white at alioth.debian.org
2009-Feb-05 21:42 UTC
[Secure-testing-commits] r11156 - data/CVE
Author: white Date: 2009-02-05 21:42:38 +0000 (Thu, 05 Feb 2009) New Revision: 11156 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-05 21:14:14 UTC (rev 11155) +++ data/CVE/list 2009-02-05 21:42:38 UTC (rev 11156) @@ -1,75 +1,75 @@ CVE-2009-0431 (SQL injection vulnerability in Default.asp in LinksPro Standard ...) - TODO: check + NOT-FOR-US: LinksPro CVE-2009-0430 (Multiple cross-site scripting (XSS) vulnerabilities in Active Bids ...) - TODO: check + NOT-FOR-US: Active Bids CVE-2009-0429 (Multiple SQL injection vulnerabilities in Active Bids allow remote ...) - TODO: check + NOT-FOR-US: Active Bids CVE-2009-0428 (SQL injection vulnerability in ...) - TODO: check + NOT-FOR-US: DMXReady Secure Document CVE-2009-0427 (SQL injection vulnerability in ...) - TODO: check + NOT-FOR-US: DMXReady Secure Document CVE-2009-0426 (SQL injection vulnerability in ...) - TODO: check + NOT-FOR-US: DMXReady Secure Document CVE-2009-0425 (SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and ...) - TODO: check + NOT-FOR-US: Blue Eye CMS CVE-2009-0424 (Cross-site scripting (XSS) vulnerability in sign1.php in AN Guestbook ...) - TODO: check + NOT-FOR-US: AN Guestbook CVE-2009-0423 (Directory traversal vulnerability in index.php in Php Photo Album ...) - TODO: check + NOT-FOR-US: Php Photo Album CVE-2009-0422 (Dynamic variable evaluation vulnerability in lists/admin.php in ...) - TODO: check + NOT-FOR-US: phpList CVE-2009-0421 (SQL injection vulnerability in the Eventing (com_eventing) 1.6.x ...) - TODO: check + NOT-FOR-US: Joomla CVE-2009-0420 (SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable ...) - TODO: check + NOT-FOR-US: Joomla CVE-2009-0419 (Microsoft XML Core Services, as used in Microsoft Expression Web, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2009-0418 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP HP-UX ...) - TODO: check + NOT-FOR-US: HP HP-UX CVE-2008-6067 (SQL injection vulnerability in search_results.php in E-Shop Shopping ...) - TODO: check + NOT-FOR-US: E-Shop Shopping Cart CVE-2008-6066 (Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 ...) - TODO: check + NOT-FOR-US: Meet#Web CVE-2008-6065 (Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE ...) - TODO: check + NOT-FOR-US: Oracle Database Server CVE-2008-6064 (Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote ...) - TODO: check + NOT-FOR-US: DomPHP CVE-2008-6063 (Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2008-6062 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary ...) - TODO: check + NOT-FOR-US: Adobe Dreamweaver CVE-2008-6061 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary ...) - TODO: check + NOT-FOR-US: Techsmith Camtasia Studio CVE-2008-6060 (Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary ...) - TODO: check + NOT-FOR-US: InfoSoft FusionCharts CVE-2008-6059 (xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not ...) TODO: check CVE-2008-6058 (Syslserve 1.058 and earlier, and probably 1.059, allows remote ...) - TODO: check + NOT-FOR-US: Syslserve CVE-2008-6057 (Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under ...) - TODO: check + NOT-FOR-US: Doug Luxem Liberum Help Desk CVE-2008-6056 (Multiple cross-site scripting (XSS) vulnerabilities in World Recipe ...) - TODO: check + NOT-FOR-US: World Recipe CVE-2008-6055 (PreProjects Pre Classified Listings stores pclasp.mdb under the web ...) - TODO: check + NOT-FOR-US: PreProjects Pre Classified Listings CVE-2008-6054 (PreProjects Pre Courier and Cargo Business stores dbcourior.mdb under ...) - TODO: check + NOT-FOR-US: PreProjects Pre Classified Listings CVE-2008-6053 (PreProjects Pre Resume Submitter stores onlineresume.mdb under the web ...) - TODO: check + NOT-FOR-US: PreProjects Pre Classified Listings CVE-2008-6052 (PreProjects Pre E-Learning Portal stores db_elearning.mdb under the ...) - TODO: check + NOT-FOR-US: PreProjects Pre Classified Listings CVE-2008-6051 (MetaCart Free stores metacart.mdb under the web root with insufficient ...) - TODO: check + NOT-FOR-US: MetaCart Free CVE-2008-6050 (SQL injection vulnerability in the Tech Articles (com_tech_article) ...) - TODO: check + NOT-FOR-US: Tech Articles CVE-2008-6049 (SQL injection vulnerability in index.php in TinyMCE 2.0.1 allows ...) TODO: check CVE-2008-6048 (Multiple cross-site request forgery (CSRF) vulnerabilities in TangoCMS ...) - TODO: check + NOT-FOR-US: TangoCMS CVE-2008-6047 (Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 ...) - TODO: check + NOT-FOR-US: ADbNewsSender CVE-2008-6046 (SQL injection vulnerability in ADbNewsSender before 1.5.2 allows ...) - TODO: check + NOT-FOR-US: ADbNewsSender CVE-2009-0417 RESERVED CVE-2009-0416 (The SSL certificate setup program (genSslCert.sh) in Standards Based ...) @@ -563,13 +563,13 @@ - moin 1.8.1-1.1 (low) NOTE: http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad CVE-2009-0276 (Cross-domain vulnerability in the V8 JavaScript engine in Google ...) - TODO: check + NOT-FOR-US: Google Chrome CVE-2009-0274 (Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, ...) - TODO: check + NOT-FOR-US: Novell GroupWise CVE-2009-0273 (Multiple cross-site scripting (XSS) vulnerabilities in Novell ...) - TODO: check + NOT-FOR-US: Novell GroupWise CVE-2009-0272 (Cross-site request forgery (CSRF) vulnerability in Novell GroupWise ...) - TODO: check + NOT-FOR-US: Novell GroupWise CVE-2009-0269 (fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel ...) - linux-2.6 <unfixed> [etch] - linux-2.6 <not-affected> (ecryptfs was merged in 2.6.19)