[Secure-testing-commits] r5757 - data/CVE

Tue May 1 11:04:10 UTC 2007

Author: fw
Date: 2007-05-01 11:04:07 +0000 (Tue, 01 May 2007)
New Revision: 5757

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2007-05-01 10:18:48 UTC (rev 5756)
+++ data/CVE/list	2007-05-01 11:04:07 UTC (rev 5757)
@@ -27,17 +27,17 @@
 CVE-2007-2318 (Multiple format string vulnerabilities in FileZilla before 2.2.32 ...)
 	TODO: check
 CVE-2007-2317 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...)
-	TODO: check
+	NOT-FOR-US: MiniBB
 CVE-2007-2316 (Unspecified vulnerability in the admin script in Open Business ...)
 	TODO: check
 CVE-2007-2315 (MiniShare 1.5.4, and possibly earlier, allows remote attackers to ...)
 	TODO: check
 CVE-2007-2314 (Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly ...)
-	TODO: check
+	NOT-FOR-US: Crea-Book
 CVE-2007-2313 (PHP remote file inclusion vulnerability in getinfo1.php in the ...)
 	TODO: check
 CVE-2007-2312 (Multiple SQL injection vulnerabilities in the Virtual War (VWar) 1.5.0 ...)
-	TODO: check
+	NOT-FOR-US: Virtual War (VWar)
 CVE-2007-2311 (** DISPUTED ** ...)
 	TODO: check
 CVE-2007-2310 (Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php ...)
@@ -49,13 +49,13 @@
 CVE-2007-2307 (PHP remote file inclusion vulnerability in engine/engine.inc.php in ...)
 	TODO: check
 CVE-2007-2306 (Multiple cross-site scripting (XSS) vulnerabilities in the Virtual War ...)
-	TODO: check
+	NOT-FOR-US: Virtual War (VWar)
 CVE-2007-2305 (Multiple SQL injection vulnerabilities in authenticate.php in Quick ...)
 	TODO: check
 CVE-2007-2304 (Multiple directory traversal vulnerabilities in Quick and Dirty Blog ...)
 	TODO: check
 CVE-2007-2303 (Directory traversal vulnerability in includes/footer.php in News ...)
-	TODO: check
+	NOT-FOR-US: NMDeluxe
 CVE-2007-2302 (PHP remote file inclusion vulnerability in autoindex.php in Expow 0.8 ...)
 	TODO: check
 CVE-2007-2301 (Multiple PHP remote file inclusion vulnerabilities in audioCMS arash ...)
@@ -63,15 +63,15 @@
 CVE-2007-2300 (Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto ...)
 	TODO: check
 CVE-2007-2299 (Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier ...)
-	TODO: check
+	NOT-FOR-US: CMS Frogss
 CVE-2007-2298 (Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 ...)
 	TODO: check
 CVE-2007-2297 (The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x ...)
 	TODO: check
 CVE-2007-2296 (Integer overflow in the FlipFileTypeAtom_BtoN function in Apple ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2007-2295 (Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2007-2294 (The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 ...)
 	TODO: check
 CVE-2007-2293 (Multiple stack-based buffer overflows in the process_sdp function in ...)
@@ -79,25 +79,25 @@
 CVE-2007-2292 (CRLF injection vulnerability in the Digest Authentication in Mozilla ...)
 	TODO: check
 CVE-2007-2291 (CRLF injection vulnerability in the Digest Authentication in Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-2290 (Multiple PHP remote file inclusion vulnerabilities in B2 Weblog and ...)
 	TODO: check
 CVE-2007-2289 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Download-Engine
 CVE-2007-2288 (PHP remote file inclusion vulnerability in info.php in Doruk100.net ...)
 	TODO: check
 CVE-2007-2287 (PHP remote file inclusion vulnerability in accept.php in comus 2.0 ...)
 	TODO: check
 CVE-2007-2286 (PHP remote file inclusion vulnerability in config.php in Built2Go PHP ...)
-	TODO: check
+	NOT-FOR-US: Built2Go
 CVE-2007-2285 (Directory traversal vulnerability in examples/layout/feed-proxy.php in ...)
 	TODO: check
 CVE-2007-2284 (Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote ...)
-	TODO: check
+	NOT-FOR-US: ABC-View Manager
 CVE-2007-2283 (Buffer overflow in Fresh View 7.15 allows user-assisted remote ...)
-	TODO: check
+	NOT-FOR-US: Fresh View
 CVE-2007-2282 (Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-2281
 	RESERVED
 CVE-2007-2280
@@ -105,31 +105,31 @@
 CVE-2007-2279
 	RESERVED
 CVE-2007-2278 (Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 ...)
-	TODO: check
+	NOT-FOR-US: DCP-Portal
 CVE-2007-2277 (Session fixation vulnerability in Plogger allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Plogger
