[Secure-testing-commits] r9909 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Wed Oct 1 11:25:41 UTC 2008
Author: white
Date: 2008-10-01 11:25:41 +0000 (Wed, 01 Oct 2008)
New Revision: 9909
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-01 09:14:14 UTC (rev 9908)
+++ data/CVE/list 2008-10-01 11:25:41 UTC (rev 9909)
@@ -1,83 +1,83 @@
CVE-2008-4366 (Unrestricted file upload vulnerability in the image upload component ...)
- TODO: check
+ NOT-FOR-US: Camera Life
CVE-2008-4365 (Cross-site scripting (XSS) vulnerability in search.php in Siteman ...)
- TODO: check
+ NOT-FOR-US: Siteman
CVE-2008-4364 (SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb ...)
- TODO: check
+ NOT-FOR-US: ParsaGostar ParsaWeb CMS
CVE-2008-4363 (DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a ...)
- TODO: check
+ NOT-FOR-US: DESlock
CVE-2008-4362 (The Virtual Token driver (vdlptokn.sys) 1.0.2.43 in DESlock+ 3.2.7 ...)
- TODO: check
+ NOT-FOR-US: DESlock
CVE-2008-4361 (Directory traversal vulnerability in PowerPortal 2.0.13 allows remote ...)
- TODO: check
+ NOT-FOR-US: PowerPortal
CVE-2008-4360
RESERVED
CVE-2008-4359
RESERVED
CVE-2008-4358 (Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP ...)
- TODO: check
+ NOT-FOR-US: SPAW Editor PHP
CVE-2008-4357 (SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows ...)
- TODO: check
+ NOT-FOR-US: Powie pLink
CVE-2008-4356 (Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 ...)
- TODO: check
+ NOT-FOR-US: Kasseler CMS
CVE-2008-4355 (SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum ...)
- TODO: check
+ NOT-FOR-US: Powie PSCRIPT Forum
CVE-2008-4354 (SQL injection vulnerability in the products module in NetArt Media ...)
- TODO: check
+ NOT-FOR-US: NetArt Media iBoutique
CVE-2008-4353 (SQL injection vulnerability in link.php in Linkarity allows remote ...)
- TODO: check
+ NOT-FOR-US: Linkarity
CVE-2008-4352 (SQL injection vulnerability in inc/pages/viewprofile.php in ...)
- TODO: check
+ NOT-FOR-US: phpSmartCom
CVE-2008-4351 (Directory traversal vulnerability in index.php in phpSmartCom 0.2 ...)
- TODO: check
+ NOT-FOR-US: phpSmartCom
CVE-2008-4350 (SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 ...)
- TODO: check
+ NOT-FOR-US: vbLOGIX Tutorial Script
CVE-2008-4349 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
- TODO: check
+ NOT-FOR-US: s0nic Paranews
CVE-2008-4348 (SQL injection vulnerability in photo.php in PHPortfolio allows remote ...)
- TODO: check
+ NOT-FOR-US: PHPortfolio
CVE-2008-4347 (SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows ...)
- TODO: check
+ NOT-FOR-US: Powie pNews
CVE-2008-4346 (Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows ...)
- TODO: check
+ NOT-FOR-US: TalkBack
CVE-2008-4345 (SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and ...)
- TODO: check
+ NOT-FOR-US: WebPortal CMS
CVE-2008-4344 (SQL injection vulnerability in cat.php in 6rbScript allows remote ...)
- TODO: check
+ NOT-FOR-US: 6rbScript
CVE-2008-4343 (The Chilkat XML ChilkatUtil.CkData.1 ActiveX control (ChilkatUtil.dll) ...)
- TODO: check
+ NOT-FOR-US: Chilkat XML ChilkatUtil.CkData.1 ActiveX control
CVE-2008-4342 (NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX ...)
- TODO: check
+ NOT-FOR-US: ActiveX
CVE-2008-4341 (add.php in MyBlog 0.9.8 and earlier allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: MyBlog
CVE-2008-4340 (Google Chrome 0.2.149.29 and 0.2.149.30 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Google Chrome
CVE-2008-4339 (Unspecified vulnerability in the Java Administration GUI (jnbSA) in ...)
- TODO: check
+ NOT-FOR-US: Symantec Veritas NetBackup Server
CVE-2008-4338 (SQL injection vulnerability in the brilliant_gallery_checklist_save ...)
TODO: check
CVE-2008-4337 (Cross-site scripting (XSS) vulnerability in Bitweaver 2.0.2 allows ...)
- TODO: check
+ NOT-FOR-US: Bitweaver
CVE-2008-4336 (Cross-site scripting (XSS) vulnerability in album.php in Atomic Photo ...)
- TODO: check
+ NOT-FOR-US: Atomic Photo Album
CVE-2008-4335 (SQL injection vulnerability in album.php in Atomic Photo Album (APA) ...)
- TODO: check
+ NOT-FOR-US: Atomic Photo Album
CVE-2008-4334 (PHP infoBoard V.7 Plus allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: PHP infoBoard
CVE-2008-4333 (Cross-site scripting (XSS) vulnerability in PHP infoBoard V.7 Plus ...)
- TODO: check
+ NOT-FOR-US: PHP infoBoard
CVE-2008-4332 (SQL injection vulnerability in the showjavatopic function in func.php ...)
- TODO: check
+ NOT-FOR-US: PHP infoBoard
CVE-2008-4331 (Directory traversal vulnerability in library/pagefunctions.inc.php in ...)
- TODO: check
+ NOT-FOR-US: phpOCS
CVE-2008-4330 (Directory traversal vulnerability in index.php in LanSuite 3.3.2 ...)
