Author: jmm-guest Date: 2009-12-26 11:28:51 +0000 (Sat, 26 Dec 2009) New Revision: 13653 Modified: data/CVE/list Log: phpgroupware CVEfied, ticket already exists Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-26 11:26:51 UTC (rev 13652) +++ data/CVE/list 2009-12-26 11:28:51 UTC (rev 13653) @@ -15,14 +15,11 @@ NOTE: is actually piwik TODO: discuss it on oss-sec CVE-2009-4416 (Cross-site scripting (XSS) vulnerability in login.php in phpGroupWare ...) - - phpgroupware <unfixed> - TODO: check + - phpgroupware 1:0.9.16.012+dfsg-9 CVE-2009-4415 (Multiple directory traversal vulnerabilities in phpGroupWare ...) - - phpgroupware <unfixed> - TODO: check + - phpgroupware 1:0.9.16.012+dfsg-9 CVE-2009-4414 (SQL injection vulnerability in phpgwapi /inc/class.auth_sql.inc.php in ...) - - phpgroupware <unfixed> - TODO: check + - phpgroupware 1:0.9.16.012+dfsg-9 CVE-2009-4412 (Unrestricted file upload vulnerability in Serendipity before 1.5 ...) - serendipity <unfixed> TODO: check @@ -2559,10 +2556,6 @@ - jetty <unfixed> (unimportant) NOTE: http://www.coresecurity.com/content/jetty-persistent-xss NOTE: only an example application -CVE-2009-XXXX [phpgroupware XSS] - - phpgroupware 1:0.9.16.012+dfsg-9 -CVE-2009-XXXX [phpgroupware unspecified addressbook issue] - - phpgroupware 1:0.9.16.012+dfsg-9 CVE-2009-3566 (McAfee IntruShield Network Security Manager (NSM) before 5.1.11.8.1 ...) NOT-FOR-US: McAfee IntruShield Network Security Manager CVE-2009-3565 (Multiple cross-site scripting (XSS) vulnerabilities in ...)