[Secure-testing-commits] r17767 - data/CVE
Helmut Grohne
helmut-guest at alioth.debian.org
Fri Dec 9 20:41:00 UTC 2011
Author: helmut-guest
Date: 2011-12-09 20:41:00 +0000 (Fri, 09 Dec 2011)
New Revision: 17767
Modified:
data/CVE/list
Log:
NFUs, <undetermined>, <removed>
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-12-09 09:14:21 UTC (rev 17766)
+++ data/CVE/list 2011-12-09 20:41:00 UTC (rev 17767)
@@ -2157,7 +2157,7 @@
CVE-2010-4873 (Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 ...)
NOT-FOR-US: WeBid
CVE-2010-4872 (SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 ...)
- NOT-FOR-US: SmartFTP
+ NOT-FOR-US: ASPilot Pilot Cart
CVE-2010-4871 (Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows ...)
NOT-FOR-US: SmartFTP
CVE-2010-4870 (SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows ...)
@@ -3318,6 +3318,7 @@
CVE-2011-3579 (server/webmail.php in IceWarp WebMail in IceWarp Mail Server before ...)
NOT-FOR-US: IceWarp Mail Server
CVE-2011-3578 (Cross-site scripting (XSS) vulnerability in ...)
+ - mantis <undetermined>
TODO: check, whether this was fixed in the DSA for CVE-2011-3357
CVE-2004-2770
REJECTED
@@ -3860,7 +3861,7 @@
TODO: file bug for kolab-cyrus-imapd
NOTE: medium because it allows to exploit CVE-2011-3208 unauthenticated
CVE-2011-3371 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- NOTE: PunBB
+ NOT-FOR-US: PunBB
CVE-2011-3370
RESERVED
CVE-2011-3369 (The add_conversation function in conversations.c in EtherApe before ...)
@@ -4778,7 +4779,7 @@
CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki before ...)
NOT-FOR-US: Twiki
CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, ...)
- TODO: check
+ - ruby1.8 <undetermined>
CVE-2011-3008 (The default configuration of Avaya Secure Access Link (SAL) Gateway ...)
NOT-FOR-US: Avaya Secure Access Link Gateway
CVE-2008-7298 (The Android browser in Android cannot properly restrict modifications ...)
@@ -7143,7 +7144,7 @@
{DSA-2271-1}
- curl 7.21.6-2 (high; bug #631615)
CVE-2011-2191 (Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in ...)
- TODO: check
+ - cherokee <undetermined>
CVE-2011-2189 (net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does ...)
- linux-2.6 2.6.35-1 (low)
[lenny] - linux-2.6 <no-dsa> (attacker needs elevated CAP_SYS_ADMIN privileges to abuse this)
@@ -9641,7 +9642,7 @@
CVE-2011-1341 (Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before ...)
NOT-FOR-US: Aimluck Aipo
CVE-2011-1340 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ - plone3 <removed>
CVE-2011-1339 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...)
NOT-FOR-US: Google Search Appliance
CVE-2011-1338 (Untrusted search path vulnerability in XnView before 1.98.1 allows ...)
More information about the Secure-testing-commits
mailing list