[Secure-testing-commits] r11142 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Wed Feb 4 21:45:48 UTC 2009
Author: white
Date: 2009-02-04 21:45:47 +0000 (Wed, 04 Feb 2009)
New Revision: 11142
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-04 21:14:35 UTC (rev 11141)
+++ data/CVE/list 2009-02-04 21:45:47 UTC (rev 11142)
@@ -1,59 +1,59 @@
CVE-2009-0417
RESERVED
CVE-2009-0416 (The SSL certificate setup program (genSslCert.sh) in Standards Based ...)
- TODO: check
+ NOT-FOR-US: sblim-sfcb
CVE-2009-0415 (Untrusted search path vulnerability in trickle 1.07 allows local users ...)
TODO: check
CVE-2009-0413 (Cross-site scripting (XSS) vulnerability in RoundCube Webmail ...)
TODO: check
CVE-2009-0412 (The ProcessLogin function in class.auth.php in Interspire Shopping ...)
- TODO: check
+ NOT-FOR-US: Interspire Shopping Cart
CVE-2009-0411 (Google Chrome before 1.0.154.46 does not properly restrict access from ...)
- TODO: check
+ NOT-FOR-US: Google Chrome
CVE-2009-0410 (Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2009-0409 (SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and ...)
- TODO: check
+ NOT-FOR-US: Max.Blog
CVE-2009-0408 (Cross-site request forgery (CSRF) vulnerability in osCommerce 2.2 RC ...)
- TODO: check
+ NOT-FOR-US: osCommerce
CVE-2009-0407 (SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 ...)
- TODO: check
+ NOT-FOR-US: PHP-CMS
CVE-2009-0406 (SQL injection vulnerability in index.php in Community CMS 0.4 and ...)
- TODO: check
+ NOT-FOR-US: Community CMS
CVE-2009-0405 (SQL injection vulnerability in articles.php in smartSite CMS 1.0 ...)
- TODO: check
+ NOT-FOR-US: smartSite CMS
CVE-2009-0404 (Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics ...)
- TODO: check
+ NOT-FOR-US: Bioinformatics htmLawed
CVE-2009-0403 (SQL injection vulnerability in admin/authenticate.php in Chipmunk ...)
- TODO: check
+ NOT-FOR-US: Chipmunk Blogger Script
CVE-2009-0402 (SQL injection vulnerability in client/new_account.php in Domain ...)
- TODO: check
+ NOT-FOR-US: Domain Technologie Control
CVE-2009-0401 (SQL injection vulnerability in browsecats.php in E-Php CMS allows ...)
- TODO: check
+ NOT-FOR-US: E-Php CMS
CVE-2009-0400 (SQL injection vulnerability in blog.php in SocialEngine 3.06 trial ...)
- TODO: check
+ NOT-FOR-US: SocialEngine
CVE-2009-0399 (Chipmunk Blogger Script allows remote attackers to gain administrator ...)
- TODO: check
+ NOT-FOR-US: Chipmunk Blogger Script
CVE-2009-0398 (Array index error in the gst_qtp_trak_handler function in ...)
TODO: check
CVE-2009-0397 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...)
TODO: check
CVE-2009-0396 (The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, ...)
- TODO: check
+ NOT-FOR-US: Sony Ericsson
CVE-2009-0395 (SQL injection vulnerability in the login feature in NetArt Media Car ...)
- TODO: check
+ NOT-FOR-US: NetArt Media Car Portal
CVE-2009-0394 (SQL injection vulnerability in login.php in Pre Lecture Exercises ...)
- TODO: check
+ NOT-FOR-US: Pre Lecture Exercises
CVE-2009-0393 (Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola ...)
- TODO: check
+ NOT-FOR-US: Motorola Wimax
CVE-2009-0392 (Directory traversal vulnerability in sysconf.cgi in Motorola Wimax ...)
