white at alioth.debian.org
2009-Feb-10 23:22 UTC
[Secure-testing-commits] r11187 - data/CVE
Author: white Date: 2009-02-10 23:22:34 +0000 (Tue, 10 Feb 2009) New Revision: 11187 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-10 23:09:58 UTC (rev 11186) +++ data/CVE/list 2009-02-10 23:22:34 UTC (rev 11187) @@ -17,19 +17,19 @@ CVE-2009-0498 (Virtual GuestBook (vgbook) 2.1 stores sensitive information under the ...) TODO: check CVE-2009-0497 (Directory traversal vulnerability in log.jsp in Ignite Realtime ...) - TODO: check + NOT-FOR-US: Openfire CVE-2009-0496 (Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime ...) - TODO: check + NOT-FOR-US: Openfire CVE-2009-0495 (PHP remote file inclusion vulnerability in include/define.php in ...) - TODO: check + NOT-FOR-US: REALTOR CVE-2009-0494 (SQL injection vulnerability in the Portfol (com_portfol) 1.2 component ...) - TODO: check + NOT-FOR-US: Joomla CVE-2009-0493 (SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier ...) - TODO: check + NOT-FOR-US: IT CMS CVE-2009-0492 (Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has ...) - TODO: check + NOT-FOR-US: SimpleIrcBot CVE-2009-0491 (Stack-based buffer overflow in Elecard MPEG Player 5.5 build ...) - TODO: check + NOT-FOR-US: Elecard MPEG Player CVE-2009-0488 (Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 ...) NOT-FOR-US: Phorum CVE-2009-0486 (Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls ...) @@ -47,23 +47,23 @@ CVE-2009-0481 (Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and ...) TODO: check CVE-2009-0480 (The IP implementation in Sun Solaris 8 through 10, and OpenSolaris ...) - TODO: check + NOT-FOR-US: Solaris CVE-2008-6098 (Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, ...) TODO: check CVE-2008-6097 (Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before ...) - TODO: check + NOT-FOR-US: WikyBlog CVE-2008-6096 (Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS ...) - TODO: check + NOT-FOR-US: Juniper NetScreen ScreenOS CVE-2008-6095 (Cross-site scripting (XSS) vulnerability in surveillanceView.htm in ...) - TODO: check + NOT-FOR-US: OpenNMS CVE-2008-6094 (Cross-site scripting (XSS) vulnerability in user.do in Celoxis ...) - TODO: check + NOT-FOR-US: Celoxis Technologies Celoxis CVE-2008-6093 (SQL injection vulnerability in index.php in Noname CMS 1.0, when ...) - TODO: check + NOT-FOR-US: Noname CMS CVE-2008-6092 (phpscripts Ranking Script allows remote attackers to bypass ...) - TODO: check + NOT-FOR-US: phpscripts Ranking Script CVE-2008-6091 (SQL injection vulnerability in plugins.php in BMForum 5.6, when ...) - TODO: check + NOT-FOR-US: BMForum CVE-2009-0489 (The DBus configuration file for Wicd before 1.5.9 allows arbitrary ...) - wicd 1.5.9-1 CVE-2009-XXXX [typo3 information disclosure & xss] @@ -164,41 +164,41 @@ CVE-2009-0432 RESERVED CVE-2008-6090 (Directory traversal vulnerability in members.php in ScriptsEz Mini ...) - TODO: check + NOT-FOR-US: ScriptsEz Mini Hosting Panel CVE-2008-6089 (Directory traversal vulnerability in main.php in ScriptsEz Easy Image ...) - TODO: check + NOT-FOR-US: ScriptsEz CVE-2008-6088 (SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 ...) - TODO: check + NOT-FOR-US: Joomla CVE-2008-6087 (Cross-site scripting (XSS) vulnerability in topic.php in Camera Life ...) - TODO: check + NOT-FOR-US: Camera Life CVE-2008-6086 (SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows ...) - TODO: check + NOT-FOR-US: Camera Life CVE-2008-6085 (Integer overflow in multiple F-Secure anti-virus products, including ...) - TODO: check + NOT-FOR-US: F-Secure CVE-2008-6084 (Unrestricted file upload vulnerability in pages/download.php in Iamma ...) - TODO: check + NOT-FOR-US: Iamma Simple Gallery CVE-2008-6083 (Directory traversal vulnerability in header.php in TXTshop beta 1.0 ...) - TODO: check + NOT-FOR-US: TXTshop CVE-2008-6082 (Titan FTP Server 6.26 build 630 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Titan FTP Server CVE-2008-6081 (SQL injection vulnerability in contact.php in Simple Customer 1.2 ...) - TODO: check + NOT-FOR-US: Simple Customer CVE-2008-6080 (Directory traversal vulnerability in download.php in the ionFiles ...) - TODO: check + NOT-FOR-US: Joomla CVE-2008-6079 (Multiple unspecified vulnerabilities in imlib2 before 1.4.2 have ...) TODO: check CVE-2008-6078 (SQL injection vulnerability in open.php in the Private Messaging ...) - TODO: check + NOT-FOR-US: Limbo CMS CVE-2008-6077 (SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a ...) - TODO: check + NOT-FOR-US: LoudBlog CVE-2008-6076 (SQL injection vulnerability in the Daily Message (com_dailymessage) ...) - TODO: check + NOT-FOR-US: Joomla CVE-2008-6075 (SQL injection vulnerability in aspkat.asp in Bahar Download Script 2.0 ...) TODO: check CVE-2008-6074 (Directory traversal vulnerability in frame.php in phpcrs 2.06 and ...) - TODO: check + NOT-FOR-US: phpcrs CVE-2008-6073 (StorageCrypt 2.0.1 does not properly encrypt disks, which allows local ...) - TODO: check + NOT-FOR-US: StorageCrypt CVE-2008-6072 (Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, ...) TODO: check CVE-2008-6071 (Heap-based buffer overflow in the DecodeImage function in ...) @@ -206,23 +206,23 @@ CVE-2008-6070 (Multiple heap-based buffer underflows in the ReadPALMImage function in ...) TODO: check CVE-2008-6069 (SQL injection vulnerability in e107chat.php in the eChat plugin 4.2 ...) - TODO: check + NOT-FOR-US: eChat plugin CVE-2008-6068 (SQL injection vulnerability in the JoomlaDate (com_joomladate) ...) - TODO: check + NOT-FOR-US: Joomla CVE-2003-1569 (GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote ...) - TODO: check + NOT-FOR-US: Windows CVE-2003-1568 (GoAhead WebServer before 2.1.6 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: GoAhead WebServer CVE-2002-2431 (Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows ...) - TODO: check + NOT-FOR-US: GoAhead WebServer CVE-2002-2430 (GoAhead WebServer before 2.1.1 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: GoAhead WebServer CVE-2002-2429 (webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to ...) - TODO: check + NOT-FOR-US: GoAhead WebServer CVE-2002-2428 (webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to ...) - TODO: check + NOT-FOR-US: GoAhead WebServer CVE-2002-2427 (The security handler in GoAhead WebServer before 2.1.1 allows remote ...) - TODO: check + NOT-FOR-US: GoAhead WebServer CVE-2008-XXXX [iceweasel-firegpg: Passphrase and Cleartext Recovery] - iceweasel-firegpg <unfixed> (bug #514386) CVE-2009-0431 (SQL injection vulnerability in Default.asp in LinksPro Standard ...)