white at alioth.debian.org
2008-Aug-30 05:49 UTC
[Secure-testing-commits] r9700 - data/CVE
Author: white Date: 2008-08-30 05:49:18 +0000 (Sat, 30 Aug 2008) New Revision: 9700 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-08-29 20:06:28 UTC (rev 9699) +++ data/CVE/list 2008-08-30 05:49:18 UTC (rev 9700) @@ -3,9 +3,9 @@ CVE-2008-3844 (Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, ...) NOT-FOR-US: Red Hat services issue CVE-2008-3843 (Request Validation (aka the ValidateRequest filters) in ASP.NET in ...) - TODO: check + NOT-FOR-US: Microsoft .NET Framework CVE-2008-3842 (Request Validation (aka the ValidateRequest filters) in ASP.NET in ...) - TODO: check + NOT-FOR-US: Microsoft .NET Framework CVE-2008-3841 (Cross-site scripting (XSS) vulnerability in admin/search_links.php in ...) NOT-FOR-US: Freeway eCommerce CVE-2008-3840 (Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in ...) @@ -107,67 +107,68 @@ CVE-2008-3791 RESERVED CVE-2008-3788 (Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, ...) - TODO: check + NOT-FOR-US: PICTURESPRO Photo Cart 3.9 CVE-2008-3787 (SQL injection vulnerability in listing_view.php in Web Directory ...) - TODO: check + NOT-FOR-US: Web Directory Script CVE-2008-3786 (Cross-site scripting (XSS) vulnerability in index.php in PICTURESPRO ...) - TODO: check + NOT-FOR-US: PICTURESPRO Photo Cart 3.9 CVE-2008-3785 (Multiple SQL injection vulnerabilities in the com_content component in ...) - TODO: check + NOT-FOR-US: MiaCMS CVE-2008-3784 (SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and ...) - TODO: check + NOT-FOR-US: BtiTracker CVE-2008-3783 (Multiple SQL injection vulnerabilities in index.php in Matterdaddy ...) - TODO: check + NOT-FOR-US: Matterdaddy Market CVE-2008-3782 (Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php ...) - TODO: check + NOT-FOR-US: ACG-PTP CVE-2008-3781 (Cross-site scripting (XSS) vulnerability in GMOD GBrowse before 1.69 ...) - TODO: check + NOT-FOR-US: GMOD GBrowse CVE-2008-3780 (SQL injection vulnerability in recommend.php in Five Star Review ...) - TODO: check + NOT-FOR-US: Five Star Review Script CVE-2008-3779 (Cross-site scripting (XSS) vulnerability in search/index.php in Five ...) - TODO: check + NOT-FOR-US: Five Star Review Script CVE-2008-3778 (The remote management interface in SIP Enablement Services (SES) ...) - TODO: check + NOT-FOR-US: Avaya SIP Enablement Services CVE-2008-3777 (The SIP Enablement Services (SES) Server in Avaya SIP Enablement ...) - TODO: check + NOT-FOR-US: Avaya SIP Enablement Services CVE-2008-3776 (Directory traversal vulnerability in Fujitsu Web-Based Admin View ...) - TODO: check + NOT-FOR-US: Fujitsu Web-Based Admin View CVE-2008-3775 (Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the ...) - TODO: check + NOT-FOR-US: Folder Lock CVE-2008-3774 (SQL injection vulnerability in index.php in Simasy CMS allows remote ...) - TODO: check + NOT-FOR-US: Simasy CMS CVE-2008-3773 (Cross-site scripting (XSS) vulnerability in vBulletin 3.7.2 PL1 and ...) - TODO: check + NOT-FOR-US: vBulletin CVE-2008-3772 (SQL injection vulnerability in categories_portal.php in Pars4u ...) - TODO: check + NOT-FOR-US: Pars4u Videosharing CVE-2008-3771 (Cross-site scripting (XSS) vulnerability in members.php in Pars4u ...) - TODO: check + NOT-FOR-US: Pars4u Videosharing CVE-2008-3770 (Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, ...) - TODO: check + NOT-FOR-US: Freeway CVE-2008-3769 (PHP remote file inclusion vulnerability in admin/create_order_new.php ...) - TODO: check + NOT-FOR-US: Freeway CVE-2008-3768 (Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey ...) - TODO: check + NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart CVE-2008-3767 (SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows ...) - TODO: check + NOT-FOR-US: phpBazar CVE-2008-3766 (Realtime Internet Band Rehearsal Low-Latency (Internet) Connection ...) - TODO: check + NOT-FOR-US: Realtime Internet Band Rehearsal Low-Latency (Internet) Connection tool (llcon) CVE-2008-3765 (SQL injection vulnerability in code.php in Quick Poll Script allows ...) - TODO: check + NOT-FOR-US: Quick Poll Script CVE-2008-3764 (Eval injection vulnerability in chat.php in Turnkey PHP Live Helper ...) - TODO: check + NOT-FOR-US: Turnkey PHP Live Helper CVE-2008-3763 (Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live ...) - TODO: check + NOT-FOR-US: Turnkey PHP Live Helper CVE-2008-3762 (SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP ...) - TODO: check + NOT-FOR-US: Turnkey PHP Live Helper CVE-2008-3761 (hcmon.sys in VMware Workstation 6.0.0.45731 uses the METHOD_NEITHER ...) - TODO: check + NOT-FOR-US: VMware Workstation + NOTE: we only share a package to build VMware CVE-2008-3760 (Cross-site request forgery (CSRF) vulnerability in the sign-out page ...) - TODO: check + NOT-FOR-US: Vanilla CVE-2008-3759 (Cross-site request forgery (CSRF) vulnerability in ...) - TODO: check + NOT-FOR-US: Vanilla CVE-2008-3758 (Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla ...) - TODO: check + NOT-FOR-US: Vanilla CVE-2008-3757 (SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix ...) NOT-FOR-US: YourFreeWorld CVE-2008-3756 (SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing ...)