kees at alioth.debian.org
2009-Mar-23 21:47 UTC
[Secure-testing-commits] r11465 - data/CVE
Author: kees Date: 2009-03-23 21:47:41 +0000 (Mon, 23 Mar 2009) New Revision: 11465 Modified: data/CVE/list Log: NFUs: 41 Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-03-23 21:14:12 UTC (rev 11464) +++ data/CVE/list 2009-03-23 21:47:41 UTC (rev 11465) @@ -1,17 +1,17 @@ CVE-2009-1040 (Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote ...) NOT-FOR-US: WinAsm CVE-2009-1039 (Buffer overflow in CDex 1.70b2 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: CDex CVE-2009-1038 (Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote ...) NOT-FOR-US: YAP Blog CVE-2009-1037 (Unspecified vulnerability in the Send by e-mail module in the ...) - TODO: check + NOT-FOR-US: Send by e-mail module for Drupal CVE-2009-1036 (Cross-site request forgery (CSRF) vulnerability in the Plus 1 module ...) - TODO: check + NOT-FOR-US: Plus 1 module for Drupal CVE-2009-1035 (Cross-site scripting (XSS) vulnerability in Tasklist module 5.x-1.x ...) - TODO: check + NOT-FOR-US: Tasklist module for Drupal CVE-2009-1034 (SQL injection vulnerability in the Tasklist module 5.x-1.x before ...) - TODO: check + NOT-FOR-US: Tasklist module for Drupal CVE-2009-1033 (SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier ...) NOT-FOR-US: DeluxeBB CVE-2009-1032 (SQL injection vulnerability in gallery_list.php in YABSoft Advanced ...) @@ -21,21 +21,21 @@ CVE-2009-1030 (Cross-site scripting (XSS) vulnerability in the choose_primary_blog ...) - wordpress-mu <itp> (bug #399756) CVE-2009-1029 (Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows ...) - TODO: check + NOT-FOR-US: POP Peeper CVE-2009-1028 (Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote ...) - TODO: check + NOT-FOR-US: ediSys eZip Wizard CVE-2009-1027 (SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers ...) - TODO: check + NOT-FOR-US: OpenCart CVE-2009-1026 (Multiple SQL injection vulnerabilities in login.php in Kim Websites ...) - TODO: check + NOT-FOR-US: Kim Websites CVE-2009-1025 (PHP remote file inclusion vulnerability in linkadmin.php in Beerwin ...) - TODO: check + NOT-FOR-US: Beerwin PHPLinkAdmin CVE-2009-1024 (Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 ...) - TODO: check + NOT-FOR-US: Beerwin PHPLinkAdmin CVE-2009-1023 (SQL injection vulnerability in index.php in phpComasy 0.9.1 allows ...) - TODO: check + NOT-FOR-US: phpComasy CVE-2009-1022 (Heap-based buffer overflow in the Preview/ Set Segment function in ...) - TODO: check + NOT-FOR-US: Gretech GOMlab GOM Encoder CVE-2009-1021 RESERVED CVE-2009-1020 @@ -137,49 +137,49 @@ CVE-2009-0972 RESERVED CVE-2008-6503 (Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop ...) - TODO: check + NOT-FOR-US: PrestaShop CVE-2008-6502 (Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows ...) - TODO: check + NOT-FOR-US: Pro Chat Rooms CVE-2008-6501 (Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro ...) - TODO: check + NOT-FOR-US: Pro Chat Rooms CVE-2008-6500 (Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart ...) - TODO: check + NOT-FOR-US: CodeToad ASP Shopping Cart Script CVE-2008-6499 (security/xamppsecurity.php in XAMPP 1.6.8 performs an extract ...) - TODO: check + NOT-FOR-US: XAMPP CVE-2008-6498 (Cross-site request forgery (CSRF) vulnerability in ...) - TODO: check + NOT-FOR-US: XAMPP CVE-2008-6497 (The Neostrada Livebox ADSL Router allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Neostrada Livebox ADSL Router CVE-2008-6496 (Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX ...) - TODO: check + NOT-FOR-US: VSPDFEditorX.ocx CVE-2008-6495 (Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger ...) - TODO: check + NOT-FOR-US: Fritz Berger yet another php photo album - next generation CVE-2008-6494 (ASP User Engine.NET stores sensitive information