[Secure-testing-commits] r11465 - data/CVE
kees at alioth.debian.org
kees at alioth.debian.org
Mon Mar 23 21:47:42 UTC 2009
Author: kees
Date: 2009-03-23 21:47:41 +0000 (Mon, 23 Mar 2009)
New Revision: 11465
Modified:
data/CVE/list
Log:
NFUs: 41
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-03-23 21:14:12 UTC (rev 11464)
+++ data/CVE/list 2009-03-23 21:47:41 UTC (rev 11465)
@@ -1,17 +1,17 @@
CVE-2009-1040 (Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote ...)
NOT-FOR-US: WinAsm
CVE-2009-1039 (Buffer overflow in CDex 1.70b2 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: CDex
CVE-2009-1038 (Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote ...)
NOT-FOR-US: YAP Blog
CVE-2009-1037 (Unspecified vulnerability in the Send by e-mail module in the ...)
- TODO: check
+ NOT-FOR-US: Send by e-mail module for Drupal
CVE-2009-1036 (Cross-site request forgery (CSRF) vulnerability in the Plus 1 module ...)
- TODO: check
+ NOT-FOR-US: Plus 1 module for Drupal
CVE-2009-1035 (Cross-site scripting (XSS) vulnerability in Tasklist module 5.x-1.x ...)
- TODO: check
+ NOT-FOR-US: Tasklist module for Drupal
CVE-2009-1034 (SQL injection vulnerability in the Tasklist module 5.x-1.x before ...)
- TODO: check
+ NOT-FOR-US: Tasklist module for Drupal
CVE-2009-1033 (SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier ...)
NOT-FOR-US: DeluxeBB
CVE-2009-1032 (SQL injection vulnerability in gallery_list.php in YABSoft Advanced ...)
@@ -21,21 +21,21 @@
CVE-2009-1030 (Cross-site scripting (XSS) vulnerability in the choose_primary_blog ...)
- wordpress-mu <itp> (bug #399756)
CVE-2009-1029 (Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: POP Peeper
CVE-2009-1028 (Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: ediSys eZip Wizard
CVE-2009-1027 (SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: OpenCart
CVE-2009-1026 (Multiple SQL injection vulnerabilities in login.php in Kim Websites ...)
- TODO: check
+ NOT-FOR-US: Kim Websites
CVE-2009-1025 (PHP remote file inclusion vulnerability in linkadmin.php in Beerwin ...)
- TODO: check
+ NOT-FOR-US: Beerwin PHPLinkAdmin
CVE-2009-1024 (Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 ...)
- TODO: check
+ NOT-FOR-US: Beerwin PHPLinkAdmin
CVE-2009-1023 (SQL injection vulnerability in index.php in phpComasy 0.9.1 allows ...)
- TODO: check
+ NOT-FOR-US: phpComasy
CVE-2009-1022 (Heap-based buffer overflow in the Preview/ Set Segment function in ...)
- TODO: check
+ NOT-FOR-US: Gretech GOMlab GOM Encoder
CVE-2009-1021
RESERVED
CVE-2009-1020
@@ -137,49 +137,49 @@
CVE-2009-0972
RESERVED
CVE-2008-6503 (Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2008-6502 (Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows ...)
- TODO: check
+ NOT-FOR-US: Pro Chat Rooms
CVE-2008-6501 (Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro ...)
- TODO: check
+ NOT-FOR-US: Pro Chat Rooms
CVE-2008-6500 (Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart ...)
- TODO: check
+ NOT-FOR-US: CodeToad ASP Shopping Cart Script
CVE-2008-6499 (security/xamppsecurity.php in XAMPP 1.6.8 performs an extract ...)
- TODO: check
+ NOT-FOR-US: XAMPP
CVE-2008-6498 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: XAMPP
CVE-2008-6497 (The Neostrada Livebox ADSL Router allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Neostrada Livebox ADSL Router
CVE-2008-6496 (Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX ...)
- TODO: check
+ NOT-FOR-US: VSPDFEditorX.ocx
CVE-2008-6495 (Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger ...)
- TODO: check
+ NOT-FOR-US: Fritz Berger yet another php photo album - next generation
CVE-2008-6494 (ASP User Engine.NET stores sensitive information under the web root ...)
