diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-03 21:35:00 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-03 21:35:00 +0100 |
commit | b4d8cc46a8c63a0db2b033fc09fd36c269c62f70 (patch) | |
tree | 44f7ae9da77d3ed68d1897e1a3eaa010756fff27 | |
parent | f63edb09032dd19937dedf3feb08f16001f7d82c (diff) |
Associate several oder NFUs for phplist with the respective itp bug
-rw-r--r-- | data/CVE/2005.list | 10 | ||||
-rw-r--r-- | data/CVE/2006.list | 10 | ||||
-rw-r--r-- | data/CVE/2008.list | 2 | ||||
-rw-r--r-- | data/CVE/2009.list | 2 | ||||
-rw-r--r-- | data/CVE/2011.list | 4 | ||||
-rw-r--r-- | data/CVE/2012.list | 14 |
6 files changed, 21 insertions, 21 deletions
diff --git a/data/CVE/2005.list b/data/CVE/2005.list index db3010a72a..e76382d7e9 100644 --- a/data/CVE/2005.list +++ b/data/CVE/2005.list @@ -3025,11 +3025,11 @@ CVE-2005-3559 (Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 CVE-2005-3558 (PHP file inclusion vulnerability in index.php in OSTE 1.0 allows remot ...) NOT-FOR-US: OSTE CVE-2005-3557 (Directory traversal vulnerability in admin/defaults.php in PHPlist 2.1 ...) - NOT-FOR-US: PHPList + - phplist <itp> (bug #612288) CVE-2005-3556 (Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 ...) - NOT-FOR-US: PHPList + - phplist <itp> (bug #612288) CVE-2005-3555 (Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and earlier a ...) - NOT-FOR-US: PHPList + - phplist <itp> (bug #612288) CVE-2005-3554 (Multiple eval injection vulnerabilities in the help function in PHPKIT ...) NOT-FOR-US: PHPKIT CVE-2005-3553 (Multiple SQL injection vulnerabilities in include.php in PHPKIT 1.6.1 ...) @@ -5914,9 +5914,9 @@ CVE-2005-2435 (Cross-site scripting (XSS) vulnerability in browse.php in Website CVE-2005-2434 (Linksys WRT54G router uses the same private key and certificate for ev ...) NOT-FOR-US: Linksys hardware CVE-2005-2433 (PhpList allows remote attackers to obtain sensitive information via a ...) - NOT-FOR-US: PhpList + - phplist <itp> (bug #612288) CVE-2005-2432 (SQL injection vulnerability in PhpList allows remote attackers to modi ...) - NOT-FOR-US: PhpList + - phplist <itp> (bug #612288) CVE-2005-2431 (The (1) lost password and (2) account pending features in GForge 4.5 d ...) - gforge 4.5.14-2 (bug #328224; unimportant) NOTE: Direct flooding is possible as well in most circumstances. diff --git a/data/CVE/2006.list b/data/CVE/2006.list index 4f4710966f..cef1eacf1a 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -3862,7 +3862,7 @@ CVE-2006-5526 (Multiple PHP remote file inclusion vulnerabilities in Teake Nutma CVE-2006-5525 (Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and ...) NOT-FOR-US: PHP-Nuke CVE-2006-5524 (Cross-site scripting (XSS) vulnerability in index.php in phplist 2.10. ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2006-5523 (PHP remote file inclusion vulnerability in common.php in EZ-Ticket 0.0 ...) NOT-FOR-US: EZ-Ticket CVE-2006-5522 (Multiple PHP remote file inclusion vulnerabilities in Johannes Erdfelt ...) @@ -4325,9 +4325,9 @@ CVE-2006-5324 (The Web Services Notification (WSN) security component of IBM Web CVE-2006-5323 (Unspecified vulnerability in IBM WebSphere Application Server before 6 ...) NOT-FOR-US: IBM WebSphere CVE-2006-5322 (Multiple SQL injection vulnerabilities in phplist before 2.10.3 allow ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2006-5321 (Multiple cross-site scripting (XSS) vulnerabilities in phplist before ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2006-5320 (Directory traversal vulnerability in getimg.php in Album Photo Sans No ...) NOT-FOR-US: Album Photo Sans Nom CVE-2006-5319 (Directory traversal vulnerability in redir.php in Foafgen 0.3 allows r ...) @@ -4381,7 +4381,7 @@ CVE-2006-5297 (Race condition in the safe_open function in the Mutt mail client CVE-2006-5296 (PowerPoint in Microsoft Office 2003 does not properly handle a contain ...) NOT-FOR-US: Microsoft CVE-2006-5294 (Cross-site scripting (XSS) vulnerability in index.php in phplist befor ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2006-5293 (Cross-site scripting (XSS) vulnerability in index.php in PhpOutsourcin ...) NOT-FOR-US: PhpOutsourcing Noah's Classifieds CVE-2006-5292 (PHP remote file inclusion vulnerability in photo_comment.php in Exhibi ...) @@ -12417,7 +12417,7 @@ CVE-2006-1748 (Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allow CVE-2006-1747 (PHP remote file inclusion vulnerability in Virtual War (VWar) 1.5.0 al ...) NOT-FOR-US: Virtual War CVE-2006-1746 (Directory traversal vulnerability in PHPList 2.10.2 and earlier allows ...) - NOT-FOR-US: PHPList + - phplist <itp> (bug #612288) CVE-2006-1745 (Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 ...) NOT-FOR-US: Bitweaver CVE-2006-1743 (Multiple SQL injection vulnerabilities in form.php in JBook 1.4 allow ...) diff --git a/data/CVE/2008.list b/data/CVE/2008.list