[Secure-testing-commits] r13448 - data/CVE

Steffen Joeris white at alioth.debian.org
Fri Dec 4 09:06:39 UTC 2009 

Author: white
Date: 2009-12-04 09:06:35 +0000 (Fri, 04 Dec 2009)
New Revision: 13448

Modified:
   data/CVE/list
Log:
Some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-04 02:29:41 UTC (rev 13447)
+++ data/CVE/list	2009-12-04 09:06:35 UTC (rev 13448)
@@ -1,13 +1,13 @@
 CVE-2009-4175 (CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote ...)
-	TODO: check
+	NOT-FOR-US: CuteNews
 CVE-2009-4174 (The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews ...)
-	TODO: check
+	NOT-FOR-US: CuteNews
 CVE-2009-4173 (Cross-site request forgery (CSRF) vulnerability in CutePHP CuteNews ...)
-	TODO: check
+	NOT-FOR-US: CuteNews
 CVE-2009-4172 (Cross-site scripting (XSS) vulnerability in index.php in CutePHP ...)
-	TODO: check
+	NOT-FOR-US: CuteNews
 CVE-2009-4171 (An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger ...)
-	TODO: check
+	NOT-FOR-US: ActiveX
 CVE-2009-4170 (WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, ...)
 	TODO: check
 CVE-2009-4169 (Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the ...)
@@ -35,21 +35,21 @@
 CVE-2009-4158 (SQL injection vulnerability in the Calendar Base (cal) extension ...)
 	TODO: check
 CVE-2009-4157 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2009-4156 (PHP remote file inclusion vulnerability in modules/pms/index.php in ...)
-	TODO: check
+	NOT-FOR-US: Ciamos CMS
 CVE-2009-4155 (Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow remote ...)
-	TODO: check
+	NOT-FOR-US: Eshopbuilde
 CVE-2009-4154 (Directory traversal vulnerability in includes/feedcreator.class.php in ...)
-	TODO: check
+	NOT-FOR-US: Elxis CMS
 CVE-2009-4153 (Unspecified vulnerability in the XMLAccess component in IBM WebSphere ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-4152 (Cross-site scripting (XSS) vulnerability in the Collaboration ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-4151 (Session fixation vulnerability in html/Elements/SetupSessionCookie in ...)
 	TODO: check
 CVE-2009-4150 (dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2009-4149
 	RESERVED
 CVE-2009-4148

More information about the Secure-testing-commits mailing list