[Secure-testing-commits] r35343 - data/CVE

Helmut Grohne helmutg at moszumanska.debian.org
Mon Jul 6 13:27:01 UTC 2015


Author: helmutg
Date: 2015-07-06 13:27:01 +0000 (Mon, 06 Jul 2015)
New Revision: 35343

Modified:
   data/CVE/list
Log:
TYPO3 extension NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-06 13:24:54 UTC (rev 35342)
+++ data/CVE/list	2015-07-06 13:27:01 UTC (rev 35343)
@@ -1626,21 +1626,21 @@
 CVE-2015-4614
 	RESERVED
 CVE-2015-4613 (SQL injection vulnerability in the backend module in the Developer Log ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension devlog
 CVE-2015-4612 (SQL injection vulnerability in the "FAQ - Frequently Asked Questions" ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension js_faq
 CVE-2015-4611 (SQL injection vulnerability in the Smoelenboek (ncgov_smoelenboek) ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension ncgov_smoelenboek
 CVE-2015-4610 (SQL injection vulnerability in the Store Locator (locator) extension ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension locator
 CVE-2015-4609 (SQL injection vulnerability in the wt_directory extension before 1.4.2 ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension wt_directory
 CVE-2015-4608 (Cross-site scripting (XSS) vulnerability in the BE User Log ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension beko_beuserlog
 CVE-2015-4607 (Unrestricted file upload vulnerability in the Frontend User Upload ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension feupload
 CVE-2015-4606 (Unrestricted file upload vulnerability in the Job Fair (jobfair) ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension jobfair
 CVE-2015-4597
 	RESERVED
 CVE-2015-4596
@@ -6574,7 +6574,7 @@
 CVE-2015-2804 (The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, ...)
 	NOT-FOR-US: Alcatel-Lucent OmniSwitch
 CVE-2015-2803 (SQL injection vulnerability in mod1/index.php in the Akronymmanager ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 extension sb_akronymmanager
 CVE-2015-2802
 	RESERVED
 CVE-2015-2801




More information about the Secure-testing-commits mailing list