[Secure-testing-commits] r11960 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Sat May 23 13:49:51 UTC 2009
Author: derevko-guest
Date: 2009-05-23 13:49:51 +0000 (Sat, 23 May 2009)
New Revision: 11960
Modified:
data/CVE/list
Log:
- NFUs
- CVE-2009-1759: ctorrent is affected
- CVE-2009-1757: fixed in transmission 1.61-1, lenny and etch versions are not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-23 07:06:38 UTC (rev 11959)
+++ data/CVE/list 2009-05-23 13:49:51 UTC (rev 11960)
@@ -7,41 +7,43 @@
CVE-2009-1760
RESERVED
CVE-2009-1759 (Stack-based buffer overflow in the btFiles::BuildFromMI function ...)
- TODO: check
+ - ctorrent <unfixed> (bug #530255)
CVE-2009-1758 (The hypervisor_callback function in Xen, possibly before 3.4.0, as ...)
TODO: check
CVE-2009-1757 (Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 ...)
- TODO: check
+ - transmission 1.61-1 (low)
+ [lenny] - transmission <not-affected> (Vulnerable code not present, the web interface was introduced in 1.30)
+ [etch] - transmission <not-affected> (Vulnerable code not present, the web interface was introduced in 1.30)
CVE-2009-1754
RESERVED
CVE-2009-1752 (exJune Office Message System 1 does not properly restrict access to ...)
- TODO: check
+ NOT-FOR-US: exJune Office Message System
CVE-2009-1751 (SQL injection vulnerability in list_list.php in Realty Webware ...)
- TODO: check
+ NOT-FOR-US: Realty Web-Base
CVE-2009-1750 (Unrestricted file upload vulnerability in VidSharePro allows remote ...)
- TODO: check
+ NOT-FOR-US: VidSharePro
CVE-2009-1749 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: Catviz
CVE-2009-1748 (Multiple directory traversal vulnerabilities in index.php in Catviz ...)
- TODO: check
+ NOT-FOR-US: Catviz
CVE-2009-1747 (SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 ...)
- TODO: check
+ NOT-FOR-US: bSpeak
CVE-2009-1746 (SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 ...)
- TODO: check
+ NOT-FOR-US: Dian Gemilang DGNews
CVE-2009-1745 (Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x ...)
- TODO: check
+ NOT-FOR-US: Armorlogic Profense Web Application Firewall
CVE-2009-1744 (InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in ...)
- TODO: check
+ NOT-FOR-US: Pinnacle
CVE-2009-1743 (Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in ...)
- TODO: check
+ NOT-FOR-US: Pinnacle
CVE-2009-1742 (code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for ...)
- TODO: check
+ NOT-FOR-US: PC4Arb Pc4 Uploader
CVE-2009-1741 (Multiple SQL injection vulnerabilities in login.php in DM FileManager ...)
- TODO: check
+ NOT-FOR-US: DM FileManager
CVE-2009-1740 (Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer ...)
- TODO: check
+ NOT-FOR-US: D-Link MPEG4 Viewer
CVE-2009-1739 (PAD Site Scripts 3.6 allows remote attackers to bypass authentication ...)
- TODO: check
+ NOT-FOR-US: PAD Site Scripts
CVE-2009-1738 (Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x before ...)
TODO: check
CVE-2009-1737 (Directory traversal vulnerability in bom.php in MyPic 2.1 allows ...)
More information about the Secure-testing-commits
mailing list