thr3ads.net - Secure testing commits - [Secure-testing-commits] r9120

If this information is useful, please help other people find it:
Share via:
nion at alioth.debian.org
2008-Jun-22 13:04 UTC
[Secure-testing-commits] r9120 - data/CVE

Author: nion
Date: 2008-06-22 13:04:34 +0000 (Sun, 22 Jun 2008)
New Revision: 9120

Modified:
   data/CVE/list
Log:
NFUs
new horde/kronolith issue


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-06-22 09:14:36 UTC (rev 9119)
+++ data/CVE/list	2008-06-22 13:04:34 UTC (rev 9120)
@@ -10,71 +10,74 @@
 CVE-2008-2785 (Unspecified vulnerability in Firefox 3.0 and 2.0.x has unknown
impact ...)
 	TODO: check
 CVE-2008-2784 (The smtp_filter function in spamdyke before 3.1.8 does not
filter RCPT ...)
-	TODO: check
+	NOT-FOR-US: spamdyke
 CVE-2008-2783 (Multiple cross-site scripting (XSS) vulnerabilities in Horde
...)
-	TODO: check
+	- kronolith2 <unfixed>
+	- horde3 <unfixed>
+	NOTE: marked as unfixed for now
+	NOTE: poked maintainer, for details
 CVE-2008-2782 (Multiple directory traversal vulnerabilities in OtomiGenX 2.2
allow ...)
-	TODO: check
+	NOT-FOR-US: OtomiGenX
 CVE-2008-2781 (SQL injection vulnerability in index.php in DZOIC Handshakes 3.5
...)
-	TODO: check
+	NOT-FOR-US: DZOIC Handshakes
 CVE-2008-2780 (The Anubis (aka Anubis+Ripe160) plugin before 1.3 for encrypt
stores ...)
-	TODO: check
+	NOT-FOR-US: Anubis
 CVE-2008-2779 (Directory traversal vulnerability in GlobalSCAPE CuteFTP Home
8.2.0 ...)
-	TODO: check
+	NOT-FOR-US: GlobalSCAPE CuteFTP Home
 CVE-2008-2778 (SQL injection vulnerability in inc/class_search.php in the
Search ...)
-	TODO: check
+	NOT-FOR-US: RevokeBB
 CVE-2008-2777 (Cross-site scripting (XSS) vulnerability in Ortro before 1.3.1
allows ...)
-	TODO: check
+	NOT-FOR-US: Ortro
 CVE-2008-2776 (Cross-site scripting (XSS) vulnerability in search.asp in DT
...)
-	TODO: check
+	NOT-FOR-US: DT Centrepiece
 CVE-2008-2775 (SQL injection vulnerability in search.asp in DT Centrepiece 4.0
allows ...)
-	TODO: check
+	NOT-FOR-US: DT Centrepiece
 CVE-2008-2774 (SQL injection vulnerability in item.php in CartKeeper CKGold
Shopping ...)
-	TODO: check
+	NOT-FOR-US: CartKeeper CKGold Shopping Cart
 CVE-2008-2773 (Cross-site scripting (XSS) vulnerability in the Taxonomy Image
module ...)
-	TODO: check
+	NOT-FOR-US: Taxonomy Image module for Drupal
 CVE-2008-2772 (The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Magic Tabs module for Drupal
 CVE-2008-2771 (The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before
6.x-1.0 ...)
-	TODO: check
+	NOT-FOR-US: Node Hierarchy module for Drupal
 CVE-2008-2770 (SQL injection vulnerability in index.php in MycroCMS 0.5, when
...)
-	TODO: check
+	NOT-FOR-US: MycroCMS
 CVE-2008-2769 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: phpRaider
 CVE-2008-2768 (Cross-site scripting (XSS) vulnerability in admin/search.asp in
Xigla ...)
-	TODO: check
+	NOT-FOR-US: Xigla Poll Manager XE
 CVE-2008-2767 (SQL injection vulnerability in search.asp in Xigla Poll Manager
XE ...)
-	TODO: check
+	NOT-FOR-US: Xigla Poll Manager XE
 CVE-2008-2766 (Cross-site scripting (XSS) vulnerability in Xigla Absolute Image
...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute Image Gallery XE
 CVE-2008-2765 (SQL injection vulnerability in gallery.asp in Xigla Absolute
Image ...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute Image Gallery XE
 CVE-2008-2764 (Cross-site scripting (XSS) vulnerability in admin/search.asp in
Xigla ...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute Live Support XE
 CVE-2008-2763 (SQL injection vulnerability in search.asp in Xigla Absolute Live
...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute Live Support XE
 CVE-2008-2762 (SQL injection vulnerability in search.asp in Xigla Absolute Form
...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute Form Processor XE
 CVE-2008-2761 (Multiple cross-site scripting (XSS) vulnerabilities in Xigla
Absolute ...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute Banner Manager XE
 CVE-2008-2760 (SQL injection vulnerability in searchbanners.asp in Xigla
Absolute ...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute Banner Manager XE
 CVE-2008-2759 (Multiple cross-site scripting (XSS) vulnerabilities in Xigla
Absolute ...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute Form Processor XE
 CVE-2008-2758 (Multiple cross-site scripting (XSS) vulnerabilities in Xigla
Absolute ...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute News Manager XE
 CVE-2008-2757 (SQL injection vulnerability in search.asp in Xigla Absolute News
...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute News Manager XE
 CVE-2008-2756 (Cross-site scripting (XSS) vulnerability in admin/users.asp in
Xigla ...)
-	TODO: check
+	NOT-FOR-US: Xigla Absolute Control Panel XE
 CVE-2008-2755 (SQL injection vulnerability in index.php in JAMM CMS allows
remote ...)
-	TODO: check
+	NOT-FOR-US: JAMM CMS
 CVE-2008-2754 (SQL injection vulnerability in toplists.php in eFiction 3.0 and
3.4.3, ...)
-	TODO: check
+	NOT-FOR-US: eFiction
 CVE-2008-2753 (Multiple SQL injection vulnerabilities in Pooya Site Builder
(PSB) 6.0 ...)
-	TODO: check
+	NOT-FOR-US: Pooya Site Builder
 CVE-2008-2752 (Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not
properly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Word
 CVE-2008-2751 (Multiple cross-site scripting (XSS) vulnerabilities in the
Glassfish ...)
 	TODO: check
 CVE-2008-2750 (The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the
Linux ...)
Secure testing commits - Jun 2008 - r9120 - data/CVE

[Secure-testing-commits] r9120 - data/CVE
