[Secure-testing-commits] r10170 - data/CVE

fw at alioth.debian.org fw at alioth.debian.org
Sun Oct 26 22:56:30 UTC 2008


Author: fw
Date: 2008-10-26 22:56:29 +0000 (Sun, 26 Oct 2008)
New Revision: 10170

Modified:
   data/CVE/list
Log:
NFUs
CVE-2008-4639: jhead

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-26 21:14:14 UTC (rev 10169)
+++ data/CVE/list	2008-10-26 22:56:29 UTC (rev 10170)
@@ -159,7 +159,7 @@
 CVE-2008-4665 (SQL injection vulnerability in PG Matchmaking allows remote attackers ...)
 	TODO: check
 CVE-2008-4664 (Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX control ...)
-	TODO: check
+	NOT-FOR-US: QvodInsert
 CVE-2008-4663 (Cross-site scripting (XSS) vulnerability in analysis.cgi 1.44, as used ...)
 	TODO: check
 CVE-2008-4662 (Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when ...)
@@ -187,11 +187,11 @@
 CVE-2008-4650 (SQL injection vulnerability in viewevent.php in myEvent 1.6 allows ...)
 	TODO: check
 CVE-2008-4649 (Session fixation vulnerability in Elxis CMS 2008.1 revision 2204 ...)
-	TODO: check
+	NOT-FOR-US: Elxis
 CVE-2008-4648 (Cross-site scripting (XSS) vulnerability in index.php in Elxis CMS ...)
-	TODO: check
+	NOT-FOR-US: Elxis
 CVE-2008-4647 (SQL injection vulnerability in index.php in sweetCMS 1.5.2 allows ...)
-	TODO: check
+	NOT-FOR-US: sweetCMS
 CVE-2008-4646 (The Websense Reporter Module in Websense Enterprise 6.3.2 stores the ...)
 	NOT-FOR-US: Websense Enterprise
 CVE-2008-4645 (plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier ...)
@@ -207,7 +207,7 @@
 CVE-2008-4640 (The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and ...)
 	TODO: check
 CVE-2008-4639 (jhead.c in Matthias Wandel jhead before 2.84 allows local users to ...)
-	TODO: check
+	- jhead 2.84-1 (low)
 CVE-2008-4638 (qioadmin in the Quick I/O for Database feature in Symantec Veritas ...)
 	NOT-FOR-US: Symantec VxFS
 CVE-2008-4637 (Cross-site scripting (XSS) vulnerability in cpCommerce before 1.2.4 ...)




More information about the Secure-testing-commits mailing list