[Secure-testing-commits] r14998 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Fri Jul 16 17:39:29 UTC 2010
Author: jmm-guest
Date: 2010-07-16 17:39:29 +0000 (Fri, 16 Jul 2010)
New Revision: 14998
Modified:
data/CVE/list
Log:
new mysql issue
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-07-15 21:18:13 UTC (rev 14997)
+++ data/CVE/list 2010-07-16 17:39:29 UTC (rev 14998)
@@ -91,27 +91,27 @@
CVE-2010-2725
RESERVED
CVE-2010-2724 (Cross-site scripting (XSS) vulnerability in the Hierarchical Select ...)
- TODO: check
+ NOT-FOR-US: Drupal addon module
CVE-2010-2723 (Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 allows ...)
- TODO: check
+ NOT-FOR-US: LISTSERV
CVE-2010-2722 (Cross-site scripting (XSS) vulnerability in index.php in RightInPoint ...)
- TODO: check
+ NOT-FOR-US: RightInPoint Lyrics Script
CVE-2010-2721 (SQL injection vulnerability in index.php in RightInPoint Lyrics Script ...)
- TODO: check
+ NOT-FOR-US: RightInPoint Lyrics Script
CVE-2010-2720 (SQL injection vulnerability in list.php in phpaaCms 0.3.1 UTF-8, and ...)
- TODO: check
+ NOT-FOR-US: phpaaCms
CVE-2010-2719 (SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and ...)
- TODO: check
+ NOT-FOR-US: phpaaCms
CVE-2010-2718 (Multiple cross-site scripting (XSS) vulnerabilities in CruxSoftware ...)
- TODO: check
+ NOT-FOR-US: CruxSoftware
CVE-2010-2717 (Cross-site scripting (XSS) vulnerability in manager/login.php in ...)
- TODO: check
+ NOT-FOR-US: CruxSoftware
CVE-2010-2716 (Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote ...)
- TODO: check
+ NOT-FOR-US: PsNews
CVE-2010-2715 (Cross-site scripting (XSS) vulnerability in photos/index.php in TCW ...)
- TODO: check
+ NOT-FOR-US: TCW PHP Album
CVE-2010-2714 (SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 ...)
- TODO: check
+ NOT-FOR-US: TCW PHP Album
CVE-2010-2713
RESERVED
CVE-2010-2712
@@ -135,76 +135,76 @@
CVE-2010-2703
RESERVED
CVE-2010-2702 (Buffer overflow in the UGameEngine::UpdateConnectingMessage function ...)
- TODO: check
+ NOT-FOR-US: Unreal engine
CVE-2010-2701 (Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow ...)
- TODO: check
+ NOT-FOR-US: FathFTP ActiveX control
CVE-2010-2700 (Cross-site scripting (XSS) vulnerability in index.php in Edge PHP ...)
- TODO: check
+ NOT-FOR-US: Edge PHP Clickbank Affiliate Marketplace Script
CVE-2010-2699 (SQL injection vulnerability in index.php in Edge PHP Clickbank ...)
- TODO: check
+ NOT-FOR-US: Edge PHP Clickbank Affiliate Marketplace Script
CVE-2010-2698 (Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community ...)
- TODO: check
+ NOT-FOR-US: Sijio Community Software
CVE-2010-2697 (Cross-site scripting (XSS) vulnerability in Sijio Community Software ...)
- TODO: check
+ NOT-FOR-US: Sijio Community Software
CVE-2010-2696 (SQL injection vulnerability in gallery/index.php in Sijio Community ...)
- TODO: check
+ NOT-FOR-US: Sijio Community Software
CVE-2010-2695 (Directory traversal vulnerability in the SFTP/SSH2 virtual server in ...)
- TODO: check
+ NOT-FOR-US: Xlight FTP Server
CVE-2010-2694 (SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 ...)
- TODO: check
+ NOT-FOR-US: Joomla addon
CVE-2010-2693 (FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag ...)
- kfreebsd-7 7.3-5
- kfreebsd-8 8.0-10
CVE-2010-2692 (Cross-site scripting (XSS) vulnerability in 2daybiz Custom T-Shirt ...)
- TODO: check
+ NOT-FOR-US: 2daybiz Custom T-Shirt Design Script
CVE-2010-2691 (Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt ...)
- TODO: check
+ NOT-FOR-US: 2daybiz Custom T-Shirt Design Script
CVE-2010-2690 (SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) ...)
- TODO: check
+ NOT-FOR-US: Joomla addon
CVE-2010-2689 (SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS ...)
- TODO: check
+ NOT-FOR-US: Internet DM WebDM CMS
CVE-2010-2688 (SQL injection vulnerability in detail.asp in Site2Nite Boat ...)
- TODO: check
+ NOT-FOR-US: Site2Nite Boat Classifieds
CVE-2010-2687 (SQL injection vulnerability in printdetail.asp in Site2Nite Boat ...)