- TODO: check
+ NOT-FOR-US: Motorola Wimax
CVE-2009-0391 (Unspecified vulnerability in IBM WebSphere Application Server (WAS) ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2009-0390 (Argument injection vulnerability in Enomaly Elastic Computing Platform ...)
- TODO: check
+ NOT-FOR-US: Enomaly Elastic Computing Platform
CVE-2009-0389 (Multiple insecure method vulnerabilities in the Web On Windows (WOW) ...)
- TODO: check
+ NOT-FOR-US: ActiveX
CVE-2009-0388
RESERVED
CVE-2009-0387 (Array index error in the qtdemux_parse_samples function in ...)
@@ -61,117 +61,117 @@
CVE-2009-0386 (Heap-based buffer overflow in the qtdemux_parse_samples function in ...)
TODO: check
CVE-2009-0384 (SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows ...)
- TODO: check
+ NOT-FOR-US: OwnRS CMS
CVE-2009-0383 (delete.php in Max.Blog 1.0.6 does not properly restrict access, which ...)
- TODO: check
+ NOT-FOR-US: Max.Blog
CVE-2009-0382 (Unspecified vulnerability in Internationalization (i18n) Translation ...)
TODO: check
CVE-2009-0381 (SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping ...)
- TODO: check
+ NOT-FOR-US: BazaarBuilder Ecommerce Shopping Cart
CVE-2009-0380 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Sigsiu Online Business Index
CVE-2009-0379 (SQL injection vulnerability in the Prince Clan Chess Club ...)
- TODO: check
+ NOT-FOR-US: Prince Clan Chess Club
CVE-2009-0378 (Cross-site scripting (XSS) vulnerability in index.php in the ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2009-0377 (SQL injection vulnerability in the beamospetition (com_beamospetition) ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2009-0376
RESERVED
CVE-2009-0375
RESERVED
CVE-2009-0374 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Google Chrome
CVE-2009-0373 (SQL injection vulnerability in the ElearningForce Flash Magazine ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2009-0372 (Unrestricted file upload vulnerability in index.php in Miltenovik ...)
- TODO: check
+ NOT-FOR-US: Miltenovik Manojlo MemHT Portal
CVE-2009-0371 (Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and ...)
- TODO: check
+ NOT-FOR-US: SiteXS CMS
CVE-2009-0370 (Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2009-0369 (Microsoft Internet Explorer 7 allows remote attackers to trick a user ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2008-6045 (Session fixation vulnerability in xt:Commerce 3.0.4 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: xt:Commerce
CVE-2008-6044 (Cross-site scripting (XSS) vulnerability in advanced_search_result.php ...)
- TODO: check
+ NOT-FOR-US: xt:Commerce
CVE-2008-6043 (Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow ...)
- TODO: check
+ NOT-FOR-US: PHP Pro Bid
CVE-2008-6042 (SQL injection vulnerability in the re_search module in NetArtMedia ...)
- TODO: check
+ NOT-FOR-US: NetArtMedia Real Estate Portal
CVE-2008-6041 (Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in ...)
- TODO: check
+ NOT-FOR-US: Dataspade
CVE-2008-6040 (SQL injection vulnerability in index.php in Arcadem Pro 2.700 through ...)
- TODO: check
+ NOT-FOR-US: Arcadem Pro
CVE-2008-6039 (Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: BLUEPAGE CMS
CVE-2008-6038 (SQL injection vulnerability in index.php in MapCal 0.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: MapCal
CVE-2008-6037 (SQL injection vulnerability in view.php in AvailScript Article Script ...)
- TODO: check
+ NOT-FOR-US: AvailScript Article Script
CVE-2008-6036 (PHP remote file inclusion vulnerability in main.inc.php in BaseBuilder ...)
- TODO: check
+ NOT-FOR-US: BaseBuilder
CVE-2008-6035 (Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo ...)
- TODO: check
+ NOT-FOR-US: Achievo
CVE-2008-6034 (Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo ...)
- TODO: check
+ NOT-FOR-US: Achievo
CVE-2008-6033 (SQL injection vulnerability in comments.php in WSN Links 2.20 allows ...)
