[Secure-testing-commits] r11797 - data/CVE
Kees Cook
kees at alioth.debian.org
Tue May 5 18:59:31 UTC 2009
Author: kees
Date: 2009-05-05 18:59:31 +0000 (Tue, 05 May 2009)
New Revision: 11797
Modified:
data/CVE/list
Log:
NFUs: 22
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-05 17:46:41 UTC (rev 11796)
+++ data/CVE/list 2009-05-05 18:59:31 UTC (rev 11797)
@@ -1,3 +1,21 @@
+CVE-2009-1519
+ NOT-FOR-US: Pecio CMS
+CVE-2009-1518
+ NOT-FOR-US: Beltane
+CVE-2009-1517
+ NOT-FOR-US: ActiveX
+CVE-2009-1516
+ NOT-FOR-US: ActiveX
+CVE-2009-1514
+ NOT-FOR-US: Google Chrome
+CVE-2008-6791
+ NOT-FOR-US: PumpKIN TFTP Server
+CVE-2008-6790
+ NOT-FOR-US: MindDezign Photo Gallery
+CVE-2008-6789
+ NOT-FOR-US: MindDezign Photo Gallery
+CVE-2008-6788
+ NOT-FOR-US: MindDezign Photo Gallery
CVE-2009-XXXX [xvfb insecure passing of magic cookie]
- xorg-server <unfixed> (low; bug #526678)
[etch] - xorg-server <no-dsa> (minor issue)
@@ -53,31 +71,31 @@
CVE-2009-1495 (Web File Explorer 3.1 stores sensitive information under the web root ...)
NOT-FOR-US: Web File Explorer
CVE-2008-6787 (SQL injection vulnerability in administrator/index.php in Lizardware ...)
- TODO: check
+ NOT-FOR-US: Lizardware CMS
CVE-2008-6786 (Multiple directory traversal vulnerabilities in geekigeeki.py in ...)
- TODO: check
+ NOT-FOR-US: GeekiGeeki
CVE-2008-6785 (Unrestricted file upload vulnerability in Mini File Host 1.5 allows ...)
- TODO: check
+ NOT-FOR-US: Mini File Host
CVE-2008-6784 (SQL injection vulnerability in directory.php in Scripts For Sites ...)
- TODO: check
+ NOT-FOR-US: EZ Adult Directory
CVE-2008-6783 (SQL injection vulnerability in directory.php in Sites for Scripts ...)
- TODO: check
+ NOT-FOR-US: EZ Home Business Directory
CVE-2008-6782 (SQL injection vulnerability in directory.php in Sites for Scripts ...)
- TODO: check
+ NOT-FOR-US: EZ Hosting Directory
CVE-2008-6781 (SQL injection vulnerability in directory.php in Sites for Scripts ...)
- TODO: check
+ NOT-FOR-US: Gaming Directory
CVE-2008-6780 (SQL injection vulnerability in directory.php in Scripts for Sites ...)
- TODO: check
+ NOT-FOR-US: EZ Affiliate
CVE-2008-6779 (SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows ...)
- TODO: check
+ NOT-FOR-US: PHP-Nuke
CVE-2008-6778 (SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) ...)
- TODO: check
+ NOT-FOR-US: EZ Auction
CVE-2008-6777 (Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier ...)
- TODO: check
+ NOT-FOR-US: MyPHP Forum
CVE-2008-6776 (SQL injection vulnerability in viewcomments.php in Scripts For Sites ...)
- TODO: check
+ NOT-FOR-US: EZ Hot or Not
CVE-2008-6775 (HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: HTC Touch
CVE-2009-XXXX [jetty: Vulnerability in ResourceHandler and DefaultServlet with aliases]
- jetty <unfixed>
NOTE: http://jira.codehaus.org/browse/JETTY-1004
More information about the Secure-testing-commits
mailing list