white at alioth.debian.org
2009-Mar-01 07:09 UTC
[Secure-testing-commits] r11289 - data/CVE
Author: white Date: 2009-03-01 07:09:39 +0000 (Sun, 01 Mar 2009) New Revision: 11289 Modified: data/CVE/list Log: More NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-03-01 06:33:18 UTC (rev 11288) +++ data/CVE/list 2009-03-01 07:09:39 UTC (rev 11289) @@ -128,23 +128,23 @@ CVE-2009-0681 RESERVED CVE-2009-0680 (cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows ...) - TODO: check + NOT-FOR-US: Netgear CVE-2009-0679 (Cross-site scripting (XSS) vulnerability in the Your Account module in ...) - TODO: check + NOT-FOR-US: RavenNuke CVE-2009-0678 (images/captcha.php in RavenNuke 2.30 allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: RavenNuke CVE-2009-0677 (avatarlist.php in the Your Account module, reached through ...) - TODO: check + NOT-FOR-US: RavenNuke CVE-2009-0676 (The sock_getsockopt function in net/core/sock.c in the Linux kernel ...) TODO: check CVE-2009-0675 (The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux ...) TODO: check CVE-2009-0674 (images/captcha.php in Raven Web Services RavenNuke 2.30, when ...) - TODO: check + NOT-FOR-US: RavenNuke CVE-2009-0673 (Eval injection vulnerability in the Custom Fields feature in the Your ...) - TODO: check + NOT-FOR-US: RavenNuke CVE-2009-0672 (SQL injection vulnerability in the Resend_Email module in Raven Web ...) - TODO: check + NOT-FOR-US: RavenNuke CVE-2009-0671 REJECTED CVE-2009-0670 @@ -170,15 +170,15 @@ CVE-2009-0660 RESERVED CVE-2009-0659 (Stack-based buffer overflow in the GetStatsFromLine function in TPTEST ...) - TODO: check + NOT-FOR-US: TPTEST CVE-2009-0658 (Buffer overflow in Adobe Reader 9.0 and earlier and Acrobat 9.0 and ...) - TODO: check + NOT-FOR-US: Adobe Reader CVE-2009-0657 (Toshiba Face Recognition 2.0.2.32 allows physically proximate ...) - TODO: check + NOT-FOR-US: Toshiba Face Recognition CVE-2009-0656 (Asus SmartLogon 1.0.0005 allows physically proximate attackers to ...) - TODO: check + NOT-FOR-US: Asus SmartLogon CVE-2009-0655 (Lenovo Veriface III allows physically proximate attackers to login to ...) - TODO: check + NOT-FOR-US: Lenovo Veriface CVE-2009-0654 (Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote ...) TODO: check CVE-2009-0653 (OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an ...) @@ -186,79 +186,79 @@ CVE-2009-0652 (Mozilla Firefox 3.0.6 does not properly prevent the literal rendering ...) TODO: check CVE-2009-0651 (Unspecified vulnerability in the Veritas network daemon (aka vnetd) in ...) - TODO: check + NOT-FOR-US: Veritas network daemon CVE-2009-0650 (Stack-based buffer overflow in the GetStatsFromLine function in TPTEST ...) - TODO: check + NOT-FOR-US: TPTEST CVE-2009-0649 (The web browser in Symbian OS on the Nokia N95 cell phone allows ...) - TODO: check + NOT-FOR-US: Symbian OS CVE-2008-6288 (Directory traversal vulnerability in download.php in Interface Medien ...) - TODO: check + NOT-FOR-US: Interface Medien ibase CVE-2008-6287 (Multiple PHP remote file inclusion vulnerabilities in Broadcast ...) - TODO: check + NOT-FOR-US: Broadcast Machine CVE-2008-6286 (Multiple SQL injection vulnerabilities in SubscriberStart.asp in ...) - TODO: check + NOT-FOR-US: Active Newsletter CVE-2008-6285 (SQL injection vulnerability in index.php in PHP TV Portal 2.0 and ...) - TODO: check + NOT-FOR-US: PHP TV Portal CVE-2008-6284 (SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows ...) - TODO: check + NOT-FOR-US: Z1Exchange CVE-2008-6283 (Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote ...) - TODO: check + NOT-FOR-US: Subtext CVE-2008-6282 (SQL injection vulnerability in engine/users/users_edit_pub.inc