diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-01-10 12:06:54 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-01-10 12:06:54 +0100 |
commit | 4f1cbe13998097d54cc0714e3e87d0e9d6a74e40 (patch) | |
tree | 1cabee1de330f06ea7ac37113f66aff06f33a7ff | |
parent | cf2bc9926aa7d42c2ec438380d50e54e40937100 (diff) |
"new" thttpd issue
NFUs
-rw-r--r-- | data/CVE/2007.list | 2 | ||||
-rw-r--r-- | data/CVE/2012.list | 10 | ||||
-rw-r--r-- | data/CVE/2014.list | 6 |
3 files changed, 9 insertions, 9 deletions
diff --git a/data/CVE/2007.list b/data/CVE/2007.list index fb3b5cee72..ced826a602 100644 --- a/data/CVE/2007.list +++ b/data/CVE/2007.list @@ -15663,7 +15663,7 @@ CVE-2007-0159 (Directory traversal vulnerability in the GeoIP_update_database_ge - geoip 1.3.17-1.1 (bug #406628; low) [sarge] - geoip <no-dsa> (Minor issue) CVE-2007-0158 (thttpd 2007 has buffer underflow. ...) - TODO: check + - thttpd <removed> CVE-2007-0157 (Array index error in the uri_lookup function in the URI parser for neo ...) - neon26 0.26.2-3.1 (medium; bug #404723) NOTE: neon25 doesn't have the uri_lookup macro diff --git a/data/CVE/2012.list b/data/CVE/2012.list index 898395cd56..d0b058a553 100644 --- a/data/CVE/2012.list +++ b/data/CVE/2012.list @@ -2980,7 +2980,7 @@ CVE-2012-5560 (The default configuration in mate-settings-daemon 1.5.3 allows lo CVE-2012-5559 (Cross-site scripting (XSS) vulnerability in the page manager node view ...) NOT-FOR-US: Drupal chaos tool addon CVE-2012-5558 (Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x ...) - TODO: check + NOT-FOR-US: Drupal contributed-module CVE-2012-5557 (The User Read-Only module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7. ...) NOT-FOR-US: Drupal contributed-module CVE-2012-5556 (Multiple cross-site request forgery (CSRF) vulnerabilities in the REST ...) @@ -13392,13 +13392,13 @@ CVE-2012-1262 (Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard. {DSA-2423-1} - movabletype-opensource 5.1.3+dfsg-1 CVE-2012-1261 (Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusion ...) - TODO: check + NOT-FOR-US: Plixer CVE-2012-1260 (Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in P ...) - TODO: check + NOT-FOR-US: Plixer CVE-2012-1259 (Multiple SQL injection vulnerabilities in Plixer International Scrutin ...) - TODO: check + NOT-FOR-US: Plixer CVE-2012-1258 (cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & ...) - TODO: check + NOT-FOR-US: Plixer CVE-2012-1257 (Pidgin 2.10.0 uses DBUS for certain cleartext communication, which all ...) - pidgin <unfixed> (unimportant) NOTE: Negligible local information disclosure diff --git a/data/CVE/2014.list b/data/CVE/2014.list index f2a7aa819e..ede5d32c8e 100644 --- a/data/CVE/2014.list +++ b/data/CVE/2014.list @@ -1339,7 +1339,7 @@ CVE-2014-9910 (An elevation of privilege vulnerability in the Broadcom Wi-Fi dri CVE-2014-9909 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...) NOT-FOR-US: Android Broadcom driver CVE-2014-9908 (A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0. ...) - TODO: check + NOT-FOR-US: Android CVE-2014-9907 (coders/dds.c in ImageMagick allows remote attackers to cause a denial ...) {DSA-3652-1 DLA-731-1} - imagemagick 8:6.9.6.2+dfsg-2 (bug #832942) @@ -8795,7 +8795,7 @@ CVE-2014-7259 (SQUARE ENIX Co., Ltd. Kaku-San-Sei Million Arthur before 2.25 for CVE-2014-7258 (Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 a ...) NOT-FOR-US: KENT-WEB CLip Board CVE-2014-7257 (SQL injection vulnerability in DBD::PgPP 0.05 and earlier ...) - TODO: check + NOT-FOR-US: DBD::PgPP CVE-2014-7256 (The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking Int ...) NOT-FOR-US: SEIL Routers CVE-2014-7255 (Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 throug ...) @@ -18768,7 +18768,7 @@ CVE-2014-3213 CVE-2014-3212 RESERVED CVE-2014-3211 (Publify before 8.0.1 is vulnerable to a Denial of Service attack ...) - TODO: check + NOT-FOR-US: Publify CVE-2014-3210 (SQL injection vulnerability in dopbs-backend-forms.php in the Booking ...) NOT-FOR-US: WordPress plugin Booking System CVE-2014-3208 |