Author: nion Date: 2008-01-23 13:20:24 +0000 (Wed, 23 Jan 2008) New Revision: 8021 Modified: data/CVE/list Log: mantis bug assigned NFUs CVE-2008-0381 fixed in mahara 0.9.1-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-23 12:47:26 UTC (rev 8020) +++ data/CVE/list 2008-01-23 13:20:24 UTC (rev 8021) @@ -11,7 +11,7 @@ CVE-2008-0405 RESERVED CVE-2008-0404 (Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows ...) - - mantis <unfixed> (low; bug filed) + - mantis <unfixed> (low; bug #462245) CVE-2008-0403 (The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does ...) NOT-FOR-US: Belkin Wireless firmware CVE-2008-0402 (Unspecified vulnerability in IBM WebSphere Business Modeler Basic and ...) @@ -37,13 +37,13 @@ CVE-2008-0392 (Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition ...) NOT-FOR-US: Microsoft Visual Basic CVE-2008-0391 (inc/elementz.php in aliTalk 1.9.1.1 does not properly verify ...) - TODO: check + NOT-FOR-US: aliTalk CVE-2008-0390 (stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows ...) - TODO: check + NOT-FOR-US: AuraCMS CVE-2008-0389 (Unspecified vulnerability in the serveServletsByClassnameEnabled ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2008-0388 (SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress ...) - TODO: check + NOT-FOR-US: WP-Forum plugin for WordPress CVE-2008-0387 RESERVED CVE-2008-0386 @@ -51,69 +51,69 @@ CVE-2008-0385 RESERVED CVE-2008-0384 (OpenBSD 4.2 allows local users to cause a denial of service (kernel ...) - TODO: check + NOT-FOR-US: OpenBSD CVE-2008-0383 (Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier ...) - TODO: check + NOT-FOR-US: MyBB CVE-2008-0382 (Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier ...) - TODO: check + NOT-FOR-US: MyBB CVE-2008-0381 (Unspecified vulnerability in Mahara before 0.9.1 has unknown impact ...) - TODO: check + - mahara 0.9.1-1 (low) CVE-2008-0380 (Buffer overflow in the Digital Data Communications RtspVaPgCtrl ...) - TODO: check + NOT-FOR-US: Digital Data Communications CVE-2008-0379 (Race condition in the Enterprise Tree ActiveX control ...) - TODO: check + NOT-FOR-US: Crystal Reports CVE-2008-0378 (Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when ...) - TODO: check + NOT-FOR-US: SocksCap CVE-2008-0377 (MicroNews allows remote attackers to bypass authentication and gain ...) - TODO: check + NOT-FOR-US: MicroNews CVE-2008-0376 (PHP remote file inclusion vulnerability in inc/linkbar.php in Small ...) - TODO: check + NOT-FOR-US: Small Axe Weblog CVE-2008-0375 (Unspecified vulnerability in OKI C5510MFP Printer CU H2.15, PU ...) - TODO: check + NOT-FOR-US: OKI C5510MFP Printer firmware CVE-2008-0374 (OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web ...) - TODO: check + NOT-FOR-US: OKI C5510MFP Printer firmware CVE-2008-0373 (Unrestricted file upload vulnerability in PHP F1 Max''s File Uploader ...) - TODO: check + NOT-FOR-US: PHP F1 Max''s File Uploader CVE-2008-0372 (8e6 R3000 Internet Filter 2.0.05.33, and other versions before 2.0.11, ...) - TODO: check + NOT-FOR-US: 8e6 R3000 Internet Filter CVE-2008-0371 (Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when ...) - TODO: check + NOT-FOR-US: aliTalk CVE-2008-0370 (Cross-site scripting (XSS) vulnerability in dohtaccess.html in cPanel ...) - TODO: check + NOT-FOR-US: cPanel CVE-2008-0369 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.x ...) - TODO: check + NOT-FOR-US: IBM Informix Dynamic Server CVE-2008-0368 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.x ...) - TODO: check + NOT-FOR-US: IBM Informix Dynamic Server CVE-2008-0367 (Mozilla Firefox 2.0.0.11, 3.0b2, and possibly earlier versions, when ...) - TODO: check + - iceweasel <unfixed> (low) CVE-2008-0366 (CORE FORCE before 0.95.172 does not properly validate arguments to ...) - TODO: check + NOT-FOR-US: CORE FORCE CVE-2008-0365 (Multiple buffer overflows in CORE FORCE before 0.95.172 allow local ...) - TODO: check + NOT-FOR-US: CORE FORCE CVE-2008-0364 (Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent ...) - TODO: check + NOT-FOR-US: BitTorrent/uTorrent CVE-2008-0363 (Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier ...) - TODO: check + NOT-FOR-US: Clever Copy CVE-2008-0362 (Cross-site scripting (XSS) vulnerability in gallery.php in Clever Copy ...) - TODO: check + NOT-FOR-US: Clever Copy CVE-2008-0361 (Directory traversal vulnerability in agregar_info.php in GradMan 0.1.3 ...) - TODO: check + NOT-FOR-US: GradMan CVE-2008-0360 (Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote ...) - TODO: check + NOT-FOR-US: BLOG:CMS CVE-2008-0359 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b ...) - TODO: check + NOT-FOR-US: BLOG:CMS CVE-2008-0358 (SQL injection vulnerability in index.php in Pixelpost 1.7 allows ...) - TODO: check + NOT-FOR-US: Pixelpost CVE-2008-0357 (Directory traversal vulnerability in pages/upload.php in Galaxyscripts ...) - TODO: check + NOT-FOR-US: Galaxyscripts CVE-2008-0356 (Buffer overflow in the Independent Management Architecture (IMA) ...) - TODO: check + NOT-FOR-US: Citrix Presentation Server CVE-2008-0355 (SQL injection vulnerability in index.php in the forum module in ...) - TODO: check + NOT-FOR-US: PHPEcho CMS CVE-2008-0354 (Cross-site scripting (XSS) vulnerability in the chat client in IBM ...) - TODO: check + NOT-FOR-US: IBM Lotus Sametime CVE-2008-0353 (SQL injection vulnerability in visualizza_tabelle.php in php-residence ...) - TODO: check + NOT-FOR-US: php-residence CVE-2008-XXXX [firebird DoS] - firebird2.0 2.0.3.12981.ds1-4 (bug #460048) - firebird2 <removed>