thomasbl-guest at alioth.debian.org
2008-Aug-02 15:01 UTC
[Secure-testing-commits] r9495 - data/CVE
Author: thomasbl-guest Date: 2008-08-02 15:01:37 +0000 (Sat, 02 Aug 2008) New Revision: 9495 Modified: data/CVE/list Log: fckeditor note added Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-08-02 14:56:45 UTC (rev 9494) +++ data/CVE/list 2008-08-02 15:01:37 UTC (rev 9495) @@ -214,6 +214,10 @@ NOT-FOR-US: CreaCMS CVE-2008-3312 (Directory traversal vulnerability in ...) - fckeditor <not-affected> (Vulnerable code not present) + NOTE: I think it''s an issue special for lemon CMS, because in the + NOTE: actually version of FCKeditor there isn''t the vuln code present + NOTE: mentioned in the CVE, but for sure: + TODO: check other packages which have the source from fckeditor included! CVE-2008-3311 (PHP remote file inclusion vulnerability in config.php in Adam ...) NOT-FOR-US: Adam Scheinberg Flip CVE-2008-3310 (SQL injection vulnerability in default.asp in Pre Survey Poll allows ...)