[Secure-testing-commits] r9729 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Wed Sep 3 09:44:58 UTC 2008 

Author: white
Date: 2008-09-03 09:44:56 +0000 (Wed, 03 Sep 2008)
New Revision: 9729

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-09-02 21:14:29 UTC (rev 9728)
+++ data/CVE/list	2008-09-03 09:44:56 UTC (rev 9729)
@@ -1,13 +1,13 @@
 CVE-2008-3888 (SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 ...)
-	TODO: check
+	NOT-FOR-US: Mini-NUKE Freehost
 CVE-2008-3887 (Multiple SQL injection vulnerabilities in index.php in dotProject ...)
-	TODO: check
+	NOT-FOR-US: dotProject
 CVE-2008-3886 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
-	TODO: check
+	NOT-FOR-US: dotProject
 CVE-2008-3885 (Cross-site request forgery (CSRF) vulnerability in Blogn (BURO GUN) ...)
-	TODO: check
+	NOT-FOR-US: Blogn
 CVE-2008-3884 (Cross-site scripting (XSS) vulnerability in Blogn (BURO GUN) 1.9.7 and ...)
-	TODO: check
+	NOT-FOR-US: Blogn
 CVE-2008-3883 (configvar in Caudium 1.4.12 allows local users to overwrite arbitrary ...)
 	TODO: check
 CVE-2008-3882 (ZoneMinder 1.23.3 and earlier allows remote attackers to execute ...)
@@ -17,17 +17,17 @@
 CVE-2008-3880 (SQL injection vulnerability in zm_html_view_event.php in ZoneMinder ...)
 	TODO: check
 CVE-2008-3879 (The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 ...)
-	TODO: check
+	NOT-FOR-US: ActiveX control in OfficeCtrl.ocx
 CVE-2008-3878 (Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control ...)
-	TODO: check
+	NOT-FOR-US: ActiveX control in OfficeCtrl.ocx
 CVE-2008-3877 (Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 ...)
-	TODO: check
+	NOT-FOR-US: Acoustica Mixcraft
 CVE-2008-3876 (Apple iPhone 2.0.2, in some configurations, allows physically ...)
-	TODO: check
+	NOT-FOR-US: Apple iPhone
 CVE-2008-3875 (The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris 8
 CVE-2008-3874 (Cross-site scripting (XSS) vulnerability in account.php in Lussumo ...)
-	TODO: check
+	NOT-FOR-US: Lussumo Vanilla
 CVE-2008-3873 (The System.setClipboard method in Adobe Flash Player allows remote ...)
 	TODO: check
 CVE-2008-3872
@@ -53,41 +53,41 @@
 CVE-2008-3862
 	RESERVED
 CVE-2008-3861 (Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and ...)
-	TODO: check
+	NOT-FOR-US: phpMyRealty
 CVE-2008-3860 (Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG ...)
 	TODO: check
 CVE-2008-3859 (Davlin Thickbox Gallery 2 allows remote attackers to obtain the ...)
-	TODO: check
+	NOT-FOR-US: Davlin Thickbox Gallery
 CVE-2008-3858 (The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-3857 (The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-3856 (The routine infrastructure component in IBM DB2 9.1 before Fixpak 5 on ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-3855 (Unspecified vulnerability in the DB2 Administration Server (DAS) in ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-3854 (Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-3853 (Buffer overflow in the DAS server program in the Core DAS function ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-3852 (Unspecified vulnerability in the CLR stored procedure deployment from ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-3851 (Multiple directory traversal vulnerabilities in Pluck CMS 4.5.2 on ...)
-	TODO: check
+	NOT-FOR-US: Pluck CMS
 CVE-2008-3850 (Cross-site scripting (XSS) vulnerability in Accellion File Transfer ...)
-	TODO: check
+	NOT-FOR-US: Accellion File Transfer
 CVE-2008-3849 (Cross-site scripting (XSS) vulnerability in the calendar controller in ...)
-	TODO: check
+	NOT-FOR-US: Civic Website Manager
 CVE-2008-3848 (SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Z-Breaknews
 CVE-2008-3847 (Multiple cross-site scripting (XSS) vulnerabilities in AN Guestbook ...)
 	TODO: check
 CVE-2008-3846 (Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and ...)
-	TODO: check
+	NOT-FOR-US: mysql-lists
 CVE-2008-3845 (Multiple SQL injection vulnerabilities in Crafty Syntax Live Help ...)
-	TODO: check
+	NOT-FOR-US: Crafty Syntax Live Help
 CVE-2003-1564 (libxml2, possibly before 2.5.0, does not properly detect recursion ...)
-	TODO: check
+	NOT-FOR-US: Old CVE id
 CVE-2008-XXXX [nfdump vulnerable to symlink attacks]
 	- nfdump <unfixed> (bug #497452)
 CVE-2008-3889 [postfix local DoS]

More information about the Secure-testing-commits mailing list