- TODO: check
+ NOT-FOR-US: WSN Links
CVE-2008-6032 (SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P ...)
- TODO: check
+ NOT-FOR-US: WSN Links
CVE-2008-6031 (SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 ...)
- TODO: check
+ NOT-FOR-US: WSN Links
CVE-2008-6030 (Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 ...)
- TODO: check
+ NOT-FOR-US: NetArtMedia Jobs Portal
CVE-2008-6029 (SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and ...)
- TODO: check
+ NOT-FOR-US: BuzzyWall
CVE-2008-6028 (SQL injection vulnerability in list.php in University of Queensland ...)
- TODO: check
+ NOT-FOR-US: Library Fez
CVE-2008-6027 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: BLUEPAGE CMS
CVE-2008-6026 (SQL injection vulnerability in tienda.php in BlueCUBE CMS allows ...)
- TODO: check
+ NOT-FOR-US: BlueCUBE CMS
CVE-2008-6025 (Directory traversal vulnerability in scr/form.php in openElec 3.01 and ...)
- TODO: check
+ NOT-FOR-US: openElec
CVE-2008-6024 (Unspecified vulnerability in the NFSv4 client module in the kernel on ...)
TODO: check
CVE-2008-6023 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Xnova
CVE-2008-6022 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Xnova
CVE-2008-6021 (Multiple unspecified vulnerabilities in Attachmate Reflection for ...)
- TODO: check
+ NOT-FOR-US: Attachmate Reflection
CVE-2008-6020 (SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for ...)
TODO: check
CVE-2008-6019 (SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows ...)
- TODO: check
+ NOT-FOR-US: EACOMM DO-CMS
CVE-2008-6018 (Directory traversal vulnerability in index.php in MyPHPSite, when ...)
- TODO: check
+ NOT-FOR-US: MyPHPSite
CVE-2008-6017 (SQL injection vulnerability in messages.php in I-Rater Basic allows ...)
- TODO: check
+ NOT-FOR-US: I-Rater Basic
CVE-2008-6016 (SQL injection vulnerability in questions.php in EsFaq 2.0 allows ...)
- TODO: check
+ NOT-FOR-US: EsFaq
CVE-2008-6015 (Multiple SQL injection vulnerabilities in search.php in EsFaq 2.0 ...)
- TODO: check
+ NOT-FOR-US: EsFaq
CVE-2008-6014 (SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS ...)
- TODO: check
+ NOT-FOR-US: Rianxosencabos CMS
CVE-2008-6013 (Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 ...)
- TODO: check
+ NOT-FOR-US: Freeway
CVE-2008-6012 (Directory traversal vulnerability in index.php in Pritlog 0.4 and ...)
- TODO: check
+ NOT-FOR-US: Pritlog
CVE-2008-6011 (SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 ...)
- TODO: check
+ NOT-FOR-US: SG Real Estate Portal
CVE-2008-6010 (Multiple directory traversal vulnerabilities in SG Real Estate Portal ...)
- TODO: check
+ NOT-FOR-US: SG Real Estate Portal
CVE-2008-6009 (SG Real Estate Portal 2.0 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: SG Real Estate Portal
CVE-2008-6008 (hyBook Guestbook Script stores sensitive information under the web ...)
- TODO: check
+ NOT-FOR-US: hyBook Guestbook Script
CVE-2008-6007 (SQL injection vulnerability in view_group.php in QuidaScript BookMarks ...)
- TODO: check
+ NOT-FOR-US: QuidaScript BookMarks Favourites Script
CVE-2008-6006 (Multiple PHP remote file inclusion vulnerabilities in Micronation ...)
- TODO: check
+ NOT-FOR-US: Micronation Banking System
CVE-2009-XXXX [mahara: XSS in forum posts]
- mahara 1.0.9-1 (low)
[lenny] - mahara 1.0.4-4
More information about the Secure-testing-commits
mailing list