in CMS ...) - TODO: check + NOT-FOR-US: CMS Ortus CVE-2008-6281 (SQL injection vulnerability in index.php in Bluo CMS 1.2 allows remote ...) - TODO: check + NOT-FOR-US: Bluo CMS CVE-2008-6280 (Cross-site scripting (XSS) vulnerability in apply.cgi on the Linksys ...) - TODO: check + NOT-FOR-US: Linksys WRT160N CVE-2008-6279 (RakhiSoftware Price Comparison Script (aka Shopping Cart) allows ...) - TODO: check + NOT-FOR-US: RakhiSoftware Price Comparison Script CVE-2008-6278 (Multiple cross-site scripting (XSS) vulnerabilities in product.php in ...) - TODO: check + NOT-FOR-US: RakhiSoftware Price Comparison Script CVE-2008-6277 (SQL injection vulnerability in product.php in RakhiSoftware Price ...) - TODO: check + NOT-FOR-US: RakhiSoftware Price Comparison Script CVE-2008-6276 (Multiple SQL injection vulnerabilities in the User Karma module 5.x ...) TODO: check CVE-2008-6275 (Cross-site scripting (XSS) vulnerability in the User Karma module 5.x ...) TODO: check CVE-2008-6274 (Multiple SQL injection vulnerabilities in index.php in FamilyProject ...) - TODO: check + NOT-FOR-US: FamilyProject CVE-2008-6273 (Directory traversal vulnerability in configuration_script.php in ...) - TODO: check + NOT-FOR-US: MyKtools CVE-2008-6272 (SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll ...) - TODO: check + NOT-FOR-US: Dragan Mitic Apoll CVE-2008-6271 (Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when ...) - TODO: check + NOT-FOR-US: TBmnetCMS CVE-2008-6270 (SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll ...) - TODO: check + NOT-FOR-US: Dragan Mitic Apoll CVE-2008-6269 (Joovili 3.1.4 allows remote attackers to bypass authentication and ...) - TODO: check + NOT-FOR-US: Joovili CVE-2008-6268 (SQL injection vulnerability in detail.php in Multi Languages WebShop ...) - TODO: check + NOT-FOR-US: Multi Languages WebShop Online CVE-2008-6267 (Cross-site scripting (XSS) vulnerability in detail.php in Multi ...) - TODO: check + NOT-FOR-US: Multi Languages WebShop Online CVE-2008-6266 (SQL injection vulnerability in links.php in Appalachian State ...) - TODO: check + NOT-FOR-US: phpWebSite CVE-2008-6265 (Directory traversal vulnerability in portfolio/css.php in Cyberfolio ...) - TODO: check + NOT-FOR-US: Cyberfolio CVE-2008-6264 (SQL injection vulnerability in admin/admin.php in E-topbiz Slide ...) - TODO: check + NOT-FOR-US: E-topbiz Slide Popups CVE-2008-6263 (SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows ...) - TODO: check + NOT-FOR-US: SaturnCMS CVE-2008-6262 (SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS ...) - TODO: check + NOT-FOR-US: SaturnCMS CVE-2008-6261 (SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows ...) - TODO: check + NOT-FOR-US: E-topbiz AdManager CVE-2008-6260 (SQL injection vulnerability in index.php in Ultrastats 0.2.144 and ...) - TODO: check + NOT-FOR-US: Ultrastats CVE-2008-6259 (Cross-site scripting (XSS) vulnerability in search.asp in QuadComm ...) - TODO: check + NOT-FOR-US: QuadComm Q-Shop CVE-2008-6258 (SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and ...) - TODO: check + NOT-FOR-US: QuadComm Q-Shop CVE-2008-6257 (SQL injection vulnerability in default.asp in Openasp 3.0 and earlier ...) - TODO: check + NOT-FOR-US: Openasp CVE-2008-6256 (SQL injection vulnerability in admincp/admincalendar.php in vBulletin ...) - TODO: check + NOT-FOR-US: vBulletin CVE-2008-6255 (Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote ...) - TODO: check + NOT-FOR-US: vBulletin CVE-2008-6254 (SQL injection vulnerability in scripts/documents.php in Jadu Galaxies ...) TODO: check CVE-2008-6253 (Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in ...)