[Secure-testing-commits] r12643 - data/CVE

Nico Golde nion at alioth.debian.org
Wed Aug 19 23:15:10 UTC 2009


Author: nion
Date: 2009-08-19 23:15:10 +0000 (Wed, 19 Aug 2009)
New Revision: 12643

Modified:
   data/CVE/list
Log:
- new/old squid issue (CVE-2009-2855)
- CVE-2009-285{1,3,4} fixed in wordpress 2.8.3-1
- NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-08-19 22:54:00 UTC (rev 12642)
+++ data/CVE/list	2009-08-19 23:15:10 UTC (rev 12643)
@@ -1,17 +1,17 @@
 CVE-2009-2856 (Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding ...)
-	TODO: check
+	NOT-FOR-US: Sun Virtual Desktop Infrastructure
 CVE-2009-2855 (The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 ...)
-	TODO: check
+	- squid <unfixed> (low; bug #534982)
 CVE-2009-2854 (Wordpress before 2.8.3 does not check capabilities for certain ...)
-	TODO: check
+	- wordpress 2.8.3-1
 CVE-2009-2853 (Wordpress before 2.8.3 allows remote attackers to gain privileges via ...)
-	TODO: check
+	- wordpress 2.8.3-1
 CVE-2009-2852 (WP-Syntax plugin 0.9.1 and earlier for Wordpress, with ...)
-	TODO: check
+	NOT-FOR-US: WP-Syntax plugin
 CVE-2009-2851 (Cross-site scripting (XSS) vulnerability in the administrator ...)
-	TODO: check
+	- wordpress 2.8.3-1 (low)
 CVE-2009-2850 (Multiple buffer overflows in NASA Common Data Format (CDF) allow ...)
-	TODO: check
+	NOT-FOR-US: NASA Common Data Format
 CVE-2009-2845
 	REJECTED
 	TODO: check
@@ -159,33 +159,33 @@
 CVE-2009-2793
 	RESERVED
 CVE-2009-2792 (Directory traversal vulnerability in plugings/pagecontent.php in ...)
-	TODO: check
+	NOT-FOR-US: Really Simple CMS
 CVE-2009-2791 (PHP remote file inclusion vulnerability in pda_projects.php in ...)
-	TODO: check
+	NOT-FOR-US: WebDynamite ProjectButler
 CVE-2009-2790 (SQL injection vulnerability in cat_products.php in SoftBiz Dating ...)
-	TODO: check
+	NOT-FOR-US: SoftBiz Dating
 CVE-2009-2789 (SQL injection vulnerability in the Permis (com_groups) component 1.0 ...)
-	TODO: check
+	NOT-FOR-US: com_groups component for Joomla!
 CVE-2009-2788 (Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow ...)
-	TODO: check
+	NOT-FOR-US: Mobilelib GOLD
 CVE-2009-2787 (Directory traversal vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Reputation plugin for PunBB
 CVE-2009-2786 (SQL injection vulnerability in reputation.php in the Reputation plugin ...)
-	TODO: check
+	NOT-FOR-US: Reputation plugin for PunBB
 CVE-2009-2785 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Open ...)
-	TODO: check
+	NOT-FOR-US: PHP Open Classifieds Script
 CVE-2009-2784 (Multiple directory traversal vulnerabilities in dit.cms 1.3, when ...)
-	TODO: check
+	NOT-FOR-US: dit.cms
 CVE-2009-2783 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.3.3 ...)
-	TODO: check
+	NOT-FOR-US: XOOPS
 CVE-2009-2782 (SQL injection vulnerability in the JFusion (com_jfusion) component for ...)
-	TODO: check
+	NOT-FOR-US: com_jfusion component for Joomla!
 CVE-2009-2781 (SQL injection vulnerability in forum.php in Arab Portal 2.x, when ...)
-	TODO: check
+	NOT-FOR-US: Arab Portal
 CVE-2009-2780 (Multiple cross-site scripting (XSS) vulnerabilities in 68 Classifieds ...)
-	TODO: check
+	NOT-FOR-US: 68 Classifieds
 CVE-2009-2779 (SQL injection vulnerability in index.php in AJ Matrix DNA allows ...)
-	TODO: check
+	NOT-FOR-US: AJ Matrix DNA
 CVE-2008-7003 (Multiple SQL injection vulnerabilities in login.php in The Rat CMS ...)
 	TODO: check
 CVE-2008-7002 (PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir ...)




More information about the Secure-testing-commits mailing list