[Secure-testing-commits] r9444 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Mon Jul 28 14:52:44 UTC 2008
Author: white
Date: 2008-07-28 14:52:42 +0000 (Mon, 28 Jul 2008)
New Revision: 9444
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-28 14:25:59 UTC (rev 9443)
+++ data/CVE/list 2008-07-28 14:52:42 UTC (rev 9444)
@@ -129,81 +129,81 @@
CVE-2008-3270
RESERVED
CVE-2008-3269 (WRPCServer.exe in WinSoftMagic WinRemotePC (WRPC) Lite 2008 and Full ...)
- TODO: check
+ NOT-FOR-US: WinRemotePC
CVE-2008-3268 (Unspecified vulnerability in phpScheduleIt 1.2.0 through 1.2.9, when ...)
- TODO: check
+ NOT-FOR-US: phpScheduleIt
CVE-2008-3267 (SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote ...)
- TODO: check
+ NOT-FOR-US: MojoJobs
CVE-2008-3266 (SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel ...)
- TODO: check
+ NOT-FOR-US: SoftAcid Hotel Reservation System
CVE-2008-3265 (SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 ...)
- TODO: check
+ NOT-FOR-US: DT Register
CVE-2008-3264 (The FWDOWNL firmware-download implementation in Asterisk Open Source ...)
TODO: check
CVE-2008-3263 (The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x ...)
TODO: check
CVE-2008-3262 (Cross-site request forgery (CSRF) vulnerability in Claroline before ...)
- TODO: check
+ NOT-FOR-US: Claroline
CVE-2008-3261 (Open redirect vulnerability in claroline/redirector.php in Claroline ...)
- TODO: check
+ NOT-FOR-US: Claroline
CVE-2008-3260 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline ...)
- TODO: check
+ NOT-FOR-US: Claroline
CVE-2008-3259 (OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the ...)
TODO: check
CVE-2008-3258 (Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow ...)
TODO: check
CVE-2008-3257 (Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3256 (SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and ...)
- TODO: check
+ NOT-FOR-US: Siteframe CMS
CVE-2008-3255 (Cross-site scripting (XSS) vulnerability in LunarNight Laboratory ...)
- TODO: check
+ NOT-FOR-US: LunarNight Laboratory WebProxy
CVE-2008-3254 (SQL injection vulnerability in index.php in preCMS 1 allows remote ...)
- TODO: check
+ NOT-FOR-US: preCMS
CVE-2008-3253 (Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces ...)
- TODO: check
+ NOT-FOR-US: Citrix XenServer Express
CVE-2008-3252 (Stack-based buffer overflow in the read_article function in ...)
TODO: check
CVE-2008-3251 (Multiple SQL injection vulnerabilities in tplSoccerSite 1.0 allow ...)
- TODO: check
+ NOT-FOR-US: tplSoccerSite
CVE-2008-3250 (SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 ...)
- TODO: check
+ NOT-FOR-US: Arctic Issue Tracker
CVE-2008-3249 (The client in Lenovo System Update before 3.14 does not properly ...)
- TODO: check
+ NOT-FOR-US: Lenovo System Update
CVE-2008-3248
RESERVED
CVE-2008-3247 (The LDT implementation in the Linux kernel 2.6.25.x on x86_64 ...)
TODO: check
CVE-2008-3246 (Unspecified vulnerability in the PDF distiller component in the ...)
- TODO: check
+ NOT-FOR-US: BlackBerry Attachment Service
CVE-2008-3245 (SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, ...)
- TODO: check
+ NOT-FOR-US: phpHoo3
CVE-2008-3244 (The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 ...)
- TODO: check
+ NOT-FOR-US: F-Prot Antivirus
CVE-2008-3243 (Multiple unspecified vulnerabilities in the scanning engine before ...)
- TODO: check
+ NOT-FOR-US: F-Prot Antivirus
CVE-2008-3242 (Heap-based buffer overflow in the PPMedia Class ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: PPMate
CVE-2008-3241 (SQL injection vulnerability in players-detail.php in UltraStats ...)
- TODO: check
+ NOT-FOR-US: UltraStats
CVE-2008-3240 (SQL injection vulnerability in index.php in AlstraSoft Affiliate ...)
