[Secure-testing-commits] r13731 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Wed Jan 6 10:24:52 UTC 2010
Author: derevko-guest
Date: 2010-01-06 10:24:52 +0000 (Wed, 06 Jan 2010)
New Revision: 13731
Modified:
data/CVE/list
Log:
- NFUs
- new uzbl issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-01-06 01:28:25 UTC (rev 13730)
+++ data/CVE/list 2010-01-06 10:24:52 UTC (rev 13731)
@@ -1,3 +1,8 @@
+CVE-2010-XXXX [remote code execution through the "run" function]
+ - uzbl <unfixed> (medium)
+ NOTE: http://www.uzbl.org/news.php?id=22
+ NOTE: maintainer is aware of it
+ TODO: request CVE id
CVE-2010-0115
RESERVED
CVE-2010-0114
@@ -47,11 +52,11 @@
CVE-2009-4535 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the ...)
NOT-FOR-US: Mongoose
CVE-2009-4534 (Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4533 (The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4532 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4531 (httpdx 1.4.4 and earlier allows remote attackers to obtain the source ...)
NOT-FOR-US: httpdx
CVE-2009-4530 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the ...)
@@ -59,15 +64,15 @@
CVE-2009-4529 (InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote ...)
NOT-FOR-US: InterVations NaviCOPA Web Server
CVE-2009-4528 (The Organic Groups (OG) Vocabulary module 6.x before 6.x-1.0 for ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4527 (The Shibboleth authentication module 5.x before 5.x-3.4 and 6.x before ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4526 (The Send by e-mail sub-module in the Print (aka Printer, e-mail and ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4525 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4524 (Cross-site scripting (XSS) vulnerability in the RealName module ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4523 (Cross-site scripting (XSS) vulnerability in index.php in Zainu 1.0 ...)
NOT-FOR-US: Zainu
CVE-2009-4522 (Cross-site scripting (XSS) vulnerability in search.5.html in ...)
@@ -75,21 +80,21 @@
CVE-2009-4521 (Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse ...)
TODO: check
CVE-2009-4520 (The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4519 (Multiple unspecified vulnerabilities in Ortro before 1.3.4 have ...)
NOT-FOR-US: Ortro
CVE-2009-4518 (Cross-site scripting (XSS) vulnerability in the Insert Node module 5.x ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4517 (Cross-site request forgery (CSRF) vulnerability in the FAQ Ask module ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4516 (Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4515 (The Storm module 6.x before 6.x-1.25 for Drupal does not enforce ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4514 (Cross-site scripting (XSS) vulnerability in the OpenSocial ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4513 (Multiple cross-site scripting (XSS) vulnerabilities in the Workflow ...)
- TODO: check
+ NOT-FOR-US: module for Drupal
CVE-2009-4512 (Directory traversal vulnerability in index.php in Oscailt 3.3, when ...)
NOT-FOR-US: Oscailt
CVE-2009-4511
More information about the Secure-testing-commits
mailing list