- TODO: check
+ NOT-FOR-US: Site2Nite Boat Classifieds
CVE-2010-2686 (Multiple SQL injection vulnerabilities in clientes.asp in TopManage ...)
- TODO: check
+ NOT-FOR-US: SAP module
CVE-2010-2685 (siteadmin/adduser.php in Customer Paradigm PageDirector CMS does not ...)
- TODO: check
+ NOT-FOR-US: Customer Paradigm PageDirector CMS
CVE-2010-2684 (SQL injection vulnerability in index.php in Customer Paradigm ...)
- TODO: check
+ NOT-FOR-US: Customer Paradigm PageDirector CMS
CVE-2010-2683 (SQL injection vulnerability in result.php in Customer Paradigm ...)
- TODO: check
+ NOT-FOR-US: Customer Paradigm PageDirector CMS
CVE-2010-2682 (Directory traversal vulnerability in the Realtyna Translator ...)
- TODO: check
+ NOT-FOR-US: Joomla addon
CVE-2010-2681 (PHP remote file inclusion vulnerability in the SEF404x (com_sef) ...)
- TODO: check
+ NOT-FOR-US: Joomla addon
CVE-2010-2680 (Directory traversal vulnerability in the JExtensions JE ...)
- TODO: check
+ NOT-FOR-US: Joomla addon
CVE-2010-2679 (SQL injection vulnerability in the Weblinks (com_weblinks) component ...)
- TODO: check
+ NOT-FOR-US: Joomla addon
CVE-2010-2678 (SQL injection vulnerability in xmap (com_xmap) component for Joomla! ...)
- TODO: check
+ NOT-FOR-US: Joomla addon
CVE-2010-2677 (PHP remote file inclusion vulnerability in mw_plugin.php in Open Web ...)
- TODO: check
+ NOT-FOR-US: Open Web Analytics
CVE-2010-2676 (Multiple directory traversal vulnerabilities in index.php in Open Web ...)
- TODO: check
+ NOT-FOR-US: Open Web Analytics
CVE-2010-2675 (Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS ...)
- TODO: check
+ NOT-FOR-US: TSOKA:CMS
CVE-2010-2674 (SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and ...)
- TODO: check
+ NOT-FOR-US: TSOKA:CMS
CVE-2010-2673 (SQL injection vulnerability in profile_view.php in Devana 1.6.6 and ...)
- TODO: check
+ NOT-FOR-US: Devana
CVE-2010-2672 (Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through ...)
- TODO: check
+ - ezpublish <removed>
CVE-2010-2671 (Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ ...)
- TODO: check
+ - ezpublish <removed>
CVE-2010-2670 (SQL injection vulnerability in recipedetail.php in BrotherScripts ...)
- TODO: check
+ NOT-FOR-US: BrotherScripts Recipe Website
CVE-2010-2669 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Orbis CMS
CVE-2010-2668 (Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet ...)
- TODO: check
+ NOT-FOR-US: Adaptive Micro Systems ALPHA Ethernet Adapter
CVE-2010-2667
RESERVED
CVE-2010-2666 (Opera before 10.54 on Windows and Mac OS X does not properly enforce ...)
@@ -228,11 +228,11 @@
CVE-2010-2657 (Opera before 10.60 on Windows and Mac OS X does not properly prevent ...)
NOT-FOR-US: Opera
CVE-2010-2656 (The IBM BladeCenter with Advanced Management Module (AMM) firmware ...)
- TODO: check
+ NOT-FOR-US: BladeCenter software
CVE-2010-2655 (Directory traversal vulnerability in private/file_management.php on ...)
- TODO: check
+ NOT-FOR-US: BladeCenter software
CVE-2010-2654 (Multiple cross-site scripting (XSS) vulnerabilities on the IBM ...)
- TODO: check
+ NOT-FOR-US: BladeCenter software
CVE-2010-2653
RESERVED
CVE-2009-4935 (SQL injection vulnerability in ogp_show.php in Online Guestbook Pro ...)
@@ -890,7 +890,7 @@
CVE-2010-2386 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
NOT-FOR-US: Solaris
CVE-2010-2385 (Unspecified vulnerability in Oracle Sun Java System Web Proxy Server ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Java System Web Proxy Server
CVE-2010-2384 (Unspecified vulnerability in Oracle Solaris 9 and 10 allows local ...)
NOT-FOR-US: Solaris
CVE-2010-2383 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and ...)
@@ -1856,7 +1856,8 @@
CVE-2010-2009 (Stack-based buffer overflow in the media library in BS.Global ...)
NOT-FOR-US: BS.Global BS.Player
CVE-2010-2008 (MySQL before 5.1.48 allows remote authenticated users with alter ...)
- TODO: check
+ - mysql-5.1 5.1.48-1
+ - mysql-dfsg-5.0 <removed>
CVE-2010-2007 (Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS ...)
- mydms <unfixed> (bug #582587; medium)
NOTE: seems to have changed name to letoDMS
More information about the Secure-testing-commits
mailing list