 CVE-2007-2276 (3Com TippingPoint IPS allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: TippingPoint IPS
 CVE-2007-2275 (Unspecified vulnerability in HP StorageWorks Command View Advanced ...)
-	TODO: check
+	NOT-FOR-US: HP StorageWorks
 CVE-2007-2274 (The BitTorrent implementation in Opera 9.2 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2007-2273 (PHP remote file inclusion vulnerability in include/loading.php in ...)
 	TODO: check
 CVE-2007-2272 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Advanced Webhost Billing System
 CVE-2007-2271 (Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS ...)
 	TODO: check
 CVE-2007-2270 (The Linksys SPA941 VoIP Phone allows remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2007-2269 (Directory traversal vulnerability in top.php3 in SWsoft Plesk for ...)
-	TODO: check
+	NOT-FOR-US: Plesk
 CVE-2007-2268 (Multiple directory traversal vulnerabilities in SWsoft Plesk for ...)
-	TODO: check
+	NOT-FOR-US: Plesk
 CVE-2007-2267 (Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 ...)
-	TODO: check
+	NOT-FOR-US: Sun Cluster
 CVE-2007-2266 (Progress Webspeed Messenger allows remote attackers to read, create, ...)
-	TODO: check
+	NOT-FOR-US: Progress Webspeed Messenger
 CVE-2007-2265 (Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows ...)
 	TODO: check
 CVE-2007-2264
@@ -143,7 +143,7 @@
 CVE-2007-2262 (Multiple PHP remote file inclusion vulnerabilities in ...)
 	TODO: check
 CVE-2007-2261 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: C-Arbre
 CVE-2007-2260 (Multiple PHP remote file inclusion vulnerabilities in bibtex mase beta ...)
 	TODO: check
 CVE-2007-2259 (SQL injection vulnerability in forum.php in EsForum 3.0 allows remote ...)
@@ -155,25 +155,25 @@
 CVE-2007-2256 (Cross-site scripting (XSS) vulnerability in you.php in TJSChat 0.95 ...)
 	TODO: check
 CVE-2007-2255 (Multiple PHP remote file inclusion vulnerabilities in Download-Engine ...)
-	TODO: check
+	NOT-FOR-US: Download-Engine
 CVE-2007-2254 (PHP remote file inclusion vulnerability in admin/setup/level2.php in ...)
-	TODO: check
+	NOT-FOR-US: PHP Classifieds
 CVE-2007-2253 (Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Exponent CMS
 CVE-2007-2252 (Directory traversal vulnerability in iconspopup.php in Exponent CMS ...)
-	TODO: check
+	NOT-FOR-US: Exponent CMS
 CVE-2007-2251 (Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and ...)
-	TODO: check
+	NOT-FOR-US: Xaraya
 CVE-2007-2250 (admin.php in Phorum before 5.1.22 allows remote attackers to obtain ...)
-	TODO: check
+	NOT-FOR-US: Phorum
 CVE-2007-2249 (include/controlcenter/users.php in Phorum before 5.1.22 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Phorum
 CVE-2007-2248 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in ...)
-	TODO: check
+	NOT-FOR-US: Phorum
 CVE-2007-2247 (SQL injection vulnerability in modules/news/article.php in phpMySpace ...)
 	TODO: check
 CVE-2007-2246 (Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running ...)
-	TODO: check
+	NOT-FOR-US: HP-UX
 CVE-2007-2245 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
 	TODO: check
 CVE-2007-2244 (Multiple buffer overflows in Adobe Photoshop CS2 and CS3 allow ...)
@@ -197,11 +197,11 @@
 CVE-2007-2237
 	RESERVED
 CVE-2007-2236 (footer.php in PunBB 1.2.14 and earlier allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: PunBB
 CVE-2007-2235 (Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 ...)
-	TODO: check
+	NOT-FOR-US: PunBB
 CVE-2007-2234 (include/common.php in PunBB 1.2.14 and earlier does not properly ...)
-	TODO: check
+	NOT-FOR-US: PunBB
 CVE-2007-2233 (cosign-bin/cosign.cgi in Cosign 2.0.2 and earlier allows remote ...)
 	NOT-FOR-US: CoSign
 CVE-2007-2232 (The CHECK command in Cosign 2.0.1 and earlier allows remote attackers ...)
@@ -244,9 +244,9 @@
 CVE-2007-2214 (Unrestricted file upload vulnerability in includes/upload_file.php in ...)
 	TODO: check
 CVE-2007-2213 (Unspecified vulnerability in the Initialize function in ...)
-	TODO: check
+	NOT-FOR-US: WS_FTP
 CVE-2007-2212 (Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka ...)
-	TODO: check
+	NOT-FOR-US: MyBB (aka MyBulletinBoard)
 CVE-2007-2211 (SQL injection vulnerability in calendar.php in MyBB (aka ...)
 	TODO: check
 CVE-2007-2210 (A certain ActiveX control in askPopStp.dll in Netsprint Ask IE Toolbar ...)


