[Secure-testing-commits] r17449 - data/CVE
Helmut Grohne
helmut-guest at alioth.debian.org
Tue Oct 18 14:15:22 UTC 2011
Author: helmut-guest
Date: 2011-10-18 14:15:22 +0000 (Tue, 18 Oct 2011)
New Revision: 17449
Modified:
data/CVE/list
Log:
16 NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-18 14:01:16 UTC (rev 17448)
+++ data/CVE/list 2011-10-18 14:15:22 UTC (rev 17449)
@@ -783,27 +783,27 @@
CVE-2011-3827
RESERVED
CVE-2010-4852 (Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b ...)
- TODO: check
+ NOT-FOR-US: Eclime
CVE-2010-4851 (Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote ...)
- TODO: check
+ NOT-FOR-US: Eclime
CVE-2010-4850 (Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 ...)
- TODO: check
+ NOT-FOR-US: Diferior
CVE-2010-4849 (SQL injection vulnerability in countrydetails.php in Alibaba Clone B2B ...)
- TODO: check
+ NOT-FOR-US: Alibaba Clone B2B
CVE-2010-4848 (Multiple cross-site scripting (XSS) vulnerabilities in addlink.php in ...)
- TODO: check
+ NOT-FOR-US: AXScripts AxsLinks
CVE-2010-4847 (SQL injection vulnerability in view_item.php in MH Products MHP ...)
- TODO: check
+ NOT-FOR-US: MH Products MHP Downloadshop
CVE-2010-4846 (SQL injection vulnerability in view_item.php in MH Products Pay Pal ...)
- TODO: check
+ NOT-FOR-US: MH Products Pay Pal Shop Digital
CVE-2010-4845 (Multiple SQL injection vulnerabilities in MH Products Projekt Shop ...)
- TODO: check
+ NOT-FOR-US: MH Products Projekt Shop
CVE-2010-4844 (SQL injection vulnerability in content.php in MH Products Easy Online ...)
- TODO: check
+ NOT-FOR-US: MH Products Easy Online Shop
CVE-2010-4843 (SQL injection vulnerability in website-page.php in PHP Web Scripts Ad ...)
- TODO: check
+ NOT-FOR-US: PHP Web Scripts Ad Manager Pro
CVE-2010-4842 (SQL injection vulnerability in admin/login.php in MHP DownloadScript ...)
- TODO: check
+ NOT-FOR-US: MH Products Download Center
CVE-2011-3826 (Zikula 1.2.4 allows remote attackers to obtain sensitive information ...)
NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway)
CVE-2011-3825 (Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers ...)
@@ -1170,9 +1170,9 @@
CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended access ...)
NOT-FOR-US: Newgen OmniDocs
CVE-2010-4841 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...)
- TODO: check
+ NOT-FOR-US: ManageEngine EventLog Analyzer
CVE-2010-4840 (Multiple buffer overflows in the Syslog server in ManageEngine ...)
- TODO: check
+ NOT-FOR-US: ManageEngine EventLog Analyzer
CVE-2011-XXXX [roundcube XSS in UI messages]
- roundcube 0.5.4+dfsg-1 (bug #641996)
CVE-2011-XXXX [atftp DoS]
@@ -9933,11 +9933,11 @@
CVE-2011-0555 (The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2011-0554 (The management console in Symantec IM Manager before 8.4.18 allows ...)
- TODO: check
+ NOT-FOR-US: Symantec IM Manager
CVE-2011-0553 (SQL injection vulnerability in the management console in Symantec IM ...)
- TODO: check
+ NOT-FOR-US: Symantec IM Manager
CVE-2011-0552 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
- TODO: check
+ NOT-FOR-US: Symantec IM Manager
CVE-2011-0551 (Cross-site request forgery (CSRF) vulnerability in the Web Interface ...)
NOT-FOR-US: Symantec Endpoint Protection
CVE-2011-0550 (Multiple cross-site scripting (XSS) vulnerabilities in the Web ...)
More information about the Secure-testing-commits
mailing list