[Secure-testing-commits] r17949 - data/CVE
Florian Weimer
fw at alioth.debian.org
Sat Dec 31 16:59:28 UTC 2011
Author: fw
Date: 2011-12-31 16:59:28 +0000 (Sat, 31 Dec 2011)
New Revision: 17949
Modified:
data/CVE/list
Log:
CVE-2011-5036: ruby-rack
CVE-2011-5027: zabbix
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-12-31 16:52:21 UTC (rev 17948)
+++ data/CVE/list 2011-12-31 16:59:28 UTC (rev 17949)
@@ -7,7 +7,7 @@
CVE-2011-5037 (Google V8 computes hash values for form parameters without restricting ...)
- libv8 <unfixed>
CVE-2011-5036 (Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes ...)
- TODO: check
+ - ruby-rack <unfixed>
CVE-2011-5035 (Oracle Glassfish 3.1.1 and earlier computes hash values for form ...)
- glassfish <unfixed>
CVE-2011-5034 (Apache Geronimo 2.2.1 and earlier computes hash values for form ...)
@@ -15,21 +15,21 @@
NOTE: It's not clear if this issue is in Geronimo itself,
NOTE: or in the servlet container it uses.
CVE-2011-5033 (Stack-based buffer overflow in CFS.c in ConfigServer Security & ...)
- TODO: check
+ NOT-FOR-US: ConfigServer Security & Firewall
CVE-2011-5032 (WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to ...)
- TODO: check
+ NOT-FOR-US: WinMount
CVE-2011-5031 (Multiple SQL injection vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: cApexWEB
CVE-2011-5030 (Cross-site scripting (XSS) vulnerability in the Meta tags quick module ...)
- TODO: check
+ NOT-FOR-US: Meta tags quick module for Drupal
CVE-2011-5029 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
- TODO: check
+ NOT-FOR-US: Sumple PHP Blog
CVE-2011-5028 (Directory traversal vulnerability in novelllogmanager/FileDownload in ...)
- TODO: check
+ NOT-FOR-US: Novell Sentinel Log Manager
CVE-2011-5027 (Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 ...)
- TODO: check
+ - zabbix <unfixed>
CVE-2011-5026 (Cross-site scripting (XSS) vulnerability in Winn GuestBook before ...)
- TODO: check
+ NOT-FOR-US: Winn Guestbook
CVE-2011-5025 (Multiple cross-site scripting (XSS) vulnerabilities in the wiki ...)
TODO: check
CVE-2011-5024 (Cross-site scripting (XSS) vulnerability in mmsearch/design in the ...)
More information about the Secure-testing-commits
mailing list