[Secure-testing-commits] r10281 - data/CVE
atomo64-guest at alioth.debian.org
atomo64-guest at alioth.debian.org
Wed Nov 5 03:16:59 UTC 2008
Author: atomo64-guest
Date: 2008-11-05 03:16:58 +0000 (Wed, 05 Nov 2008)
New Revision: 10281
Modified:
data/CVE/list
Log:
Just one java web start issue left
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-11-05 02:45:59 UTC (rev 10280)
+++ data/CVE/list 2008-11-05 03:16:58 UTC (rev 10281)
@@ -6,32 +6,31 @@
RESERVED
CVE-2008-4914
RESERVED
-begin claimed by atomo64-guest
CVE-2008-4913 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and ...)
- TODO: check
+ NOT-FOR-US: LokiCMS
CVE-2008-4912 (SQL injection vulnerability in popup_img.php in the fotogalerie module ...)
- TODO: check
+ NOT-FOR-US: RS MAXSOFT
CVE-2008-4911 (PHP remote file inclusion vulnerability in read.php in Chattaitaliano ...)
- TODO: check
+ NOT-FOR-US: Chattaitaliano Istant-Replay
CVE-2008-4910 (The BasicService in Sun Java Web Start allows remote attackers to ...)
TODO: check
CVE-2008-4909 (Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and ...)
- TODO: check
+ NOT-FOR-US: CompactCMS
CVE-2008-4908 (maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local ...)
- TODO: check
+ [etch] - crossfire-maps <unfixed> (low; bug #504561)
+ - crossfire-maps <not-affected> (The file doesn't exist in the package as shipped in lenny)
CVE-2008-4906 (SQL injection vulnerability in lyrics_song.php in the Lyrics ...)
- TODO: check
+ NOT-FOR-US: Lyrics (lyrics_menu) plugin for e107
CVE-2008-4905 (Typo 5.1.3 and earlier uses a hard-coded salt for calculating password ...)
- TODO: check
+ NOT-FOR-US: Typo (blog engine)
CVE-2008-4904 (SQL injection vulnerability in the "Manage pages" feature ...)
- TODO: check
+ NOT-FOR-US: Typo (blog engine)
CVE-2008-4903 (Cross-site scripting (XSS) vulnerability in the leave comment ...)
- TODO: check
+ NOT-FOR-US: Typo (blog engine)
CVE-2008-4902 (SQL injection vulnerability in contact_author.php in Article Publisher ...)
- TODO: check
+ NOT-FOR-US: Article Publisher
CVE-2008-4901 (SQL injection vulnerability in admin/admin.php in Article Publisher ...)
- TODO: check
-end claimed by atomo64-guest
+ NOT-FOR-US: Article Publisher
CVE-2008-4900 (SQL injection vulnerability in tr.php in YourFreeWorld Classifieds ...)
NOT-FOR-US: YourFreeWorld Classifieds
CVE-2008-4899 (Cross-site request forgery (CSRF) vulnerability in Planetluc RateMe ...)
More information about the Secure-testing-commits
mailing list