[Secure-testing-commits] r10020 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Tue Oct 7 10:19:15 UTC 2008 

Author: white
Date: 2008-10-07 10:19:13 +0000 (Tue, 07 Oct 2008)
New Revision: 10020

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-07 09:14:11 UTC (rev 10019)
+++ data/CVE/list	2008-10-07 10:19:13 UTC (rev 10020)
@@ -1,53 +1,53 @@
 CVE-2008-4470 (Stack-based buffer overflow in Numark CUE 5.0 rev2 allows ...)
-	TODO: check
+	NOT-FOR-US: Numark
 CVE-2008-4469 (SQL injection vulnerability in view_cresume.php in Vastal I-Tech ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4468 (SQL injection vulnerability in view_news.php in Vastal I-Tech Share ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4467 (SQL injection vulnerability in show_series_ink.php in Vastal I-Tech ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4466 (SQL injection vulnerability in view_products_cat.php in Vastal I-Tech ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4465 (SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4464 (SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4463 (SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4462 (SQL injection vulnerability in view_news.php in Vastal I-Tech Visa ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4461 (SQL injection vulnerability in advanced_search_results.php in Vastal ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4460 (SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2008-4459 (SQL injection vulnerability in pick_users.php in the groups module in ...)
-	TODO: check
+	NOT-FOR-US: eXtrovert Thyme
 CVE-2008-4458 (SQL injection vulnerability in listings.php in E-Php B2B Trading ...)
-	TODO: check
+	NOT-FOR-US: E-Php B2B Trading Marketplace Script
 CVE-2008-4457 (SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal ...)
-	TODO: check
+	NOT-FOR-US: MemHT Portal
 CVE-2008-4456 (Cross-site scripting (XSS) vulnerability in the command-line client in ...)
 	TODO: check
 CVE-2008-4455 (Directory traversal vulnerability in index.php in EKINdesigns MySQL ...)
-	TODO: check
+	NOT-FOR-US: EKINdesigns MySQL Quick Admin
 CVE-2008-4454 (Directory traversal vulnerability in EKINdesigns MySQL Quick Admin ...)
-	TODO: check
+	NOT-FOR-US: EKINdesigns MySQL Quick Admin
 CVE-2008-4453 (The GdPicture (1) Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ...)
-	TODO: check
+	NOT-FOR-US: ActiveX control
 CVE-2008-4452 (Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 ...)
-	TODO: check
+	NOT-FOR-US: Cambridge Computer Corporation vxFtpSrv
 CVE-2008-4451 (The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET ...)
-	TODO: check
+	NOT-FOR-US: ESET System Analyzer Tool
 CVE-2008-4450 (Cross-site scripting (XSS) vulnerability in adodb.php in XAMPP for ...)
-	TODO: check
+	NOT-FOR-US: XAMPP
 CVE-2008-4449 (Stack-based buffer overflow in mIRC 6.34 allows remote attackers to ...)
 	TODO: check
 CVE-2008-4448 (Cross-site request forgery (CSRF) vulnerability in actions.php in ...)
-	TODO: check
+	NOT-FOR-US:  Positive Software H-Sphere WebShell
 CVE-2008-4447 (Cross-site scripting (XSS) vulnerability in actions.php in Positive ...)
-	TODO: check
+	NOT-FOR-US:  Positive Software H-Sphere WebShell
 CVE-2008-4446 (Cross-site scripting (XSS) vulnerability in Nucleus EUC-JP 3.31 SP1 ...)
-	TODO: check
+	NOT-FOR-US: Nucleus EUC-JP 
 CVE-2008-4445 (The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream ...)
 	TODO: check
 CVE-2008-4444
@@ -59,39 +59,39 @@
 CVE-2008-4441
 	RESERVED
 CVE-2008-4439 (PHP remote file inclusion vulnerability in admin/bin/patch.php in ...)
-	TODO: check
+	NOT-FOR-US: MartinWood Datafeed Studio
 CVE-2008-4438 (Cross-site scripting (XSS) vulnerability in search.php in Datafeed ...)
-	TODO: check
+	NOT-FOR-US: Datafeed Studio
 CVE-2008-4437 (Directory traversal vulnerability in importxml.pl in Bugzilla before ...)
 	TODO: check
 CVE-2008-4436 (SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog ...)
-	TODO: check
+	NOT-FOR-US: bBlog
 CVE-2008-4435 (Multiple cross-site scripting (XSS) vulnerabilities in the RMSOFT ...)
-	TODO: check
+	NOT-FOR-US:  RMSOFT Downloads Plus 
 CVE-2008-4434 (Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and ...)
 	TODO: check
 CVE-2008-4433 (SQL injection vulnerability in search.php in the RMSOFT MiniShop ...)
-	TODO: check
+	NOT-FOR-US: RMSOFT MiniShop (xoops)
 CVE-2008-4432 (Cross-site scripting (XSS) vulnerability in search.php in the RMSOFT ...)
-	TODO: check
+	NOT-FOR-US: RMSOFT MiniShop (xoops)
 CVE-2008-4431 (SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and ...)
-	TODO: check
+	NOT-FOR-US: IceBB
 CVE-2008-4430 (The MagnatuneBrowser::listDownloadComplete function in ...)
 	TODO: check
 CVE-2008-4429 (Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 ...)
-	TODO: check
+	NOT-FOR-US: SOURCENEXT Virus Security ZERO
 CVE-2008-4428 (Unrestricted file upload vulnerability in upload.php in Phlatline's ...)
-	TODO: check
+	NOT-FOR-US: Phlatline's Personal Information Manager
 CVE-2008-4427 (changepassword.php in Phlatline's Personal Information Manager (pPIM) ...)
-	TODO: check
+	NOT-FOR-US: Phlatline's Personal Information Manager
 CVE-2008-4426 (Cross-site scripting (XSS) vulnerability in events.php in Phlatline's ...)
-	TODO: check
+	NOT-FOR-US: Phlatline's Personal Information Manager
 CVE-2008-4425 (Directory traversal vulnerability in upload.php in Phlatline's ...)
-	TODO: check
+	NOT-FOR-US: Phlatline's Personal Information Manager
 CVE-2008-4424 (Cross-site scripting (XSS) vulnerability in index.php in Domain Group ...)
-	TODO: check
+	NOT-FOR-US: Domain Group Network GooCMS
 CVE-2008-4423 (SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows ...)
-	TODO: check
+	NOT-FOR-US: Ovidentia
 CVE-2008-4422
 	RESERVED
 CVE-2008-4421
@@ -127,9 +127,9 @@
 CVE-2008-4404 (The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM ...)
 	TODO: check
 CVE-2008-4403 (The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2008-4402 (Multiple buffer overflows in CGI modules in the server in Trend Micro ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2008-4408 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0, ...)
 	- mediawiki <unfixed> (low; bug #501115)
 CVE-2008-XXXX [ibackup: insecure temp files]

More information about the Secure-testing-commits mailing list