[Secure-testing-commits] r17727 - data/CVE
Florian Weimer
fw at alioth.debian.org
Thu Dec 1 19:18:17 UTC 2011
Author: fw
Date: 2011-12-01 19:18:17 +0000 (Thu, 01 Dec 2011)
New Revision: 17727
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-12-01 15:36:56 UTC (rev 17726)
+++ data/CVE/list 2011-12-01 19:18:17 UTC (rev 17727)
@@ -137,17 +137,17 @@
CVE-2011-4573
RESERVED
CVE-2011-4572 (Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF ...)
- TODO: check
+ NOT-FOR-US: CF Image Hosting Script
CVE-2011-4571 (SQL injection vulnerability in the Estate Agent (com_estateagent) ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2011-4570 (SQL injection vulnerability in the Time Returns (com_timereturns) ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2011-4569 (SQL injection vulnerability in userbarsettings.php in the Userbar ...)
- TODO: check
+ NOT-FOR-US: MyBB extension
CVE-2011-4568 (Cross-site scripting (XSS) vulnerability in view/frontend-head.php in ...)
- TODO: check
+ NOT-FOR-US: Wordpress extension
CVE-2011-4567 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Zen Cart
CVE-2011-4566 (Integer overflow in the exif_process_IFD_TAG function in exif.c in the ...)
- php5 <unfixed>
CVE-2011-4565 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.5.1.a, ...)
@@ -208,9 +208,9 @@
CVE-2011-4543
RESERVED
CVE-2011-4542 (Hastymail2 2.1.1 before RC2 allows remote attackers to execute ...)
- TODO: check
+ - hastymail <removed>
CVE-2011-4541 (Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 ...)
- TODO: check
+ - hastymail <removed>
CVE-2011-4540
RESERVED
CVE-2011-4539
@@ -11881,7 +11881,7 @@
CVE-2010-4696 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
- joomla <itp> (bug #571794)
CVE-2009-5051 (Hastymail2 before RC 8 does not set the secure flag for the session ...)
- NOT-FOR-US: Hastymail
+ - hastymail <removed>
CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow ...)
{DSA-2148-1}
- tor 0.2.1.29-1
@@ -12579,7 +12579,7 @@
- eclipse 3.5.2-9 (low; bug #611849)
[squeeze] - eclipse 3.5.2-6squeeze2
CVE-2010-4646 (Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 ...)
- NOT-FOR-US: Hastymail
+ - hastymail <removed>
CVE-2010-4644 (Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 ...)
- subversion 1.6.12dfsg-3 (low; bug #608989)
[lenny] - subversion <no-dsa> (Minor issue)
@@ -61084,7 +61084,7 @@
CVE-2004-2705 (Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) ...)
- pvpgn 1.6.4+20040826-1
CVE-2004-2704 (Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) ...)
- NOT-FOR-US: Hastymail
+ - hastymail <removed>
CVE-2004-2703 (Clearswift MIMEsweeper 5.0.5, when it has been upgraded from ...)
NOT-FOR-US: MIMEsweeper
CVE-2004-2702 (Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 ...)
@@ -77930,7 +77930,7 @@
CVE-2006-5314 (PHP remote file inclusion vulnerability in ftag.php in TribunaLibre ...)
NOT-FOR-US: TribunaLibre
CVE-2006-5313 (Hastymail 1.5 and earlier before 20061008 allows remote authenticated ...)
- NOT-FOR-US: Hastymail
+ - hastymail <removed>
CVE-2006-5312 (PHP remote file inclusion vulnerability in shoutbox.php in the Ajax ...)
NOT-FOR-US: Ajax Shoutbox
CVE-2006-5311 (PHP remote file inclusion vulnerability in ...)
@@ -78032,7 +78032,7 @@
CVE-2006-5263 (Directory traversal vulnerability in templates/header.php3 in ...)
NOT-FOR-US: phpMyAgenda
CVE-2006-5262 (CRLF injection vulnerability in lib/session.php in Hastymail 1.5 and ...)
- NOT-FOR-US: Hastymail
+ - hastymail <removed>
CVE-2006-5261 (Multiple PHP remote file inclusion vulnerabilities in PHPMyNews 1.4 ...)
NOT-FOR-US: PHPMyNews
CVE-2006-5260 (PHP remote file inclusion vulnerability in compteur.php in Compteur 2 ...)
More information about the Secure-testing-commits
mailing list