQL injection vulnerability in index.php in the Classifier ...)
- TODO: check
+ NOT-FOR-US: com_clasifier component for Joomla!
CVE-2008-0841 (SQL injection vulnerability in index.php in the Giorgio Nordo Ricette ...)
- TODO: check
+ NOT-FOR-US: com_ricette component for Joomla!
CVE-2008-0840 (Directory traversal vulnerability in view_member.php in Public ...)
- TODO: check
+ NOT-FOR-US: LightBlog
CVE-2008-0839 (SQL injection vulnerability in refer.php in the astatsPRO ...)
- TODO: check
+ NOT-FOR-US: com_astatspro component for Joomla!
CVE-2008-0838 (Multiple cross-site scripting (XSS) vulnerabilities in the web ...)
- TODO: check
+ NOT-FOR-US: Sophos, Email Security Appliance
CVE-2008-0837 (Cross-site scripting (XSS) vulnerability in the log feature in the ...)
- TODO: check
+ NOT-FOR-US: John Godley Search Unleashed plugin for WordPress
CVE-2008-0836 (Unspecified vulnerability in the vuidmice STREAMS modules in Sun ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2008-0835 (SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and ...)
- TODO: check
+ NOT-FOR-US: Simple CMS
CVE-2008-0834 (Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS ...)
- TODO: check
+ NOT-FOR-US: Lotus Quickr
CVE-2008-0833 (SQL injection vulnerability in index.php in the com_galeria component ...)
- TODO: check
+ NOT-FOR-US: com_galeria component for Joomla!
CVE-2008-0832 (SQL injection vulnerability in index.php in the Kemas Antonius ...)
- TODO: check
+ NOT-FOR-US: com_quran component for Mambo and Joomla!
CVE-2008-0831 (Multiple SQL injection vulnerabilities in the Rapid Recipe ...)
- TODO: check
+ NOT-FOR-US: com_rapidrecipe component for Joomla!
CVE-2008-0830 (The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 ...)
- TODO: check
+ NOT-FOR-US: DPAP server for iPhoto
CVE-2008-0829 (SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! ...)
- TODO: check
+ NOT-FOR-US: com_jooget component for Joomla! and Mambo
CVE-2008-0828 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 ...)
- TODO: check
+ NOT-FOR-US: ATutor
CVE-2008-0827 (SQL injection vulnerability in the Books module of PHP-Nuke allows ...)
- TODO: check
+ NOT-FOR-US: Books module of PHP-Nuke
CVE-2008-0826 (Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 ...)
- TODO: check
+ NOT-FOR-US: Claroline
CVE-2008-0825 (SQL injection vulnerability in Claroline before 1.8.9 allows remote ...)
- TODO: check
+ NOT-FOR-US: Claroline
CVE-2008-0824 (Unspecified vulnerability in the php2phps function in Claroline before ...)
- TODO: check
+ NOT-FOR-US: Claroline
CVE-2008-0823 (Unspecified vulnerability in the Header Image Module before 5.x-1.1 ...)
- TODO: check
+ NOT-FOR-US: Header Image Module for Drupal
CVE-2008-0822 (Directory traversal vulnerability in index.php in Scribe 0.2 allows ...)
- TODO: check
+ NOT-FOR-US: Scribe
CVE-2008-0821 (SQL injection vulnerability in admin/traffic/knowledge_searchm.php in ...)
- TODO: check
+ NOT-FOR-US: PHP Live!
CVE-2008-0820 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Etomite CMS
CVE-2008-0819 (Directory traversal vulnerability in index.php in PlutoStatus Locator ...)
- TODO: check
+ NOT-FOR-US: PlutoStatus Locator
CVE-2008-0818 (Multiple directory traversal vulnerabilities in freePHPgallery 0.6 ...)
- TODO: check
+ NOT-FOR-US: freePHPgallery
CVE-2008-0817 (SQL injection vulnerability in the com_filebase component for Joomla! ...)
- TODO: check
+ NOT-FOR-US: com_filebase component for Joomla! and Mambo
CVE-2008-0816 (SQL injection vulnerability in the com_sg component for Joomla! and ...)
- TODO: check
+ NOT-FOR-US: com_sg component for Joomla! and Mambo
CVE-2008-0815 (SQL injection vulnerability in the com_mezun component for Joomla! ...)
- TODO: check
+ NOT-FOR-US: com_mezun component for Joomla!
CVE-2008-0814 (Directory traversal vulnerability in download.php in Tracking ...)
- TODO: check
+ NOT-FOR-US: TRUC
CVE-2008-0813 (Directory traversal vulnerability in Download.php in XPWeb 3.0.1, ...)
- TODO: check
+ NOT-FOR-US: XPWeb
CVE-2008-0812 (Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 ...)
- TODO: check
+ NOT-FOR-US: BanPro DMS
CVE-2008-0811 (Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote ...)
- TODO: check
+ NOT-FOR-US: AuraCMS
CVE-2008-0810 (SQL injection vulnerability in the com_scheduling module for Joomla! ...)
- TODO: check
+ NOT-FOR-US: com_scheduling module for Joomla! and Mambo
CVE-2008-0805 (Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b ...)
- TODO: check
+ NOT-FOR-US: PHPizabi
CVE-2008-0804 (PHP remote file inclusion vulnerability in usrgetform.html in Thecus ...)
- TODO: check
+ NOT-FOR-US: Thecus N5200Pro NAS Server
CVE-2008-0983 [lighttpd remote DoS]
- lighttpd 1.4.18-2 (medium; bug #466663)
CVE-2008-0883 [tmp race]
@@ -726,7 +728,7 @@
CVE-2008-0639 (Stack-based buffer overflow in the EnumPrinters function in the ...)
NOT-FOR-US: Novell Client
CVE-2008-0638 (Heap-based buffer overflow in the Veritas Enterprise Administrator ...)
- TODO: check
+ NOT-FOR-US: Veritas Enterprise Administrator service
CVE-2008-0637
RESERVED
CVE-2008-0636 (Level Platforms, Inc. (LPI) Managed Workplace Service Center 4.x, 5.x ...)
@@ -814,8 +816,10 @@
RESERVED
CVE-2008-0597 (Use-after-free vulnerability in CUPS before 1.1.22, and possibly other ...)
TODO: check
+ NOTE: checking status of 1.5.6 with redhat
CVE-2008-0596 (Memory leak in CUPS before 1.1.22, and possibly other versions, allows ...)
TODO: check
+ NOTE: checking status of 1.5.6 with redhat
CVE-2008-0595
RESERVED
CVE-2008-0594 (Mozilla Firefox before 2.0.0.12 does not always display a web forgery ...)
More information about the Secure-testing-commits
mailing list