[Secure-testing-commits] r9873 - data/CVE

stef-guest at alioth.debian.org stef-guest at alioth.debian.org
Tue Sep 23 21:44:55 UTC 2008 

Author: stef-guest
Date: 2008-09-23 21:44:54 +0000 (Tue, 23 Sep 2008)
New Revision: 9873

Modified:
   data/CVE/list
Log:
flash clipboard issue does not affect gnash and swfdec
some NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-09-23 21:14:10 UTC (rev 9872)
+++ data/CVE/list	2008-09-23 21:44:54 UTC (rev 9873)
@@ -1,25 +1,25 @@
 CVE-2008-4189 (Buffer overflow in the printer sharing services in the Samba code in ...)
-	TODO: check
+	NOT-FOR-US: Xerox
 CVE-2008-4188 (Unspecified vulnerability in the TYPO3 Secure Directory (kw_secdir) ...)
-	TODO: check
+	NOT-FOR-US: kw_secdir extension for TYPO3
 CVE-2008-4187 (Directory traversal vulnerability in index.php in ProActive CMS allows ...)
-	TODO: check
+	NOT-FOR-US: ProActive CMS
 CVE-2008-4186 (SQL injection vulnerability in index.php in webCMS Portal Edition ...)
-	TODO: check
+	NOT-FOR-US: webCMS Portal Edition
 CVE-2008-4185 (SQL injection vulnerability in index.php in webCMS Portal Edition ...)
-	TODO: check
+	NOT-FOR-US: webCMS Portal Edition
 CVE-2008-4184 (Cross-site scripting (XSS) vulnerability in index.php in webCMS Portal ...)
-	TODO: check
+	NOT-FOR-US: webCMS Portal Edition
 CVE-2008-4183 (IntegraMOD 1.4.x stores sensitive information under the web root with ...)
-	TODO: check
+	NOT-FOR-US: IntegraMOD
 CVE-2008-4182 (Cross-site scripting (XSS) vulnerability in imp/test.php in Horde ...)
 	TODO: check
 CVE-2008-4181 (Directory traversal vulnerability in includes/xml.php in the Netenberg ...)
-	TODO: check
+	NOT-FOR-US: Netenberg Fantastico De Luxe module for cPanel
 CVE-2008-4180 (Unspecified vulnerability in db.php in NooMS 1.1 allows remote ...)
-	TODO: check
+	NOT-FOR-US: NooMS
 CVE-2008-4179 (Multiple cross-site scripting (XSS) vulnerabilities in NooMS 1.1 allow ...)
-	TODO: check
+	NOT-FOR-US: NooMS
 CVE-2008-4178 (SQL injection vulnerability in tr.php in DownlineGoldmine Special ...)
 	TODO: check
 CVE-2008-4177 (SQL injection vulnerability in search.php in Pre Real Estate Listings ...)
@@ -681,7 +681,8 @@
 CVE-2008-3874 (Cross-site scripting (XSS) vulnerability in account.php in Lussumo ...)
 	NOT-FOR-US: Lussumo Vanilla
 CVE-2008-3873 (The System.setClipboard method in Adobe Flash Player allows remote ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash Player
+	NOTE: System.setClipboard is not implemented (yet?) in gnash 0.8.3 and swfdec0.6 0.6.8
 CVE-2008-3872
 	RESERVED
 CVE-2008-3871

More information about the Secure-testing-commits mailing list