white at alioth.debian.org
2008-Sep-03 09:44 UTC
[Secure-testing-commits] r9729 - data/CVE
Author: white Date: 2008-09-03 09:44:56 +0000 (Wed, 03 Sep 2008) New Revision: 9729 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-09-02 21:14:29 UTC (rev 9728) +++ data/CVE/list 2008-09-03 09:44:56 UTC (rev 9729) @@ -1,13 +1,13 @@ CVE-2008-3888 (SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 ...) - TODO: check + NOT-FOR-US: Mini-NUKE Freehost CVE-2008-3887 (Multiple SQL injection vulnerabilities in index.php in dotProject ...) - TODO: check + NOT-FOR-US: dotProject CVE-2008-3886 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: dotProject CVE-2008-3885 (Cross-site request forgery (CSRF) vulnerability in Blogn (BURO GUN) ...) - TODO: check + NOT-FOR-US: Blogn CVE-2008-3884 (Cross-site scripting (XSS) vulnerability in Blogn (BURO GUN) 1.9.7 and ...) - TODO: check + NOT-FOR-US: Blogn CVE-2008-3883 (configvar in Caudium 1.4.12 allows local users to overwrite arbitrary ...) TODO: check CVE-2008-3882 (ZoneMinder 1.23.3 and earlier allows remote attackers to execute ...) @@ -17,17 +17,17 @@ CVE-2008-3880 (SQL injection vulnerability in zm_html_view_event.php in ZoneMinder ...) TODO: check CVE-2008-3879 (The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 ...) - TODO: check + NOT-FOR-US: ActiveX control in OfficeCtrl.ocx CVE-2008-3878 (Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control ...) - TODO: check + NOT-FOR-US: ActiveX control in OfficeCtrl.ocx CVE-2008-3877 (Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 ...) - TODO: check + NOT-FOR-US: Acoustica Mixcraft CVE-2008-3876 (Apple iPhone 2.0.2, in some configurations, allows physically ...) - TODO: check + NOT-FOR-US: Apple iPhone CVE-2008-3875 (The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 ...) - TODO: check + NOT-FOR-US: Sun Solaris 8 CVE-2008-3874 (Cross-site scripting (XSS) vulnerability in account.php in Lussumo ...) - TODO: check + NOT-FOR-US: Lussumo Vanilla CVE-2008-3873 (The System.setClipboard method in Adobe Flash Player allows remote ...) TODO: check CVE-2008-3872 @@ -53,41 +53,41 @@ CVE-2008-3862 RESERVED CVE-2008-3861 (Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and ...) - TODO: check + NOT-FOR-US: phpMyRealty CVE-2008-3860 (Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG ...) TODO: check CVE-2008-3859 (Davlin Thickbox Gallery 2 allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: Davlin Thickbox Gallery CVE-2008-3858 (The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2008-3857 (The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2008-3856 (The routine infrastructure component in IBM DB2 9.1 before Fixpak 5 on ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2008-3855 (Unspecified vulnerability in the DB2 Administration Server (DAS) in ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2008-3854 (Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2008-3853 (Buffer overflow in the DAS server program in the Core DAS function ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2008-3852 (Unspecified vulnerability in the CLR stored procedure deployment from ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2008-3851 (Multiple directory traversal vulnerabilities in Pluck CMS 4.5.2 on ...) - TODO: check + NOT-FOR-US: Pluck CMS CVE-2008-3850 (Cross-site scripting (XSS) vulnerability in Accellion File Transfer ...) - TODO: check + NOT-FOR-US: Accellion File Transfer CVE-2008-3849 (Cross-site scripting (XSS) vulnerability in the calendar controller in ...) - TODO: check + NOT-FOR-US: Civic Website Manager CVE-2008-3848 (SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows ...) - TODO: check + NOT-FOR-US: Z-Breaknews CVE-2008-3847 (Multiple cross-site scripting (XSS) vulnerabilities in AN Guestbook ...) TODO: check CVE-2008-3846 (Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and ...) - TODO: check + NOT-FOR-US: mysql-lists CVE-2008-3845 (Multiple SQL injection vulnerabilities in Crafty Syntax Live Help ...) - TODO: check + NOT-FOR-US: Crafty Syntax Live Help CVE-2003-1564 (libxml2, possibly before 2.5.0, does not properly detect recursion ...) - TODO: check + NOT-FOR-US: Old CVE id CVE-2008-XXXX [nfdump vulnerable to symlink attacks] - nfdump <unfixed> (bug #497452) CVE-2008-3889 [postfix local DoS]