[Secure-testing-commits] r13631 - data/CVE
Steffen Joeris
white at alioth.debian.org
Wed Dec 23 11:00:33 UTC 2009
Author: white
Date: 2009-12-23 11:00:32 +0000 (Wed, 23 Dec 2009)
New Revision: 13631
Modified:
data/CVE/list
Log:
Mark all 3 new XSS issues for drupal6 accordingly
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-12-23 10:37:34 UTC (rev 13630)
+++ data/CVE/list 2009-12-23 11:00:32 UTC (rev 13631)
@@ -73,11 +73,15 @@
CVE-2009-4372 (AlienVault Open Source Security Information Management (OSSIM) 2.1.5, ...)
NOT-FOR-US: AlienVault Open Source Security Information Management
CVE-2009-4371 (Cross-site scripting (XSS) vulnerability in the Locale module ...)
- - drupal6 <unfixed> (low)
+ - drupal6 <unfixed> (low; bug #562165)
+ [lenny] - drupal6 <no-dsa> (Minor issue, requires auth)
CVE-2009-4370 (Cross-site scripting (XSS) vulnerability in the Menu module ...)
- TODO: check
+ - drupal6 <unfixed> (low; bug #562165)
+ [lenny] - drupal6 <no-dsa> (Minor issue, requires auth)
CVE-2009-4369 (Cross-site scripting (XSS) vulnerability in the Contact module ...)
- TODO: check
+ - drupal6 <unfixed> (low; bug #562165)
+ [lenny] - drupal6 <no-dsa> (Minor issue, requires auth)
+ - drupal5 <unfixed> (low)
CVE-2009-4368 (Multiple unspecified vulnerabilities in Centreon before 2.1.4 have ...)
NOT-FOR-US: Centreon
CVE-2009-4367 (The Staging Webservice ("sitecore modules/staging/service/api.asmx") ...)
More information about the Secure-testing-commits
mailing list