under the web root ...) - TODO: check + NOT-FOR-US: ASP User Engine.NET CVE-2008-6493 (Easy Content Management Publishing stores sensitive information under ...) - TODO: check + NOT-FOR-US: Easy Content Management Publishing CVE-2008-6492 (Unrestricted file upload vulnerability in process.php in Tizag ...) - TODO: check + NOT-FOR-US: Tizag Countdown Creator CVE-2009-0971 (Cross-site scripting (XSS) vulnerability in futomi''s CGI Cafe Access ...) - TODO: check + NOT-FOR-US: futomi''s CGI Cafe Access Analyzer CGI Standard Version CVE-2009-0970 (PHP remote file inclusion vulnerability in includes/class_image.php in ...) - TODO: check + NOT-FOR-US: PHP Pro Bid CVE-2009-0969 (Cross-site request forgery (CSRF) vulnerability in ...) - TODO: check + NOT-FOR-US: phpFoX CVE-2009-0968 (SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 ...) - TODO: check + NOT-FOR-US: fMoblog plugin for WordPress CVE-2009-0967 (The FTP server in Serv-U 7.4.0.1 allows remote authenticated users to ...) - TODO: check + NOT-FOR-US: Serv-U CVE-2009-0966 (PHP remote file inclusion vulnerability in cross.php in YABSoft Mega ...) NOT-FOR-US: YABSoft Mega File Hosting CVE-2009-0965 (SQL injection vulnerability in functions/browse.php in Ganesha Digital ...) - TODO: check + NOT-FOR-US: Ganesha Digital Library CVE-2009-0964 (UserView_list.php in PHPRunner 4.2, and possibly earlier, stores ...) NOT-FOR-US: PHPRunner CVE-2009-0963 (Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly ...) NOT-FOR-US: PHPRunner CVE-2009-0962 (Unspecified vulnerability in Futomi''s CGI Cafe MP Form Mail CGI ...) - TODO: check + NOT-FOR-US: Futomi''s CGI Cafe MP Form Mail CGI eCommerce CVE-2009-0961 RESERVED CVE-2009-0960 @@ -227,11 +227,11 @@ CVE-2008-6491 (PHP remote file inclusion vulnerability in connexion.php in PHPGKit ...) NOT-FOR-US: PHPGKit CVE-2008-6490 (function/update_xml.php in FLABER 1.1 and earlier allows remote ...) - TODO: check + NOT-FOR-US: FLABER CVE-2008-6489 (SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for ...) NOT-FOR-US: MyAlbum component (com_myalbum) for Joomla! CVE-2008-6488 (SQL injection vulnerability in index.php in SoftComplex PHP Image ...) - TODO: check + NOT-FOR-US: SoftComplex PHP Image Gallery CVE-2008-6487 (Multiple SQL injection vulnerabilities in login.asp in Digiappz ...) NOT-FOR-US: Digiappz DigiAffiliate CVE-2008-6486 (PHP remote file inclusion vulnerability in ...) @@ -261,7 +261,7 @@ - ejabberd <unfixed> (bug #520852) TODO: check version in old/stable CVE-2009-0933 (Cross-site scripting (XSS) vulnerability in the administrative ...) - TODO: check + NOT-FOR-US: Dotclear CVE-2009-0932 (Directory traversal vulnerability in framework/Image/Image.php in ...) TODO: check CVE-2009-0931 (Cross-site scripting (XSS) vulnerability in the tag cloud search ...) @@ -269,19 +269,19 @@ CVE-2009-0930 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP ...) TODO: check CVE-2009-0929 (Directory traversal vulnerability in the media manager in Nucleus CMS ...) - TODO: check + NOT-FOR-US: Nucleus CMS CVE-2009-0928 RESERVED CVE-2009-0927 (Unspecified vulnerability in Adobe Reader and Adobe Acrobat 9.1 and ...) - TODO: check + NOT-FOR-US: Adobe Reader and Adobe Acrobat CVE-2009-0926 (Unspecified vulnerability in the UFS filesystem functionality in Sun ...) - TODO: check + NOT-FOR-US: Sun OpenSolaris CVE-2009-0925 (Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, ...) - TODO: check + NOT-FOR-US: Sun Solaris CVE-2009-0924 (Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, ...) - TODO: check + NOT-FOR-US: Sun OpenSolaris CVE-2009-0923 (Unspecified vulnerability in Kerberos Incremental Propagation in ...) - TODO: check + NOT-FOR-US: Solaris CVE-2009-0922 (PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows ...) TODO: check CVE-2008-6481 (SQL injection vulnerability in the Versioning component ...)