index 72df031c20..d0b9017dcc 100644 --- a/data/CVE/2008.list +++ b/data/CVE/2008.list @@ -3075,7 +3075,7 @@ CVE-2008-5889 (Cross-site scripting (XSS) vulnerability in user.asp in Click& CVE-2008-5888 (Multiple SQL injection vulnerabilities in Click&Rank allow remote ...) NOT-FOR-US: Click&Rank CVE-2008-5887 (phplist before 2.10.8 allows remote attackers to include files via unk ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2008-5886 (TAKempis Discussion Web 4.0 stores sensitive information under the web ...) NOT-FOR-US: TAKempis Discussion Web CVE-2008-5885 (The Net Guys ASPired2Quote stores sensitive information under the web ...) diff --git a/data/CVE/2009.list b/data/CVE/2009.list index 3bbf15c711..e4f275c961 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -12548,7 +12548,7 @@ CVE-2009-0424 (Cross-site scripting (XSS) vulnerability in sign1.php in AN Guest CVE-2009-0423 (Directory traversal vulnerability in index.php in Php Photo Album (PHP ...) NOT-FOR-US: Php Photo Album CVE-2009-0422 (Dynamic variable evaluation vulnerability in lists/admin.php in phpLis ...) - NOT-FOR-US: phpList + - phplist <itp> (bug #612288) CVE-2009-0421 (SQL injection vulnerability in the Eventing (com_eventing) 1.6.x compo ...) NOT-FOR-US: Joomla! CVE-2009-0420 (SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable ...) diff --git a/data/CVE/2011.list b/data/CVE/2011.list index 6fb69e7bcc..f3ca78c2c7 100644 --- a/data/CVE/2011.list +++ b/data/CVE/2011.list @@ -9593,7 +9593,7 @@ CVE-2011-1685 (Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc throu CVE-2011-1683 (IBM WebSphere Application Server (WAS) 6.0.x through 6.0.2.43, 6.1.x b ...) NOT-FOR-US: IBM WebSphere Application Server CVE-2011-1682 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpList ...) - NOT-FOR-US: phpList + - phplist <itp> (bug #612288) CVE-2011-1684 (Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4. ...) {DSA-2218-1} - vlc 1.1.8-3 (medium) @@ -12215,7 +12215,7 @@ CVE-2011-0750 CVE-2011-0749 RESERVED CVE-2011-0748 (Multiple cross-site request forgery (CSRF) vulnerabilities in phpList ...) - NOT-FOR-US: phpList + - phplist <itp> (bug #612288) CVE-2011-0747 RESERVED CVE-2011-0746 (Cross-site request forgery (CSRF) vulnerability in Forms/PortForwardin ...) diff --git a/data/CVE/2012.list b/data/CVE/2012.list index 7c06510ba3..46e58a1527 100644 --- a/data/CVE/2012.list +++ b/data/CVE/2012.list @@ -3745,7 +3745,7 @@ CVE-2012-5230 (Unspecified vulnerability in the JE Story Submit (com_jesubmit) c CVE-2012-5229 (Cross-site scripting (XSS) vulnerability in css/gallery-css.php in the ...) NOT-FOR-US: WP Gallery2 CVE-2012-5228 (Cross-site scripting (XSS) vulnerability in admin/index.php in phplist ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2012-5227 (SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2. ...) NOT-FOR-US: Peel Shopping CVE-2012-5226 (Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2 ...) @@ -6067,9 +6067,9 @@ CVE-2012-4249 (The Amazon Lab126 com.lab126.system sendEvent implementation on t CVE-2012-4248 (The Amazon Kindle Touch before 5.1.2 does not properly restrict access ...) NOT-FOR-US: Kindle Touch CVE-2012-4247 (Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/ind ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2012-4246 (Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/ind ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2012-4245 (The scriptfu network server in GIMP 2.6 does not require authenticatio ...) - gimp <unfixed> (unimportant) NOTE: The interface isn't designed or advertised to be secure, this is hardly a security issue in practice @@ -6941,9 +6941,9 @@ CVE-2012-3954 (Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 - isc-dhcp 4.2.4-2 (bug #686174) [wheezy] - isc-dhcp 4.2.2.dfsg.1-5+deb70u1 CVE-2012-3953 (SQL injection vulnerability in admin/index.php in phpList before 2.10. ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2012-3952 (Cross-site scripting (XSS) vulnerability in admin/index.php in phpList ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2012-3951 (The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutini ...) NOT-FOR-US: Plixer Scrutinizer CVE-2012-3950 (The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 throug ...) @@ -9892,9 +9892,9 @@ CVE-2012-2742 (Revelation 0.4.13-2 and earlier uses only the first 32 characters [squeeze] - revelation <no-dsa> (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2012/06/18/1 CVE-2012-2741 (Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ i ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2012-2740 (SQL injection vulnerability in public_html/lists/admin in phpList befo ...) - NOT-FOR-US: phplist + - phplist <itp> (bug #612288) CVE-2012-2739 (Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 an ...) - openjdk-6 <removed> (unimportant) - openjdk-7 <removed> (unimportant) |