- TODO: check
+ NOT-FOR-US: LanSuite
CVE-2008-4329 (PHP remote file inclusion vulnerability in cms/system/openengine.php ...)
- TODO: check
+ NOT-FOR-US: openEngine
CVE-2008-4328 (SQL injection vulnerability in site_search.php in EasyRealtorPRO 2008 ...)
- TODO: check
+ NOT-FOR-US: EasyRealtorPRO
CVE-2008-4327 (gdiplus.dll in GDI+ in Microsoft Windows XP SP3 does not properly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-4326 (The PMA_escapeJsString function in libraries/js_escape.lib.php in ...)
TODO: check
CVE-2008-4325 (lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the ...)
@@ -85,17 +85,17 @@
CVE-2008-4324 (The user interface event dispatcher in Mozilla Firefox 3.0.3 on ...)
TODO: check
CVE-2008-4323 (Windows Explorer in Microsoft Windows XP SP3 allows user-assisted ...)
- TODO: check
+ NOT-FOR-US: Windows Explorer
CVE-2008-4322 (Stack-based buffer overflow in RealFlex Technologies Ltd. RealWin ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-4321 (Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP ...)
- TODO: check
+ NOT-FOR-US: FlashGet FTP
CVE-2008-4320 (Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before ...)
- TODO: check
+ NOT-FOR-US: OpenNMS
CVE-2008-4319 (fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 ...)
- TODO: check
+ NOT-FOR-US: Libra File Manager
CVE-2008-4318 (Observer 0.3.2.1 and earlier allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Observer
CVE-2008-4317
RESERVED
CVE-2008-4316
@@ -129,19 +129,19 @@
CVE-2008-4302 (fs/splice.c in the splice subsystem in the Linux kernel before ...)
TODO: check
CVE-2008-4301 (A certain ActiveX control in iisext.dll in Microsoft Internet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-4300 (A certain ActiveX control in adsiis.dll in Microsoft Internet ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-4299 (A certain ActiveX control in the Microsoft Internet Authentication ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-4297 (Mercurial before 1.0.2 does not enforce the allowpull permission ...)
TODO: check
CVE-2008-4296 (The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its ...)
- TODO: check
+ NOT-FOR-US: Cisco Linksys WRT350N
CVE-2008-4295 (Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-4294 (IBM Tivoli Netcool/Webtop 2.1 before 2.1.0.5 preserves cached user ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Netcool/Webtop
CVE-2008-4293 (Unspecified vulnerability in Opera before 9.52 on Windows, when ...)
TODO: check
CVE-2008-4292 (Opera before 9.52 does not check the CRL override upon encountering a ...)
@@ -235,17 +235,17 @@
CVE-2008-4248
RESERVED
CVE-2008-4246 (Unspecified vulnerability in Denora IRC Stats Server before 1.4.1 ...)
- TODO: check
+ NOT-FOR-US: Denora IRC Stats Server
CVE-2008-4245 (The Admin Control Panel in Rianxosencabos CMS 0.9 does not require ...)
- TODO: check
+ NOT-FOR-US: Rianxosencabos CMS
CVE-2008-4244 (Rianxosencabos CMS 0.9 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: Rianxosencabos CMS
CVE-2008-4243 (Directory traversal vulnerability in ImageServer (aka UTImageServer) ...)
TODO: check
CVE-2008-4242 (ProFTPD 1.3.1 interprets long commands from an FTP client as multiple ...)
TODO: check
CVE-2008-4241 (SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: CJ Ultra Plus
CVE-2008-4240
RESERVED
CVE-2008-4239
@@ -311,19 +311,19 @@
CVE-2008-4209
RESERVED
CVE-2008-4208 (Unspecified vulnerability in OSADS Alliance Database before 2.1 has ...)
- TODO: check
+ NOT-FOR-US: OSADS Alliance Database
CVE-2008-4207 (Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php ...)
- TODO: check
+ NOT-FOR-US: Attachmax Dolphin
CVE-2008-4206 (PHP remote file inclusion vulnerability in config.php in Attachmax ...)
- TODO: check
+ NOT-FOR-US: Attachmax Dolphin
CVE-2008-4205 (SQL injection vulnerability in index.php in Attachmax Dolphin 2.1.0 ...)
- TODO: check
+ NOT-FOR-US: Attachmax Dolphin
CVE-2008-4204 (SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation ...)
- TODO: check
+ NOT-FOR-US: SoftAcid Hotel Reservation System
CVE-2008-4203 (SQL injection vulnerability in cn_users.php in CzarNews 1.20 and ...)
- TODO: check
+ NOT-FOR-US: CzarNews
CVE-2008-4202 (SQL injection vulnerability in index.php in Gonafish LinksCaffePRO 4.5 ...)
- TODO: check
+ NOT-FOR-US: Gonafish LinksCaffePRO
CVE-2008-4200 (Opera before 9.52 does not ensure that the address field of a news ...)
TODO: check
CVE-2008-4199 (Opera before 9.52 does not prevent use of links from web pages to feed ...)
@@ -339,7 +339,7 @@
CVE-2008-4194 (The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par ...)
TODO: check
CVE-2008-4193 (Stack-based buffer overflow in SecurityGateway.dll in Alt-N ...)
- TODO: check
+ NOT-FOR-US: Alt-N Technologies SecurityGateway
CVE-2008-4192 (The pserver_shutdown function in fence_egenera in cman 2.20080629 ...)
TODO: check
CVE-2008-4191 (extract-table.pl in Emacspeak 26 and 28 allows local users to ...)
More information about the Secure-testing-commits
mailing list