white at alioth.debian.org
2009-Mar-14 13:33 UTC
[Secure-testing-commits] r11399 - data/CVE
Author: white Date: 2009-03-14 13:33:42 +0000 (Sat, 14 Mar 2009) New Revision: 11399 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-03-14 11:50:56 UTC (rev 11398) +++ data/CVE/list 2009-03-14 13:33:42 UTC (rev 11399) @@ -73,71 +73,71 @@ CVE-2009-0836 (Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, ...) NOT-FOR-US: Foxit Reader CVE-2008-6450 (Cross-site scripting (XSS) vulnerability in Under Construction, Baby ...) - TODO: check + NOT-FOR-US: Under Construction, Baby CVE-2008-6449 (Cross-site request forgery (CSRF) vulnerability in multiple Century ...) - TODO: check + NOT-FOR-US: Century Systems routers CVE-2008-6448 (Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC ...) TODO: check CVE-2008-6447 (Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail ...) NOT-FOR-US: QuikSoft EasyMail CVE-2008-6446 (Static code injection vulnerability in the Guestbook component in CMS ...) - TODO: check + NOT-FOR-US: CMS MAXSITE CVE-2008-6445 (Unspecified vulnerability in YourPlace before 1.0.1 has unknown impact ...) - TODO: check + NOT-FOR-US: YourPlace CVE-2008-6444 (Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might ...) NOT-FOR-US: Baidu Hi IM CVE-2008-6443 (SQL injection vulnerability in forum_duzen.php in phpKF allows remote ...) - TODO: check + NOT-FOR-US: phpKF CVE-2008-6442 (Insecure method vulnerability in Sina Inc. DLoader Class ActiveX ...) NOT-FOR-US: Sina Inc. DLoader Class ActiveX CVE-2008-6441 (Format string vulnerability in the Epic Games Unreal engine client, as ...) - TODO: check + NOT-FOR-US: Epic Games Unreal engine client CVE-2008-6440 (Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to ...) - TODO: check + NOT-FOR-US: Cerberus Helpdesk CVE-2008-6439 (Cross-site scripting (XSS) vulnerability in search_results.php in ...) - TODO: check + NOT-FOR-US: ABK-Soft AbleDating CVE-2008-6438 (SQL injection vulnerability in macgurublog_menu/macgurublog.php in the ...) - TODO: check + NOT-FOR-US: MacGuru BLOG Engine CVE-2008-6437 (Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeForum ...) - TODO: check + NOT-FOR-US: PHPFreeForum CVE-2008-6436 (Cross-site scripting (XSS) vulnerability in the Web Server in Xerox ...) - TODO: check + NOT-FOR-US: Xerox WorkCentre CVE-2008-6435 (Multiple cross-site scripting (XSS) vulnerabilities in phpSQLiteCMS 1 ...) - TODO: check + NOT-FOR-US: phpSQLiteCMS CVE-2008-6434 (SQL injection vulnerability in index.cfm in Blue River Interactive ...) - TODO: check + NOT-FOR-US: Blue River Interactive Group Sava CMS CVE-2008-6433 (Cross-site scripting (XSS) vulnerability in index.cfm in Blue River ...) - TODO: check + NOT-FOR-US: Blue River Interactive Group Sava CMS CVE-2008-6431 (Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 ...) - TODO: check + NOT-FOR-US: BMForum CVE-2008-6430 (SQL injection vulnerability in the MyContent (com_mycontent) component ...) - TODO: check + NOT-FOR-US: Joomla CVE-2008-6429 (SQL injection vulnerability in the PrayerCenter (com_prayercenter) ...) - TODO: check + NOT-FOR-US: Joomla CVE-2008-6428 (The CGI framework in Kaya 0.4.0 allows remote attackers to inject ...) TODO: check CVE-2008-6427 (SQL injection vulnerability in index.php in Hivemaker Professional ...) - TODO: check + NOT-FOR-US: Hivemaker Professional CVE-2008-6425 (SQL injection vulnerability in news.php in ComicShout 2.8 allows ...) - TODO: check + NOT-FOR-US: ComicShout CVE-2008-6424 (Directory traversal vulnerability in FFFTP 1.96b allows remote FTP ...) - TODO: check + NOT-FOR-US: FFFTP CVE-2008-6423 (Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 ...) - TODO: check + NOT-FOR-US: PassWiki CVE-2008-6422 (Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and ...) - TODO: check + NOT-FOR-US: PsychoStats CVE-2008-6421 (PHP remote file inclusion vulnerability in social_game_play.php in ...) - TODO: check + NOT-FOR-US: Social Site Generator CVE-2008-6420 (Social Site Generator (SSG) 2.0 allows remote attackers to read ...) - TODO: check + NOT-FOR-US: Social Site Generator CVE-2008-6419 (Multiple SQL injection vulnerabilities in Social Site Generator (SSG) ...) - TODO: check + NOT-FOR-US: Social Site Generator CVE-2008-6418 (SQL injection vulnerability in scrape.php in TorrentTrader before ...) - TODO: check + NOT-FOR-US: TorrentTrader CVE-2008-6417 (Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows ...) - TODO: check + NOT-FOR-US: GreenSQL-Console CVE-2008-6416 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + NOT-FOR-US: GreenSQL-Console CVE-2009-0854 (Untrusted search path vulnerability in dash 0.5.4, when used as a ...) - dash <not-affected> (Debian uses upstream''s patch to implement -l) CVE-2009-0835 (The __secure_computing function in kernel/seccomp.c in the seccomp ...)