Author: thijs Date: 2012-06-07 19:48:50 +0000 (Thu, 07 Jun 2012) New Revision: 19456 Modified: data/CVE/list Log: struts issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-06-07 19:43:21 UTC (rev 19455) +++ data/CVE/list 2012-06-07 19:48:50 UTC (rev 19456) @@ -5460,8 +5460,7 @@ CVE-2012-0839 (OCaml 3.12.1 and earlier computes hash values without restricting the ...) - ocaml <unfixed> (low; bug #659149) CVE-2012-0838 (Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL ...) - - libstruts1.2-java <undetermined> - NOTE: likely unaffected, because of version difference + - libstruts1.2-java <not-affected> (struts 2 issue) CVE-2012-0837 RESERVED NOT-FOR-US: Joomla! @@ -16534,9 +16533,9 @@ CVE-2011-2089 (Stack-based buffer overflow in the SetActiveXGUID method in the ...) NOT-FOR-US: ICONICS BizViz, GENESIS32 CVE-2011-2088 (XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in ...) - - libstruts1.2-java <undetermined> + - libstruts1.2-java <not-affected> (struts 2 issue) CVE-2011-2087 (Multiple cross-site scripting (XSS) vulnerabilities in component ...) - - libstruts1.2-java <undetermined> + - libstruts1.2-java <not-affected> (struts 2 issue) CVE-2011-2086 RESERVED CVE-2011-2085 (Multiple cross-site request forgery (CSRF) vulnerabilities in Best ...)