[Secure-testing-commits] r9700 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Sat Aug 30 05:49:19 UTC 2008 

Author: white
Date: 2008-08-30 05:49:18 +0000 (Sat, 30 Aug 2008)
New Revision: 9700

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-08-29 20:06:28 UTC (rev 9699)
+++ data/CVE/list	2008-08-30 05:49:18 UTC (rev 9700)
@@ -3,9 +3,9 @@
 CVE-2008-3844 (Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, ...)
 	NOT-FOR-US: Red Hat services issue
 CVE-2008-3843 (Request Validation (aka the ValidateRequest filters) in ASP.NET in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET Framework
 CVE-2008-3842 (Request Validation (aka the ValidateRequest filters) in ASP.NET in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET Framework
 CVE-2008-3841 (Cross-site scripting (XSS) vulnerability in admin/search_links.php in ...)
 	NOT-FOR-US: Freeway eCommerce
 CVE-2008-3840 (Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in ...)
@@ -107,67 +107,68 @@
 CVE-2008-3791
 	RESERVED
 CVE-2008-3788 (Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, ...)
-	TODO: check
+	NOT-FOR-US: PICTURESPRO Photo Cart 3.9
 CVE-2008-3787 (SQL injection vulnerability in listing_view.php in Web Directory ...)
-	TODO: check
+	NOT-FOR-US: Web Directory Script 
 CVE-2008-3786 (Cross-site scripting (XSS) vulnerability in index.php in PICTURESPRO ...)
-	TODO: check
+	NOT-FOR-US: PICTURESPRO Photo Cart 3.9
 CVE-2008-3785 (Multiple SQL injection vulnerabilities in the com_content component in ...)
-	TODO: check
+	NOT-FOR-US: MiaCMS
 CVE-2008-3784 (SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and ...)
-	TODO: check
+	NOT-FOR-US: BtiTracker
 CVE-2008-3783 (Multiple SQL injection vulnerabilities in index.php in Matterdaddy ...)
-	TODO: check
+	NOT-FOR-US: Matterdaddy Market
 CVE-2008-3782 (Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php ...)
-	TODO: check
+	NOT-FOR-US: ACG-PTP
 CVE-2008-3781 (Cross-site scripting (XSS) vulnerability in GMOD GBrowse before 1.69 ...)
-	TODO: check
+	NOT-FOR-US: GMOD GBrowse
 CVE-2008-3780 (SQL injection vulnerability in recommend.php in Five Star Review ...)
-	TODO: check
+	NOT-FOR-US: Five Star Review Script 
 CVE-2008-3779 (Cross-site scripting (XSS) vulnerability in search/index.php in Five ...)
-	TODO: check
+	NOT-FOR-US: Five Star Review Script 
 CVE-2008-3778 (The remote management interface in SIP Enablement Services (SES) ...)
-	TODO: check
+	NOT-FOR-US: Avaya SIP Enablement Services
 CVE-2008-3777 (The SIP Enablement Services (SES) Server in Avaya SIP Enablement ...)
-	TODO: check
+	NOT-FOR-US: Avaya SIP Enablement Services
 CVE-2008-3776 (Directory traversal vulnerability in Fujitsu Web-Based Admin View ...)
-	TODO: check
+	NOT-FOR-US: Fujitsu Web-Based Admin View 
 CVE-2008-3775 (Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the ...)
-	TODO: check
+	NOT-FOR-US: Folder Lock
 CVE-2008-3774 (SQL injection vulnerability in index.php in Simasy CMS allows remote ...)
-	TODO: check
+	NOT-FOR-US: Simasy CMS
 CVE-2008-3773 (Cross-site scripting (XSS) vulnerability in vBulletin 3.7.2 PL1 and ...)
-	TODO: check
+	NOT-FOR-US: vBulletin
 CVE-2008-3772 (SQL injection vulnerability in categories_portal.php in Pars4u ...)
-	TODO: check
+	NOT-FOR-US:  Pars4u Videosharing
 CVE-2008-3771 (Cross-site scripting (XSS) vulnerability in members.php in Pars4u ...)
-	TODO: check
+	NOT-FOR-US:  Pars4u Videosharing
 CVE-2008-3770 (Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, ...)
-	TODO: check
+	NOT-FOR-US: Freeway
 CVE-2008-3769 (PHP remote file inclusion vulnerability in admin/create_order_new.php ...)
-	TODO: check
+	NOT-FOR-US: Freeway
 CVE-2008-3768 (Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey ...)
-	TODO: check
+	NOT-FOR-US: Turnkey Web Tools SunShop Shopping Cart 
 CVE-2008-3767 (SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows ...)
-	TODO: check
+	NOT-FOR-US: phpBazar
 CVE-2008-3766 (Realtime Internet Band Rehearsal Low-Latency (Internet) Connection ...)
-	TODO: check
+	NOT-FOR-US: Realtime Internet Band Rehearsal Low-Latency (Internet) Connection tool (llcon)
 CVE-2008-3765 (SQL injection vulnerability in code.php in Quick Poll Script allows ...)
-	TODO: check
+	NOT-FOR-US: Quick Poll Script
 CVE-2008-3764 (Eval injection vulnerability in chat.php in Turnkey PHP Live Helper ...)
-	TODO: check
+	NOT-FOR-US: Turnkey PHP Live Helper
 CVE-2008-3763 (Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live ...)
-	TODO: check
+	NOT-FOR-US: Turnkey PHP Live Helper
 CVE-2008-3762 (SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP ...)
-	TODO: check
+	NOT-FOR-US: Turnkey PHP Live Helper
 CVE-2008-3761 (hcmon.sys in VMware Workstation 6.0.0.45731 uses the METHOD_NEITHER ...)
-	TODO: check
+	NOT-FOR-US: VMware Workstation
+	NOTE: we only share a package to build VMware
 CVE-2008-3760 (Cross-site request forgery (CSRF) vulnerability in the sign-out page ...)
-	TODO: check
+	NOT-FOR-US: Vanilla
 CVE-2008-3759 (Cross-site request forgery (CSRF) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Vanilla
 CVE-2008-3758 (Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla ...)
-	TODO: check
+	NOT-FOR-US: Vanilla
 CVE-2008-3757 (SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix ...)
 	NOT-FOR-US: YourFreeWorld
 CVE-2008-3756 (SQL injection vulnerability in tr.php in YourFreeWorld Viral Marketing ...)

More information about the Secure-testing-commits mailing list