Author: joeyh
Date: 2009-11-07 09:14:27 +0000 (Sat, 07 Nov 2009)
New Revision: 13229
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-11-07 08:23:15 UTC (rev 13228)
+++ data/CVE/list 2009-11-07 09:14:27 UTC (rev 13229)
@@ -4932,17 +4932,20 @@
CVE-2008-6840 (Multiple PHP remote file inclusion vulnerabilities in V-webmail
1.6.4 ...)
NOT-FOR-US: V-webmail
CVE-2009-2373 (Cross-site scripting (XSS) vulnerability in the Forum module in
Drupal ...)
+ {DSA-1930-1}
- drupal6 6.12-1.1 (low; bug #535435)
- drupal5 <not-affected> (Vulnerable code not present)
NOTE: http://drupal.org/node/507572
NOTE: requested CVE id
CVE-2009-2372 (Drupal 6.x before 6.13 does not prevent users from modifying
user ...)
+ {DSA-1930-1}
- drupal6 6.12-1.1 (medium; bug #535435)
- drupal5 <not-affected> (Vulnerable code not present)
NOTE: http://drupal.org/node/507572
NOTE: marked as medium as this might lead to code execution if the php filter
is enabled
NOTE: requested CVE id
CVE-2009-2374 (Drupal 5.x before 5.19 and 6.x before 6.13 does not properly
sanitize ...)
+ {DSA-1930-1}
- drupal6 6.12-1.1 (low; bug #535435)
- drupal5 5.18-1.1 (low; bug #535476)
NOTE: http://drupal.org/node/507572