[Secure-testing-commits] r19456 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Thu Jun 7 19:48:50 UTC 2012
Author: thijs
Date: 2012-06-07 19:48:50 +0000 (Thu, 07 Jun 2012)
New Revision: 19456
Modified:
data/CVE/list
Log:
struts issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-06-07 19:43:21 UTC (rev 19455)
+++ data/CVE/list 2012-06-07 19:48:50 UTC (rev 19456)
@@ -5460,8 +5460,7 @@
CVE-2012-0839 (OCaml 3.12.1 and earlier computes hash values without restricting the ...)
- ocaml <unfixed> (low; bug #659149)
CVE-2012-0838 (Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL ...)
- - libstruts1.2-java <undetermined>
- NOTE: likely unaffected, because of version difference
+ - libstruts1.2-java <not-affected> (struts 2 issue)
CVE-2012-0837
RESERVED
NOT-FOR-US: Joomla!
@@ -16534,9 +16533,9 @@
CVE-2011-2089 (Stack-based buffer overflow in the SetActiveXGUID method in the ...)
NOT-FOR-US: ICONICS BizViz, GENESIS32
CVE-2011-2088 (XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in ...)
- - libstruts1.2-java <undetermined>
+ - libstruts1.2-java <not-affected> (struts 2 issue)
CVE-2011-2087 (Multiple cross-site scripting (XSS) vulnerabilities in component ...)
- - libstruts1.2-java <undetermined>
+ - libstruts1.2-java <not-affected> (struts 2 issue)
CVE-2011-2086
RESERVED
CVE-2011-2085 (Multiple cross-site request forgery (CSRF) vulnerabilities in Best ...)
More information about the Secure-testing-commits
mailing list