[Secure-testing-commits] r10170 - data/CVE

Sun, 26 Oct 2008 15:56:35 -0700 

Author: fw
Date: 2008-10-26 22:56:29 +0000 (Sun, 26 Oct 2008)
New Revision: 10170

Modified:
   data/CVE/list
Log:
NFUs
CVE-2008-4639: jhead

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2008-10-26 21:14:14 UTC (rev 10169)
+++ data/CVE/list       2008-10-26 22:56:29 UTC (rev 10170)
@@ -159,7 +159,7 @@
 CVE-2008-4665 (SQL injection vulnerability in PG Matchmaking allows remote 
attackers ...)
        TODO: check
 CVE-2008-4664 (Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX 
control ...)
-       TODO: check
+       NOT-FOR-US: QvodInsert
 CVE-2008-4663 (Cross-site scripting (XSS) vulnerability in analysis.cgi 1.44, 
as used ...)
        TODO: check
 CVE-2008-4662 (Directory traversal vulnerability in admin.php in LokiCMS 
0.3.4, when ...)
@@ -187,11 +187,11 @@
 CVE-2008-4650 (SQL injection vulnerability in viewevent.php in myEvent 1.6 
allows ...)
        TODO: check
 CVE-2008-4649 (Session fixation vulnerability in Elxis CMS 2008.1 revision 
2204 ...)
-       TODO: check
+       NOT-FOR-US: Elxis
 CVE-2008-4648 (Cross-site scripting (XSS) vulnerability in index.php in Elxis 
CMS ...)
-       TODO: check
+       NOT-FOR-US: Elxis
 CVE-2008-4647 (SQL injection vulnerability in index.php in sweetCMS 1.5.2 
allows ...)
-       TODO: check
+       NOT-FOR-US: sweetCMS
 CVE-2008-4646 (The Websense Reporter Module in Websense Enterprise 6.3.2 
stores the ...)
        NOT-FOR-US: Websense Enterprise
 CVE-2008-4645 (plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and 
earlier ...)
@@ -207,7 +207,7 @@
 CVE-2008-4640 (The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 
and ...)
        TODO: check
 CVE-2008-4639 (jhead.c in Matthias Wandel jhead before 2.84 allows local users 
to ...)
-       TODO: check
+       - jhead 2.84-1 (low)
 CVE-2008-4638 (qioadmin in the Quick I/O for Database feature in Symantec 
Veritas ...)
        NOT-FOR-US: Symantec VxFS
 CVE-2008-4637 (Cross-site scripting (XSS) vulnerability in cpCommerce before 
1.2.4 ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to