[Secure-testing-commits] r8932 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Fri May 30 13:37:39 UTC 2008
Author: white
Date: 2008-05-30 13:37:38 +0000 (Fri, 30 May 2008)
New Revision: 8932
Modified:
data/CVE/list
Log:
NFUs; stunnel4 windows specific issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-05-29 21:14:17 UTC (rev 8931)
+++ data/CVE/list 2008-05-30 13:37:38 UTC (rev 8932)
@@ -1,51 +1,51 @@
CVE-2008-2500 (Cross-site scripting (XSS) vulnerability in the MOStlyContent Editor ...)
- TODO: check
+ NOT-FOR-US: MOStlyContent Editor
CVE-2008-2499 (Stack-based buffer overflow in the Community Services Multiplexer (aka ...)
- TODO: check
+ NOT-FOR-US: Community Services Multiplexer
CVE-2008-2498 (Multiple SQL injection vulnerabilities in index.php in Mambo before ...)
- TODO: check
+ NOT-FOR-US: Mambo
CVE-2008-2497 (CRLF injection vulnerability in Mambo before 4.6.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: Mambo
CVE-2008-2496 (Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 ...)
- TODO: check
+ NOT-FOR-US: Quate CMS
CVE-2008-2495 (Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows ...)
- TODO: check
+ NOT-FOR-US: Zina
CVE-2008-2494 (Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 ...)
- TODO: check
+ NOT-FOR-US: Zina
CVE-2008-2493 (Cross-site scripting (XSS) vulnerability in post3/Book.asp in Campus ...)
- TODO: check
+ NOT-FOR-US: Campus Bulletin Board
CVE-2008-2492 (Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 ...)
- TODO: check
+ NOT-FOR-US: Campus Bulletin Board
CVE-2008-2491 (SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows ...)
- TODO: check
+ NOT-FOR-US: AbleSpace
CVE-2008-2490 (Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 ...)
- TODO: check
+ NOT-FOR-US: KJ Image Lightbox 2
CVE-2008-2489 (SQL injection vulnerability in the Library for Frontend Plugins (aka ...)
- TODO: check
+ NOT-FOR-US: Library for Frontend Plugins sg_zfelib
CVE-2008-2488 (admin/userform.php in RoomPHPlanning 1.5 does not require ...)
- TODO: check
+ NOT-FOR-US: RoomPHPlanning
CVE-2008-2487 (SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier ...)
- TODO: check
+ NOT-FOR-US: MAXSITE
CVE-2008-2486 (Unspecified vulnerability in eMule Plus before 1.2d has unknown impact ...)
TODO: check
CVE-2008-2485 (Cross-site scripting (XSS) vulnerability in the URL redirection script ...)
- TODO: check
+ NOT-FOR-US: PCPIN chat
CVE-2008-2484 (SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when ...)
- TODO: check
+ NOT-FOR-US: Xomol CMS
CVE-2008-2483 (Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 ...)
- TODO: check
+ NOT-FOR-US: Xomol CMS
CVE-2008-2482 (Directory traversal vulnerability in install_mod.php in insanevisions ...)
- TODO: check
+ NOT-FOR-US: OneCMS
CVE-2008-2481 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: phpRaider
CVE-2008-2480 (PHP remote file inclusion vulnerability in plus.php in plusPHP Short ...)
- TODO: check
+ NOT-FOR-US: plusPHP
CVE-2008-2479 (Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote ...)
- TODO: check
+ NOT-FOR-US: phpFix
CVE-2008-2478 (** DISPUTED ** ...)
TODO: check
CVE-2008-2477 (SQL injection vulnerability in index.php in MxBB (aka MX-System) ...)
- TODO: check
+ NOT-FOR-US: MxBB (MX-System)
CVE-2008-2476
RESERVED
CVE-2008-2475
@@ -77,43 +77,43 @@
CVE-2008-2462
RESERVED
CVE-2008-2461 (SQL injection vulnerability in index.php in Netious CMS 0.4 allows ...)
- TODO: check
+ NOT-FOR-US: Netious
CVE-2008-2460 (SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2008-2459 (Directory traversal vulnerability in page.php in EntertainmentScript ...)
- TODO: check
+ NOT-FOR-US: EntertainmentScript
CVE-2008-2458 (Cross-site scripting (XSS) vulnerability in index.php in Starsgames ...)
- TODO: check
+ NOT-FOR-US: Starsgames
CVE-2008-2457 (SQL injection vulnerability in jokes_category.php in PHP-Jokesite 2.0 ...)
- TODO: check
+ NOT-FOR-US: PHP-Jokesite
CVE-2008-2456 (SQL injection vulnerability in index.php in ComicShout 2.5 and earlier ...)
- TODO: check
+ NOT-FOR-US: ComicShout
CVE-2008-2455 (SQL injection vulnerability in comment.php in the MacGuru BLOG Engine ...)
