[Secure-testing-commits] r11797 - data/CVE

Kees Cook kees at alioth.debian.org
Tue May 5 18:59:31 UTC 2009 

Author: kees
Date: 2009-05-05 18:59:31 +0000 (Tue, 05 May 2009)
New Revision: 11797

Modified:
   data/CVE/list
Log:
NFUs: 22

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-05-05 17:46:41 UTC (rev 11796)
+++ data/CVE/list	2009-05-05 18:59:31 UTC (rev 11797)
@@ -1,3 +1,21 @@
+CVE-2009-1519
+	NOT-FOR-US: Pecio CMS
+CVE-2009-1518
+	NOT-FOR-US: Beltane
+CVE-2009-1517
+	NOT-FOR-US: ActiveX
+CVE-2009-1516
+	NOT-FOR-US: ActiveX
+CVE-2009-1514
+	NOT-FOR-US: Google Chrome
+CVE-2008-6791
+	NOT-FOR-US: PumpKIN TFTP Server
+CVE-2008-6790
+	NOT-FOR-US: MindDezign Photo Gallery
+CVE-2008-6789
+	NOT-FOR-US: MindDezign Photo Gallery
+CVE-2008-6788
+	NOT-FOR-US: MindDezign Photo Gallery
 CVE-2009-XXXX [xvfb insecure passing of magic cookie]
 	- xorg-server <unfixed> (low; bug #526678)
 	[etch] - xorg-server <no-dsa> (minor issue)
@@ -53,31 +71,31 @@
 CVE-2009-1495 (Web File Explorer 3.1 stores sensitive information under the web root ...)
 	NOT-FOR-US: Web File Explorer
 CVE-2008-6787 (SQL injection vulnerability in administrator/index.php in Lizardware ...)
-	TODO: check
+	NOT-FOR-US: Lizardware CMS
 CVE-2008-6786 (Multiple directory traversal vulnerabilities in geekigeeki.py in ...)
-	TODO: check
+	NOT-FOR-US: GeekiGeeki
 CVE-2008-6785 (Unrestricted file upload vulnerability in Mini File Host 1.5 allows ...)
-	TODO: check
+	NOT-FOR-US: Mini File Host
 CVE-2008-6784 (SQL injection vulnerability in directory.php in Scripts For Sites ...)
-	TODO: check
+	NOT-FOR-US: EZ Adult Directory
 CVE-2008-6783 (SQL injection vulnerability in directory.php in Sites for Scripts ...)
-	TODO: check
+	NOT-FOR-US: EZ Home Business Directory
 CVE-2008-6782 (SQL injection vulnerability in directory.php in Sites for Scripts ...)
-	TODO: check
+	NOT-FOR-US: EZ Hosting Directory
 CVE-2008-6781 (SQL injection vulnerability in directory.php in Sites for Scripts ...)
-	TODO: check
+	NOT-FOR-US: Gaming Directory
 CVE-2008-6780 (SQL injection vulnerability in directory.php in Scripts for Sites ...)
-	TODO: check
+	NOT-FOR-US: EZ Affiliate
 CVE-2008-6779 (SQL injection vulnerability in the Sarkilar module for PHP-Nuke allows ...)
-	TODO: check
+	NOT-FOR-US: PHP-Nuke
 CVE-2008-6778 (SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) ...)
-	TODO: check
+	NOT-FOR-US: EZ Auction
 CVE-2008-6777 (Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier ...)
-	TODO: check
+	NOT-FOR-US: MyPHP Forum
 CVE-2008-6776 (SQL injection vulnerability in viewcomments.php in Scripts For Sites ...)
-	TODO: check
+	NOT-FOR-US: EZ Hot or Not
 CVE-2008-6775 (HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: HTC Touch
 CVE-2009-XXXX [jetty: Vulnerability in ResourceHandler and DefaultServlet with aliases]
 	- jetty <unfixed>
 	NOTE: http://jira.codehaus.org/browse/JETTY-1004

More information about the Secure-testing-commits mailing list