[Secure-testing-commits] r20344 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Sun Oct 14 09:44:02 UTC 2012
Author: thijs
Date: 2012-10-14 09:44:01 +0000 (Sun, 14 Oct 2012)
New Revision: 20344
Modified:
data/CVE/list
Log:
old nfu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-10-14 09:19:50 UTC (rev 20343)
+++ data/CVE/list 2012-10-14 09:44:01 UTC (rev 20344)
@@ -8775,9 +8775,9 @@
CVE-2012-1899 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: Webfolio CMS
CVE-2012-1898 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Wolf CMS
CVE-2012-1897 (Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS ...)
- TODO: check
+ NOT-FOR-US: Wolf CMS
CVE-2012-1586 (mount.cifs in cifs-utils 2.6 allows local users to determine the ...)
- cifs-utils 2:5.3-2 (low; bug #665923)
[squeeze] - cifs-utils <no-dsa> (Minor issue)
@@ -9284,7 +9284,7 @@
CVE-2012-1672 (SQL injection vulnerability in getcity.php in Hotel Booking Portal 0.1 ...)
NOT-FOR-US: Hotel Booking Portal
CVE-2012-1671 (Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and ...)
- TODO: check
+ NOT-FOR-US: phpPaleo
CVE-2012-1670 (admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote ...)
NOT-FOR-US: PHP Grade Book
CVE-2012-1669
@@ -9497,7 +9497,7 @@
RESERVED
- dietlibc 0.33~cvs20120325-1 (unimportant)
CVE-2012-1576 (The myuser_delete function in libathemecore/account.c in Atheme 5.x ...)
- TODO: check
+ NOT-FOR-US: atheme
CVE-2012-1575 (Multiple cross-site scripting (XSS) vulnerabilities in Cumin before ...)
NOT-FOR-US: cumin
CVE-2012-1574 (The Kerberos/MapReduce security functionality in Apache Hadoop ...)
@@ -9729,7 +9729,7 @@
CVE-2012-1471 (Directory traversal vulnerability in catalogue_file.php in ocPortal ...)
- ocportal <itp> (bug #625865)
CVE-2012-1470 (Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php ...)
- TODO: check
+ - ocportal <itp> (bug #625865)
CVE-2012-1469 (Multiple cross-site scripting (XSS) vulnerabilities in Open Journal ...)
- ojs <removed>
CVE-2012-1468 (Incomplete blacklist vulnerability in Open Journal Systems before ...)
@@ -9841,11 +9841,11 @@
CVE-2012-1417
RESERVED
CVE-2012-1416 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: SocialCMS
CVE-2012-1415
RESERVED
CVE-2012-1414 (Cross-site request forgery (CSRF) vulnerability in manager/news.php in ...)
- TODO: check
+ NOT-FOR-US: Plume CMS
CVE-2012-1413 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: Zen Cart
CVE-2012-1412
@@ -10058,7 +10058,7 @@
CVE-2012-1309
RESERVED
CVE-2012-1308 (Cross-site request forgery (CSRF) vulnerability in redpass.cgi in ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2012-1307
RESERVED
CVE-2012-1306
@@ -10875,13 +10875,13 @@
CVE-2012-0990 (Cross-site request forgery (CSRF) vulnerability in ...)
NOT-FOR-US: DClassifieds
CVE-2012-0989 (Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial ...)
- TODO: check
+ NOT-FOR-US: OneOrZero AIMS
CVE-2012-0988 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: KnowledgeTree
CVE-2012-0987 (Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x ...)
- TODO: check
+ NOT-FOR-US: ImpressCMS
CVE-2012-0986 (Multiple cross-site scripting (XSS) vulnerabilities in ImpressCMS ...)
- TODO: check
+ NOT-FOR-US: ImpressCMS
CVE-2012-0985 (Multiple buffer overflows in the Wireless Manager ActiveX control ...)
NOT-FOR-US: Sony VAIO wireless LAN management ActiveX
CVE-2012-0984
@@ -10905,9 +10905,9 @@
CVE-2012-0975 (Cross-site scripting (XSS) vulnerability in misc.php in Image Hosting ...)
NOT-FOR-US: Image Hosting Script DPI
CVE-2012-0974 (Multiple cross-site scripting (XSS) vulnerabilities in the getParam ...)
- TODO: check
+ NOT-FOR-US: OSClass
CVE-2012-0973 (Multiple SQL injection vulnerabilities in OSClass before 2.3.5 allow ...)
- TODO: check
+ NOT-FOR-US: OSClass
CVE-2012-0972
RESERVED
CVE-2012-0971
@@ -11501,7 +11501,7 @@
CVE-2012-0749
RESERVED
CVE-2012-0748 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: IBM Rational Team Concert
CVE-2012-0747 (SQL injection vulnerability in IBM Maximo Asset Management 6.2 through ...)
NOT-FOR-US: IBM Maximo Asset Management
CVE-2012-0746 (Cross-site scripting (XSS) vulnerability in IBM Maximo Asset ...)
@@ -13686,7 +13686,7 @@
CVE-2012-0183 (Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for ...)
NOT-FOR-US: Microsoft Word
CVE-2012-0182 (Microsoft Word 2007 SP2 and SP3 does not properly handle memory during ...)
- TODO: check
+ NOT-FOR-US: Microsoft Word
CVE-2012-0181 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
NOT-FOR-US: Microsoft Windows
CVE-2012-0180 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
@@ -14502,11 +14502,11 @@
CVE-2011-4641
RESERVED
CVE-2011-4640 (Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan ...)
- TODO: check
+ NOT-FOR-US: SpamTitan
CVE-2011-4639 (The (1) Traceroute and (2) Ping implementations in tools.php in ...)
- TODO: check
+ NOT-FOR-US: SpamTitan
CVE-2011-4638 (Multiple SQL injection vulnerabilities in SpamTitan WebTitan before ...)
- TODO: check
+ NOT-FOR-US: SpamTitan
CVE-2011-4637
RESERVED
CVE-2011-4636
@@ -14771,15 +14771,15 @@
CVE-2011-4549
RESERVED
CVE-2010-5067 (Virtual War (aka VWar) 1.6.1 R2 uses static session cookies that ...)
- TODO: check
+ NOT-FOR-US: Virtual War
CVE-2010-5066 (The createRandomPassword function in includes/functions_common.php in ...)
- TODO: check
+ NOT-FOR-US: Virtual War
CVE-2010-5065 (popup.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Virtual War
CVE-2010-5064 (Multiple cross-site scripting (XSS) vulnerabilities in Virtual War ...)
- TODO: check
+ NOT-FOR-US: Virtual War
CVE-2010-5063 (SQL injection vulnerability in article.php in Virtual War (aka VWar) ...)
- TODO: check
+ NOT-FOR-US: Virtual War
CVE-2011-4548 (Multiple unspecified vulnerabilities in Google Chrome before ...)
- chromium-browser <not-affected>
- webkit <not-affected>
@@ -16818,7 +16818,7 @@
- webkit <undetermined>
- libxml2 2.7.8.dfsg-7 (bug #656377)
CVE-2011-3918 (The Zygote process in Android 4.0.3 and earlier accepts fork requests ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2011-3917 (Stack-based buffer overflow in FileWatcher in Google Chrome before ...)
- chromium-browser 16.0.912.63~r113337-1
- webkit <undetermined>
More information about the Secure-testing-commits
mailing list