Author: jmm-guest
Date: 2010-05-19 21:24:21 +0000 (Wed, 19 May 2010)
New Revision: 14714
Modified:
data/CVE/list
Log:
- zendframework fixed
- NFUs
- record unfixed state of phpgroupware in unstable
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-05-19 21:15:38 UTC (rev 14713)
+++ data/CVE/list 2010-05-19 21:24:21 UTC (rev 14714)
@@ -13,25 +13,25 @@
CVE-2010-1951 (Multiple directory traversal vulnerabilities in 60cycleCMS allow
...)
TODO: check
CVE-2010-1950 (SQL injection vulnerability in the Online News Paper Manager
...)
- TODO: check
+ NOT-FOR-US: Online News Paper Manager
CVE-2010-1949 (SQL injection vulnerability in the Online News Paper Manager
...)
- TODO: check
+ NOT-FOR-US: Online News Paper Manager
CVE-2010-1948 (Directory traversal vulnerability in scr/soustab.php in
openMairie ...)
- TODO: check
+ NOT-FOR-US: openMairie
CVE-2010-1947 (Directory traversal vulnerability in scr/soustab.php in
openMairie ...)
- TODO: check
+ NOT-FOR-US: openMairie
CVE-2010-1946 (Multiple PHP remote file inclusion vulnerabilities in openMairie
...)
- TODO: check
+ NOT-FOR-US: openMairie
CVE-2010-1945 (Multiple PHP remote file inclusion vulnerabilities in openMairie
...)
- TODO: check
+ NOT-FOR-US: openMairie
CVE-2010-1944 (Multiple PHP remote file inclusion vulnerabilities in openMairie
...)
- TODO: check
+ NOT-FOR-US: openMairie
CVE-2010-1943 (Unspecified vulnerability in NEC CapsSuite Small Edition
PatchMeister ...)
- TODO: check
+ NOT-FOR-US: NEC CapsSuite Small Edition
CVE-2010-1942 (Unspecified vulnerability in the Servlet service in Fujitsu
Limited ...)
- TODO: check
+ NOT-FOR-US: Fujitsu Limited Interstage Application Server
CVE-2010-1941 (Unspecified vulnerability in NEC WebSAM DeploymentManager 5.13
and ...)
- TODO: check
+ NOT-FOR-US: NEC WebSAM DeploymentManager
CVE-2010-1940 (Apple Safari 4.0.5 on Windows sends the "Authorization:
Basic" header ...)
TODO: check webkit, chromium, etc once sufficient details are revealed
CVE-2010-1939 (Use-after-free vulnerability in Apple Safari 4.0.5 on Windows
allows ...)
@@ -866,7 +866,7 @@
- xulrunner <undetermined>
TODO: check
CVE-2010-1584 (Cross-site scripting (XSS) vulnerability in the Context module
before ...)
- TODO: check
+ NOT-FOR-US: Context module for drupal
CVE-2010-1583 (SQL injection vulnerability in the loadByKey function in the
...)
NOT-FOR-US: Tirzen Framework
CVE-2010-1582
@@ -4251,10 +4251,10 @@
RESERVED
CVE-2010-0404 (Multiple SQL injection vulnerabilities in phpGroupWare (phpgw)
before ...)
{DSA-2046-1}
- TODO: check
+ - phpgroupware <unfixed>
CVE-2010-0403 (Directory traversal vulnerability in about.php in phpGroupWare
(phpgw) ...)
{DSA-2046-1}
- TODO: check
+ - phpgroupware <unfixed>
CVE-2010-0402 (OpenTTD before 1.0.1 does not properly validate index values of
...)
- openttd 1.0.1-1
[lenny] - openttd <no-dsa> (Contrib not supported)
@@ -4583,9 +4583,8 @@
- zendframework 1.9.7-1
NOTE: http://framework.zend.com/security/advisory/ZF2010-01 - ZF2010-06
CVE-2010-XXXX [ZF2010-07]
- - zendframework <undetermined>
+ - zendframework 1.10.3-1
NOTE: http://framework.zend.com/security/advisory/ZF2010-07
- TODO: check
CVE-2009-4612 (Multiple cross-site scripting (XSS) vulnerabilities in the
WebApp JSP ...)
- jetty 6.1.22-1 (bug #575789)
CVE-2009-4611 (Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without
sanitizing ...)