- TODO: check
+ NOT-FOR-US: MacGuru BLOG Engine
CVE-2008-2454 (SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) ...)
- TODO: check
+ NOT-FOR-US: xsstream-dm
CVE-2008-2453 (Multiple SQL injection vulnerabilities in PHP Classifieds Script allow ...)
- TODO: check
+ NOT-FOR-US: PHP Classifieds Script
CVE-2008-2452 (Cross-site scripting (XSS) vulnerability in the Questionaire (aka ...)
- TODO: check
+ NOT-FOR-US: Questionaire pbsurvey
CVE-2008-2451 (Multiple SQL injection vulnerabilities in the Statistics (aka ...)
- TODO: check
+ NOT-FOR-US: Statistics ke_stats
CVE-2008-2450 (Multiple cross-site scripting (XSS) vulnerabilities in the Statistics ...)
- TODO: check
+ NOT-FOR-US: Statistics ke_stats
CVE-2008-2449 (Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan ...)
- TODO: check
+ NOT-FOR-US: phpInstantGallery
CVE-2008-2448 (Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote ...)
- TODO: check
+ NOT-FOR-US: Meto Forum
CVE-2008-2447 (SQL injection vulnerability in products.php in the Mytipper ZoGo-shop ...)
- TODO: check
+ NOT-FOR-US: Mytipper ZoGo-shop
CVE-2008-2446 (Multiple SQL injection vulnerabilities in Web Group Communication ...)
- TODO: check
+ NOT-FOR-US: Web Group Communication Center
CVE-2008-2445 (Cross-site scripting (XSS) vulnerability in profile.php in Web Group ...)
- TODO: check
+ NOT-FOR-US: Web Group Communication Center
CVE-2008-2444 (SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 ...)
- TODO: check
+ NOT-FOR-US: CaLogic Calendars
CVE-2008-2443 (SQL injection vulnerability in dpage.php in The Real Estate Script ...)
- TODO: check
+ NOT-FOR-US: Real Estate Script
CVE-2008-2442
RESERVED
CVE-2008-2441
@@ -149,37 +149,37 @@
CVE-2008-2426
RESERVED
CVE-2008-2425 (SQL injection vulnerability in index.php in FicHive 1.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: FicHive
CVE-2008-2422 (SQL injection vulnerability in index.php in Web Slider 0.6 allows ...)
- TODO: check
+ NOT-FOR-US: Web Slider
CVE-2008-2421 (Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web ...)
- TODO: check
+ NOT-FOR-US: Web GUI in SAP Web Application Server (WAS)
CVE-2008-2419 (Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of ...)
TODO: check
CVE-2008-2418 (Race condition in the STREAMS Administrative Driver (sad) in Sun ...)
- TODO: check
+ NOT-FOR-US: STREAMS Administrative Driver SUN
CVE-2008-2417 (SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard ...)
- TODO: check
+ NOT-FOR-US: Webboard
CVE-2008-2416 (SQL injection vulnerability in index.php in FicHive 1.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: FicHive
CVE-2008-2415 (Directory traversal vulnerability in ...)
- TODO: check
+ NOT-FOR-US: DigitalHive
CVE-2008-2414 (Cross-site scripting (XSS) vulnerability in send_email.php in AN ...)
- TODO: check
+ NOT-FOR-US: AN Guestbook
CVE-2008-2413 (Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News ...)
- TODO: check
+ NOT-FOR-US: ACGV News
CVE-2008-2412 (SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows ...)
- TODO: check
+ NOT-FOR-US: ACGV News
CVE-2008-2411 (SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, ...)
- TODO: check
+ NOT-FOR-US: SazCart
CVE-2008-2410 (Cross-site scripting (XSS) vulnerability in the servlet engine and Web ...)
- TODO: check
+ NOT-FOR-US: Web Server service in IBM Lotus Domino
CVE-2008-2409 (Stack-based buffer overflow in Cerulean Studios Trillian before ...)
- TODO: check
+ NOT-FOR-US: Cerulean Studios Trillian
CVE-2008-2408 (Heap-based buffer overflow in the XML parsing functionality in ...)
- TODO: check
+ NOT-FOR-US: Cerulean Studios Trillian
CVE-2008-2407 (Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian ...)
- TODO: check
+ NOT-FOR-US: Cerulean Studios Trillian
CVE-2008-2406
RESERVED
CVE-2008-2405
@@ -193,7 +193,7 @@
CVE-2008-2401
RESERVED
CVE-2008-2400 (Unspecified vulnerability in stunnel before 4.23, when running as a ...)
- TODO: check
+ - stunnel4 <not-affected> (Windows specific issue)
CVE-2008-2399 (Directory traversal vulnerability in the FireFTP add-on before ...)
TODO: check
CVE-2008-XXXX [Adobe Flash Player is prone to an unspecified remote code-execution vulnerability]
More information about the Secure-testing-commits
mailing list