[Secure-testing-commits] r46250 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 16 20:07:38 UTC 2016
Author: carnil
Date: 2016-11-16 20:07:38 +0000 (Wed, 16 Nov 2016)
New Revision: 46250
Modified:
data/CVE/list
Log:
NFUs in dotCMS
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-16 19:54:35 UTC (rev 46249)
+++ data/CVE/list 2016-11-16 20:07:38 UTC (rev 46250)
@@ -1124,19 +1124,19 @@
NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00015-libwmf-memalloc-wmf_malloc
NOTE: Proposed patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=842090;filename=libwmf-0.2.8.4-CVE-2016-9011-debian.patch;msg=10
CVE-2016-8908 (SQL injection vulnerability in the "Site Browser > HTML pages" screen ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2016-8907 (SQL injection vulnerability in the "Content Types > Content Types" ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2016-8906 (SQL injection vulnerability in the "Site Browser > Links pages" screen ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2016-8905 (SQL injection vulnerability in the JSONTags servlet in dotCMS before ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2016-8904 (SQL injection vulnerability in the "Site Browser > Containers pages" ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2016-8903 (SQL injection vulnerability in the "Site Browser > Templates pages" ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2016-8902 (SQL injection vulnerability in the categoriesServlet servlet in dotCMS ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2016-8901
RESERVED
CVE-2016-8900
More information about the Secure-testing-commits
mailing list