[Secure-testing-commits] r11886 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Wed May 13 08:26:30 UTC 2009
Author: derevko-guest
Date: 2009-05-13 08:26:30 +0000 (Wed, 13 May 2009)
New Revision: 11886
Modified:
data/CVE/list
Log:
NFUs
CVE-2009-1603: opensc issue got a CVE id
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-13 01:02:35 UTC (rev 11885)
+++ data/CVE/list 2009-05-13 08:26:30 UTC (rev 11886)
@@ -1,31 +1,34 @@
CVE-2009-1616 (Cross-site scripting (XSS) vulnerability in docs/showdoc.php in ...)
- TODO: check
+ NOT-FOR-US: Coppermine Photo Gallery
CVE-2009-1615 (Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: Leap CMS
CVE-2009-1614 (Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4 ...)
- TODO: check
+ NOT-FOR-US: Leap CMS
CVE-2009-1613 (Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, ...)
- TODO: check
+ NOT-FOR-US: Leap CMS
CVE-2009-1612 (Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control ...)
NOT-FOR-US: ActiveX
CVE-2009-1611 (Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows ...)
NOT-FOR-US: ElectraSoft 32bit FTP
CVE-2009-1610 (admin/changepassword.php in Job Script Job Board Software 2.0 allows ...)
- TODO: check
+ NOT-FOR-US: Job Script Job Board Software
CVE-2009-1609 (Unrestricted file upload vulnerability in admin/uploadform.asp in ...)
- TODO: check
+ NOT-FOR-US: Battle Blog
CVE-2009-1608 (Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly ...)
- TODO: check
+ NOT-FOR-US: Microchip MPLAB IDE
CVE-2009-1607 (Cross-site scripting (XSS) vulnerability in the administrator panel in ...)
- TODO: check
+ NOT-FOR-US: LinkBase
CVE-2009-1606 (Multiple stack-based and heap-based buffer overflows in Dafolo ...)
- TODO: check
+ NOT-FOR-US: Dafolo DafoloControl ActiveX
CVE-2009-1605 (Heap-based buffer overflow in the loadexponentialfunc function in ...)
- TODO: check
+ NOT-FOR-US: MuPDF
CVE-2009-1604 (Unspecified vulnerability in LimeSurvey before 1.82 allows remote ...)
NOT-FOR-US: LimeSurvey
CVE-2009-1603 (src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used ...)
- TODO: check
+ - opensc 0.11.8 (high; bug #527640)
+ [etch] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
+ [lenny] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
+ NOTE: checked code, public exponent set correctly in etch/lenny versions (CK_BYTE publicExponent[] = { 3 };)
CVE-2009-1602 (Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote ...)
NOT-FOR-US: Pablo Software
CVE-2009-1601 (The Ubuntu clamav-milter.init script in clamav-milter before ...)
@@ -102,11 +105,6 @@
NOT-FOR-US: DFLabs
CVE-2008-6792 (system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used ...)
- system-tools-backends <unfixed> (low; bug #527952)
-CVE-2009-XXXX [opensc: insecure due to wrong public exponent]
- - opensc 0.11.8 (high; bug #527640)
- [etch] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
- [lenny] - opensc <not-affected> (vulnerable code introduced in 0.11.7)
- NOTE: checked code, public exponent set correctly in etch/lenny versions (CK_BYTE publicExponent[] = { 3 };)
CVE-2009-1581
RESERVED
CVE-2009-1580
More information about the Secure-testing-commits
mailing list