thr3ads.net - Secure testing commits - [Secure-testing-commits] r17949

If this information is useful, please help other people find it:
Share via:

Florian Weimer

2011-Dec-31 16:59 UTC

[Secure-testing-commits] r17949 - data/CVE

Author: fw
Date: 2011-12-31 16:59:28 +0000 (Sat, 31 Dec 2011)
New Revision: 17949

Modified:
   data/CVE/list
Log:
CVE-2011-5036: ruby-rack
CVE-2011-5027: zabbix
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-12-31 16:52:21 UTC (rev 17948)
+++ data/CVE/list	2011-12-31 16:59:28 UTC (rev 17949)
@@ -7,7 +7,7 @@
 CVE-2011-5037 (Google V8 computes hash values for form parameters without
restricting ...)
 	- libv8 <unfixed>
 CVE-2011-5036 (Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6
computes ...)
-	TODO: check
+	- ruby-rack <unfixed>
 CVE-2011-5035 (Oracle Glassfish 3.1.1 and earlier computes hash values for form
...)
 	- glassfish <unfixed>
 CVE-2011-5034 (Apache Geronimo 2.2.1 and earlier computes hash values for form
...)
@@ -15,21 +15,21 @@
 	NOTE: It''s not clear if this issue is in Geronimo itself,
 	NOTE: or in the servlet container it uses.
 CVE-2011-5033 (Stack-based buffer overflow in CFS.c in ConfigServer Security
&amp; ...)
-	TODO: check
+	NOT-FOR-US: ConfigServer Security & Firewall
 CVE-2011-5032 (WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users
to ...)
-	TODO: check
+	NOT-FOR-US: WinMount
 CVE-2011-5031 (Multiple SQL injection vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: cApexWEB
 CVE-2011-5030 (Cross-site scripting (XSS) vulnerability in the Meta tags quick
module ...)
-	TODO: check
+	NOT-FOR-US: Meta tags quick module for Drupal
 CVE-2011-5029 (Multiple cross-site scripting (XSS) vulnerabilities in Simple
PHP Blog ...)
-	TODO: check
+	NOT-FOR-US: Sumple PHP Blog
 CVE-2011-5028 (Directory traversal vulnerability in
novelllogmanager/FileDownload in ...)
-	TODO: check
+	NOT-FOR-US: Novell Sentinel Log Manager
 CVE-2011-5027 (Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10
...)
-	TODO: check
+	- zabbix <unfixed>
 CVE-2011-5026 (Cross-site scripting (XSS) vulnerability in Winn GuestBook
before ...)
-	TODO: check
+	NOT-FOR-US: Winn Guestbook
 CVE-2011-5025 (Multiple cross-site scripting (XSS) vulnerabilities in the wiki
...)
 	TODO: check
 CVE-2011-5024 (Cross-site scripting (XSS) vulnerability in mmsearch/design in
the ...)

Secure testing commits - Dec 2011 - r17949 - data/CVE

[Secure-testing-commits] r17949 - data/CVE