[Secure-testing-commits] r13134 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Thu Oct 29 00:30:26 UTC 2009
Author: geissert
Date: 2009-10-29 00:30:26 +0000 (Thu, 29 Oct 2009)
New Revision: 13134
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-28 23:06:07 UTC (rev 13133)
+++ data/CVE/list 2009-10-29 00:30:26 UTC (rev 13134)
@@ -1,53 +1,55 @@
CVE-2009-3825 (Multiple directory traversal vulnerabilities in GenCMS 2006 allow ...)
- TODO: check
+ NOT-FOR-US: GenCMS
CVE-2009-3824 (Directory traversal vulnerability in include/processor.php in ...)
- TODO: check
+ NOT-FOR-US: Greenwood PHP Content Manager
CVE-2009-3823 (Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, ...)
- TODO: check
+ NOT-FOR-US: Mobilelib GOLD
CVE-2009-3822 (PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat ...)
- TODO: check
+ NOT-FOR-US: com_ajaxchat component for Joomla
CVE-2009-3821 (Cross-site scripting (XSS) vulnerability in the Apache Solr Search ...)
- TODO: check
+ NOT-FOR-US: Apache Solr Search extension for TYPO3
CVE-2009-3820 (SQL injection vulnerability in the Flagbit Filebase (fb_filebase) ...)
- TODO: check
+ NOT-FOR-US: Flagbit Filebase extension for TYPO3
CVE-2009-3819 (Unspecified vulnerability in the Random Images (maag_randomimage) ...)
- TODO: check
+ NOT-FOR-US: Random Images extension for TYPO3
CVE-2009-3818 (Unspecified vulnerability in the session handling feature in freeCap ...)
- TODO: check
+ NOT-FOR-US: freeCap CAPTCHA for TYPO3
CVE-2009-3817 (PHP remote file inclusion vulnerability in doc/releasenote.php in the ...)
- TODO: check
+ NOT-FOR-US: com_booklibrary component for Joomla!
CVE-2009-3816 (Multiple cross-site scripting (XSS) vulnerabilities in Activities ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Connections
CVE-2009-3815 (RunCMS 2M1, when running with certain error_reporting levels, allows ...)
- TODO: check
+ NOT-FOR-US: RunCMS 2M1
CVE-2009-3814 (Static code injection vulnerability in RunCMS 2M1 allows remote ...)
- TODO: check
+ NOT-FOR-US: RunCMS 2M1
CVE-2009-3813 (Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote ...)
- TODO: check
+ NOT-FOR-US: RunCMS 2M1
CVE-2009-3812 (Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0, Radio ...)
- TODO: check
+ NOT-FOR-US: OtsAV products
CVE-2009-3811 (Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows ...)
- TODO: check
+ NOT-FOR-US: Music Tag Editor
CVE-2009-3810 (Heap-based buffer overflow in Acoustica MP3 Audio Mixer 2.471 allows ...)
- TODO: check
+ NOT-FOR-US: Acoustica MP3 Audio Mixer
CVE-2009-3809 (Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote ...)
- TODO: check
+ NOT-FOR-US: Acoustica MP3 Audio Mixer
CVE-2009-3808 (MixSense DJ Studio 1.0.0.1 allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: MixSense DJ Studio
CVE-2009-3807 (Stack-based buffer overflow in MixVibes 7.043 Pro allows remote ...)
- TODO: check
+ NOT-FOR-US: MixVibes
CVE-2009-3806 (SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2009-3805 (gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11, allows ...)
TODO: check
+ NOTE: looks like an issue in gpg2 for windows (gpg4win.org), not specific
+ NOTE: to kleopatra
CVE-2009-3804 (Multiple SQL injection vulnerabilities in modules/forum/post.php in ...)
- TODO: check
+ NOT-FOR-US: RunCMS 2M1
CVE-2009-3803 (Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS ...)
- TODO: check
+ NOT-FOR-US: Amiro.CMS
CVE-2009-3802 (Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Amiro.CMS
CVE-2009-3801 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows ...)
- TODO: check
+ NOT-FOR-US: OpenDocMan
CVE-2009-XXXX [eglibc: ldd arbitrary code execution]
- eglibc <unfixed> (low; bug #552518)
- glibc <removed> (low; bug #552518)
@@ -82,13 +84,13 @@
CVE-2009-3791
RESERVED
CVE-2009-3790 (Heap-based buffer overflow in FormMax (formerly AcroForm) evaluation ...)
- TODO: check
+ NOT-FOR-US: FormMax
CVE-2009-3789 (Multiple cross-site scripting (XSS) vulnerabilities in OpenDocMan ...)
- TODO: check
+ NOT-FOR-US: OpenDocMan
CVE-2009-3788 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows ...)
- TODO: check
+ NOT-FOR-US: OpenDocMan
CVE-2009-3787 (files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct ...)
- TODO: check
+ NOT-FOR-US: Vivvo CMS
CVE-2009-3786 (Cross-site scripting (XSS) vulnerability in Organic Groups (OG) ...)
TODO: check
CVE-2009-3785 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
More information about the Secure-testing-commits
mailing list