[Secure-testing-commits] r20451 - data/CVE
Helmut Grohne
helmut-guest at alioth.debian.org
Tue Nov 6 10:19:03 UTC 2012
Author: helmut-guest
Date: 2012-11-06 10:19:02 +0000 (Tue, 06 Nov 2012)
New Revision: 20451
Modified:
data/CVE/list
Log:
NFUs, websvn and cacti undetermined
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-11-06 09:46:11 UTC (rev 20450)
+++ data/CVE/list 2012-11-06 10:19:02 UTC (rev 20451)
@@ -315,7 +315,7 @@
NOT-FOR-US: IrfanView
CVE-2011-5232
REJECTED
- TODO: check
+ NOT-FOR-US: IrfanView plugin
CVE-2011-5231
REJECTED
CVE-2011-5230 (Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass ...)
@@ -327,33 +327,33 @@
CVE-2011-5227 (Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in ...)
NOT-FOR-US: Enterasys Network Management Suite
CVE-2011-5226 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Sentinel
CVE-2011-5225 (Cross-site scripting (XSS) vulnerability in wordpress_sentinel.php in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Sentinel
CVE-2011-5224 (SQL injection vulnerability in the Sentinel plugin 1.0.0 for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin Sentinel
CVE-2011-5223 (Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti ...)
- TODO: check
+ - cacti <undetermined>
CVE-2011-5222 (SQL injection vulnerability in rub2_w.php in PHP Flirt-Projekt 4.8 and ...)
- TODO: check
+ NOT-FOR-US: PHP Flirt-Projekt
CVE-2011-5221 (Cross-site scripting (XSS) vulnerability in the getLog function in ...)
- TODO: check
+ - websvn <undetermined>
CVE-2011-5220 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: PHP-SCMS
CVE-2011-5219 (Directory traversal vulnerability in examples/show_code.php in mPDF ...)
- TODO: check
+ NOT-FOR-US: mPDF
CVE-2011-5218 (SQL injection vulnerability in DotA OpenStats 1.3.9 and earlier allows ...)
NOT-FOR-US: DotA OpenStats
CVE-2011-5217 (Directory traversal vulnerability in the PXE Mtftp service in Hitachi ...)
- TODO: check
+ NOT-FOR-US: Hitachi JP1/ServerConductor/DeploymentManager
CVE-2011-5216 (SQL injection vulnerability in ajax.php in SCORM Cloud For WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin SCORM Cloud
CVE-2011-5215 (SQL injection vulnerability in index.php in Video Community Portal ...)
- TODO: check
+ NOT-FOR-US: Video Community Portal
CVE-2011-5214 (Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM ...)
- TODO: check
+ NOT-FOR-US: BrowserCRM
CVE-2011-5213 (Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and ...)
- TODO: check
+ NOT-FOR-US: BrowserCRM
CVE-2012-5672 (Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office ...)
NOT-FOR-US: Microsoft Office
CVE-2012-5671 (Heap-based buffer overflow in the dkim_exim_query_dns_txt function in ...)
@@ -793,7 +793,7 @@
CVE-2012-5456 (The Zoner AntiVirus Free application for Android does not verify that ...)
NOT-FOR-US: Zoner AntiVirus Free
CVE-2012-5455 (Cross-site scripting (XSS) vulnerability in the language search ...)
- TODO: check
+ NOT-FOR-US: Joomla! component
CVE-2012-5454 (user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not ...)
NOT-FOR-US: ATutor AContent
CVE-2012-5453 (SQL injection vulnerability in user/index_inline_editor_submit.php in ...)
@@ -933,7 +933,7 @@
CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the ...)
NOT-FOR-US: White Label CMS
CVE-2012-5387 (Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin White Label CMS
CVE-2012-5386 (Directory traversal vulnerability in index.php in phpPaleo 4.8b180 ...)
NOT-FOR-US: phpPaleo
CVE-2012-5385 (install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows ...)
@@ -3393,7 +3393,7 @@
CVE-2012-4502
RESERVED
CVE-2012-4501 (Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows ...)
- TODO: check
+ NOT-FOR-US: CloudStack
CVE-2012-4500 (The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows ...)
TODO: check
CVE-2012-4499 (The contact formatter page in the Email Field module 6.x-1.x before ...)
More information about the Secure-testing-commits
mailing list