white at alioth.debian.org
2009-Jan-23 02:49 UTC
[Secure-testing-commits] r11023 - data/CVE
Author: white Date: 2009-01-23 02:49:57 +0000 (Fri, 23 Jan 2009) New Revision: 11023 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-01-22 21:14:12 UTC (rev 11022) +++ data/CVE/list 2009-01-23 02:49:57 UTC (rev 11023) @@ -1,19 +1,19 @@ CVE-2009-0245 (Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS ...) - TODO: check + NOT-FOR-US: Usagi Project MyNETS CVE-2009-0244 (Directory traversal vulnerability in the OBEX FTP Service in the ...) - TODO: check + NOT-FOR-US: Microsoft product CVE-2009-0243 (Microsoft Windows does not properly enforce the Autorun and ...) - TODO: check + NOT-FOR-US: Microsoft product CVE-2008-5947 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: YapBB CVE-2008-5946 (SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows ...) - TODO: check + NOT-FOR-US: PHP-Fusion CVE-2008-5945 (Nukeviet 2.0 Beta allows remote attackers to bypass authentication and ...) - TODO: check + NOT-FOR-US: Nukeviet CVE-2008-5944 (Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 ...) - TODO: check + NOT-FOR-US: NavBoard CVE-2008-5943 (Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) ...) - TODO: check + NOT-FOR-US: NavBoard CVE-2008-5942 (Multiple cross-site scripting (XSS) vulnerabilities in MODx before ...) TODO: check CVE-2008-5941 (Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and ...) @@ -21,43 +21,43 @@ CVE-2008-5940 (SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, ...) TODO: check CVE-2008-5939 (Cross-site scripting (XSS) vulnerability in index.php in MODx CMS ...) - TODO: check + NOT-FOR-US: MODx CMS CVE-2008-5938 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: MODx CMS CVE-2008-5937 (AyeView 2.20 allows user-assisted attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: AyeView CVE-2008-5936 (front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: mini-pub CVE-2008-5935 (Facto stores sensitive information under the web root with ...) TODO: check CVE-2008-5934 (SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows ...) - TODO: check + NOT-FOR-US: CMS ISWEB CVE-2008-5933 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: CMS ISWEB CVE-2008-5932 (CodeAvalanche FreeForum stores sensitive information under the web ...) - TODO: check + NOT-FOR-US: CodeAvalanche FreeForum CVE-2008-5931 (The Net Guys ASPired2Blog stores sensitive information under the web ...) - TODO: check + NOT-FOR-US: ASPired2Blog CVE-2008-5930 (SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ...) - TODO: check + NOT-FOR-US: ASPired2Blog CVE-2008-5929 (VP-ASP Shopping Cart 6.50 stores sensitive information under the web ...) - TODO: check + NOT-FOR-US: VP-ASP Shopping Cart CVE-2008-5928 (SQL injection vulnerability in redir.php in Free Links Directory ...) - TODO: check + NOT-FOR-US: Free Links Directory Script CVE-2008-5927 (Multiple SQL injection vulnerabilities in admin/usercheck.php in ...) - TODO: check + NOT-FOR-US: FlexPHPNews CVE-2008-5926 (Multiple SQL injection vulnerabilities in login.asp in ASP-DEv ...) - TODO: check + NOT-FOR-US: ASP-DEv CVE-2008-5925 (ASP-DEv XM Events Diary stores sensitive information under the web ...) - TODO: check + NOT-FOR-US: ASP-DEv CVE-2008-5924 (SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events ...) - TODO: check + NOT-FOR-US: ASP-DEv CVE-2008-5923 (SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary ...) - TODO: check + NOT-FOR-US: ASP-DEv CVE-2008-5922 (Multiple PHP remote file inclusion vulnerabilities in ...) - TODO: check + NOT-FOR-US: Cant Find A Gaming CMS CVE-2008-5921 (SQL injection vulnerability in albums.php in Umer Inc Songs Portal ...) - TODO: check + NOT-FOR-US: Umer Inc Songs Portal CVE-2009-XXXX [multiple security issues in typo3-src] - typo3-src 4.2.4-1 (medium) NOTE: http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/ @@ -192,15 +192,15 @@ CVE-2009-0179 (libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other ...) TODO: check CVE-2009-0178 (Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 ...) - TODO: check + NOT-FOR-US: IBM Hardware Management Console CVE-2009-0177 (vmwarebase.dll, as used in the vmware-authd service (aka ...) NOT-FOR-US: vmware-authd CVE-2009-0176 (Multiple heap-based buffer overflows in the PDF distiller in the ...) NOT-FOR-US: Attachment Service in Research in Motion CVE-2009-0175 (Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 ...) - TODO: check + NOT-FOR-US: Heathco Software MP3 TrackMaker CVE-2009-0174 (Stack-based buffer overflow in VUPlayer 2.49 allows remote attackers ...) - TODO: check + NOT-FOR-US: VUPlayer CVE-2008-5920 (The create_anchors function in utils.inc in WebSVN 1.x allows remote ...) - websvn <not-affected> [etch] - websvn 1.61-21 (bug #503330)