- TODO: check
+ NOT-FOR-US: AlstraSoft Affiliate Network Pro
CVE-2008-3239 (Unrestricted file upload vulnerability in the writeLogEntry function ...)
- TODO: check
+ NOT-FOR-US: PHPizabi
CVE-2008-3238 (Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow ...)
- TODO: check
+ NOT-FOR-US: ITechBids
CVE-2008-3237 (Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ...)
- TODO: check
+ NOT-FOR-US: ITechBids
CVE-2008-3236 (Unspecified vulnerability in Wsadmin in the System ...)
- TODO: check
+ NOT-FOR-US: Wsadmin
CVE-2008-3235 (Unspecified vulnerability in the PropFilePasswordEncoder utility in ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2008-3234 (sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH ...)
TODO: check
CVE-2008-3233 (Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN ...)
TODO: check
CVE-2008-3232 (Unspecified vulnerability in dotclear before 1.2.8 has unknown impact ...)
- TODO: check
+ NOT-FOR-US: dotclear
CVE-2008-3231 (xine allows user-assisted attackers to cause a denial of service ...)
TODO: check
CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause a ...)
@@ -225,33 +225,33 @@
CVE-2008-3213 (SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS ...)
TODO: check
CVE-2008-3212 (Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting ...)
- TODO: check
+ NOT-FOR-US: Scripteen Free Image Hosting
CVE-2008-3211 (Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: Scripteen Free Image Hosting
CVE-2008-3210 (rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows ...)
- TODO: check
+ NOT-FOR-US: ReSIProcate
CVE-2008-3209 (Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in ...)
- TODO: check
+ NOT-FOR-US: Black Ice Document Imaging SDK
CVE-2008-3208 (Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 ...)
TODO: check
CVE-2008-3207 (PHP remote file inclusion vulnerability in cms/modules/form.lib.php in ...)
- TODO: check
+ NOT-FOR-US: Pragyan CMS
CVE-2008-3206 (SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black ...)
- TODO: check
+ NOT-FOR-US: Yuhhu Pubs Black Cat
CVE-2008-3205 (Directory traversal vulnerability in index.php in Easy-Script Wysi ...)
- TODO: check
+ NOT-FOR-US: Easy-Script Wysi Wiki Wyg
CVE-2008-3204 (SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels ...)
- TODO: check
+ NOT-FOR-US: E-topbiz Million Pixels
CVE-2008-3203 (js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform ...)
- TODO: check
+ NOT-FOR-US: AuraCMS
CVE-2008-3202 (Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 ...)
- TODO: check
+ NOT-FOR-US: Xomol
CVE-2008-3201 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: Pagefusion
CVE-2008-3200 (SQL injection vulnerability in vlc_forum.php in Avlc Forum as of ...)
- TODO: check
+ NOT-FOR-US: Avlc Forum
CVE-2008-3199 (Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow ...)
- TODO: check
+ NOT-FOR-US: ReSIProcate
CVE-2008-3198 (Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject ...)
TODO: check
CVE-2008-3195
@@ -259,19 +259,19 @@
CVE-2008-3194 (Multiple directory traversal vulnerabilities in ...)
TODO: check
CVE-2008-3193 (SQL injection vulnerability in jSite 1.0 OE allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: jSite
CVE-2008-3192 (Directory traversal vulnerability in index.php in jSite 1.0 OE allows ...)
- TODO: check
+ NOT-FOR-US: jSite
CVE-2008-3191 (Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, ...)
- TODO: check
+ NOT-FOR-US: mForum
CVE-2008-3190 (Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 ...)
- TODO: check
+ NOT-FOR-US: CodeDB
CVE-2008-3189 (SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager ...)
- TODO: check
+ NOT-FOR-US: DreamNews Manager
CVE-2008-3188 (libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the ...)
TODO: check
CVE-2008-3187 (zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 ...)
- TODO: check
+ NOT-FOR-US: zypper
CVE-2008-3330 (Cross-site scripting (XSS) vulnerability in ...)
- horde3 3.2.1+debian0-1 (low; bug #492578)
- turba 2.2.1-1 (low)
More information about the Secure-testing-commits
mailing list