[Secure-testing-commits] r17382 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Oct 6 15:58:01 UTC 2011
Author: jmm
Date: 2011-10-06 15:58:01 +0000 (Thu, 06 Oct 2011)
New Revision: 17382
Modified:
data/CVE/list
Log:
- mark loads of silly web app path disclosure as NOT-FOR-US, not worth sorting out in detail
- record clamav stable fix
- new rpm issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-06 13:34:14 UTC (rev 17381)
+++ data/CVE/list 2011-10-06 15:58:01 UTC (rev 17382)
@@ -397,269 +397,269 @@
CVE-2010-4842 (SQL injection vulnerability in admin/login.php in MHP DownloadScript ...)
TODO: check
CVE-2011-3826 (Zikula 1.2.4 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3825 (Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3824 (Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3823 (Yamamah 1.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3822 (XOOPS 2.5.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3821 (xajax 0.6 beta1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3820 (WSN Software 6.0.6 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3819 (WoW Server Status 4.1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3818 (WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3817 (Website Baker 2.8.1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3816 (WEBinsta mailing list manager 1.3e allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3815 (WeBid 1.0.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3814 (WebCalendar 1.2.3 allows remote attackers to obtain sensitive ...)
- - webcalendar <removed> (unimportant)
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3813 (Virtual War (aka VWar) 1.5.0r15 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3812 (Vanilla 2.0.16 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3811 (TomatoCart 1.1.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3810 (TinyWebGallery (TWG) 1.8.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3809 (TheHostingTool (THT) 1.2.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3808 (The Bug Genie 2.1.2 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3807 (Textpattern 4.2.0 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3806 (TCExam 11.1.015 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3805 (TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3804 (SweetRice 0.7.1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3803 (SugarCRM 6.1.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3802 (StatusNet 0.9.6 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3801 (SimpleTest 1.0.1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3800 (Serendipity 1.5.5 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3799 (ReOS 2.0.5 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3798 (Rapid Leech 2.3-v42-svn322 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3797 (ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3796 (PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3795 (Podcast Generator 1.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3794 (Pligg CMS 1.1.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3793 (Pixie 1.04 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3792 (Pixelpost 1.7.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3791 (Piwik 1.1 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3790 (Piwigo 2.1.5 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3789 (phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3788 (PhpSecInfo 0.2.1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3787 (phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3786 (PHProjekt 6.0.5 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3785 (PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3784 (Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3783 (phpMyFAQ 2.6.13 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3782 (phpLD 2-151.2.0 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3781 (PHPIDS 0.6.5 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3780 (PHP iCalendar 2.4 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3779 (PhpHostBot 2.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3778 (PhpGedView 4.2.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3777 (phpFreeChat 1.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3776 (phpFormGenerator 2.09 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3775 (PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3774 (php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3773 (PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3772 (phpCollab 2.5 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3771 (phpBook 2.1.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3770 (phpAlbum 0.4.1.14 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3769 (PHPads 2.0 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3768 (Phorum 5.2.15a allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3767 (osCommerce 3.0a5 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3766 (OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3765 (Open-Realty 2.5.8 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3764 (OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3763 (OpenCart 1.4.9.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3762 (OpenBlog 1.2.1 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3761 (NuSOAP 0.9.5 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3760 (Nucleus 3.61 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3759 (MyBB (aka MyBulletinBoard) 1.6 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3758 (::mound:: 2.1.6 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3757 (Moodle 2.0.1 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3756 (MicroBlog 0.9.5 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3755 (MantisBT 1.2.4 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3754 (Mambo 4.6.5 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3753 (LinPHA 1.3.4 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3752 (LimeSurvey 1.90+ build9642-20101214 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3751 (LifeType 1.2.10 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3750 (kPlaylist 1.8.502 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3749 (ka-Map 1.0-20070205 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3748 (Kamads Classifieds 2_B3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3747 (Joomla! 1.6.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3746 (Jcow 4.2.1 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3745 (HycusCMS 1.0.3 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3744 (HTML Purifier 4.2.0 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3743 (Hesk 2.2 allows remote attackers to obtain sensitive information via a ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3742 (HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3741 (Ganglia 3.1.7 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3740 (FrontAccounting 2.3.1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3739 (Freeway 1.5 Alpha allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3738 (Feng Office 1.7.2 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3737 (eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3736 (ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3735 (Escort Agency CMS (aka escort-agency-cms) allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3734 (Energine 2.3.8 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3733 (Elgg 1.7.6 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3732 (eggBlog 4.1.2 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3731 (e107 0.7.24 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3730 (Drupal 7.0 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3729 (dotproject 2.1.4 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3728 (Dolphin 7.0.4 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3727 (DokuWiki 2009-12-25c allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3726 (DoceboLMS 4.0.4 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3725 (DeluxeBB 1.3 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3724 (CubeCart 4.4.3 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3723 (Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3722 (Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3721 (concrete 5.4.0.5, 5.4.1, and 5.4.1.1 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3720 (conceptcms 5.3.1 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3719 (CodeIgniter 1.7.2 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3718 (CMS Made Simple (CMSMS) 1.9.2 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3717 (ClipBucket 2.0.9 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3716 (Claroline 1.9.7 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3715 (ClanTiger 1.1.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3714 (ClanSphere 2010.0 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3713 (cFTP r80 allows remote attackers to obtain sensitive information via a ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3712 (CakePHP 1.3.7 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3711 (BIGACE 2.7.5 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3710 (bbPress 1.0.2 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3709 (b2evolution 3.3.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3708 (Automne 4.0.2 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3707 (JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3706 (ATutor 2.0 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3705 (Arctic Fox CMS 0.9.4 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3704 (appRain 0.1.0 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3703 (AneCMS 1.0 allows remote attackers to obtain sensitive information via ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3702 (Ananta Gazelle 1.0 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3701 (AlegroCart 1.2.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3700 (Advanced Electron Forum (AEF) 1.0.8 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3699 (John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3698 (AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3697 (Achievo 1.4.5 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3696 (60cycleCMS 2.5.2 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3695 (111WebCalendar 1.2.3 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3694 (The Server Administration Console in NetSaro Enterprise Messenger ...)
TODO: check
CVE-2011-3693 (NetSaro Enterprise Messenger Server 2.0 allows local users to discover ...)
@@ -1410,6 +1410,9 @@
[lenny] - php5 <not-affected> (Introduced in 5.3.7)
CVE-2011-3378
RESERVED
+ - rpm <unfixed> (low)
+ NOTE: Marking as unimportant since rpm isn't used as a package manager
+ TODO: File bug
CVE-2011-3377
RESERVED
CVE-2011-3376
@@ -3259,6 +3262,7 @@
- hplip <unfixed> (bug #635549; low)
CVE-2011-2721 (Off-by-one error in the cli_hm_scan function in matcher-hash.c in ...)
- clamav 0.97.2+dfsg-1 (bug #635599)
+ [squeeze] - clamav 0.97.2+dfsg-1~squeeze1
CVE-2011-2720 (The autocompletion functionality in GLPI before 0.80.2 does not ...)
- glpi 0.80.2-1 (bug #635544; unimportant)
NOTE: Only supported behind an authenticated HTTP zone
More information about the Secure-testing-commits
mailing list