- TODO: check
+ NOT-FOR-US: ASP User Engine.NET
CVE-2008-6493 (Easy Content Management Publishing stores sensitive information under ...)
- TODO: check
+ NOT-FOR-US: Easy Content Management Publishing
CVE-2008-6492 (Unrestricted file upload vulnerability in process.php in Tizag ...)
- TODO: check
+ NOT-FOR-US: Tizag Countdown Creator
CVE-2009-0971 (Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access ...)
- TODO: check
+ NOT-FOR-US: futomi's CGI Cafe Access Analyzer CGI Standard Version
CVE-2009-0970 (PHP remote file inclusion vulnerability in includes/class_image.php in ...)
- TODO: check
+ NOT-FOR-US: PHP Pro Bid
CVE-2009-0969 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: phpFoX
CVE-2009-0968 (SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 ...)
- TODO: check
+ NOT-FOR-US: fMoblog plugin for WordPress
CVE-2009-0967 (The FTP server in Serv-U 7.4.0.1 allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: Serv-U
CVE-2009-0966 (PHP remote file inclusion vulnerability in cross.php in YABSoft Mega ...)
NOT-FOR-US: YABSoft Mega File Hosting
CVE-2009-0965 (SQL injection vulnerability in functions/browse.php in Ganesha Digital ...)
- TODO: check
+ NOT-FOR-US: Ganesha Digital Library
CVE-2009-0964 (UserView_list.php in PHPRunner 4.2, and possibly earlier, stores ...)
NOT-FOR-US: PHPRunner
CVE-2009-0963 (Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly ...)
NOT-FOR-US: PHPRunner
CVE-2009-0962 (Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI ...)
- TODO: check
+ NOT-FOR-US: Futomi's CGI Cafe MP Form Mail CGI eCommerce
CVE-2009-0961
RESERVED
CVE-2009-0960
@@ -227,11 +227,11 @@
CVE-2008-6491 (PHP remote file inclusion vulnerability in connexion.php in PHPGKit ...)
NOT-FOR-US: PHPGKit
CVE-2008-6490 (function/update_xml.php in FLABER 1.1 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: FLABER
CVE-2008-6489 (SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for ...)
NOT-FOR-US: MyAlbum component (com_myalbum) for Joomla!
CVE-2008-6488 (SQL injection vulnerability in index.php in SoftComplex PHP Image ...)
- TODO: check
+ NOT-FOR-US: SoftComplex PHP Image Gallery
CVE-2008-6487 (Multiple SQL injection vulnerabilities in login.asp in Digiappz ...)
NOT-FOR-US: Digiappz DigiAffiliate
CVE-2008-6486 (PHP remote file inclusion vulnerability in ...)
@@ -261,7 +261,7 @@
- ejabberd <unfixed> (bug #520852)
TODO: check version in old/stable
CVE-2009-0933 (Cross-site scripting (XSS) vulnerability in the administrative ...)
- TODO: check
+ NOT-FOR-US: Dotclear
CVE-2009-0932 (Directory traversal vulnerability in framework/Image/Image.php in ...)
TODO: check
CVE-2009-0931 (Cross-site scripting (XSS) vulnerability in the tag cloud search ...)
@@ -269,19 +269,19 @@
CVE-2009-0930 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP ...)
TODO: check
CVE-2009-0929 (Directory traversal vulnerability in the media manager in Nucleus CMS ...)
- TODO: check
+ NOT-FOR-US: Nucleus CMS
CVE-2009-0928
RESERVED
CVE-2009-0927 (Unspecified vulnerability in Adobe Reader and Adobe Acrobat 9.1 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader and Adobe Acrobat
CVE-2009-0926 (Unspecified vulnerability in the UFS filesystem functionality in Sun ...)
- TODO: check
+ NOT-FOR-US: Sun OpenSolaris
CVE-2009-0925 (Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2009-0924 (Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, ...)
- TODO: check
+ NOT-FOR-US: Sun OpenSolaris
CVE-2009-0923 (Unspecified vulnerability in Kerberos Incremental Propagation in ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2009-0922 (PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows ...)
TODO: check
CVE-2008-6481 (SQL injection vulnerability in the Versioning component ...)
More information about the Secure-testing-commits
mailing list