[Secure-testing-commits] r13504 - data/CVE

Raphael Geissert geissert at alioth.debian.org
Thu Dec 10 16:15:16 UTC 2009 

Author: geissert
Date: 2009-12-10 16:15:16 +0000 (Thu, 10 Dec 2009)
New Revision: 13504

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-09 21:14:22 UTC (rev 13503)
+++ data/CVE/list	2009-12-10 16:15:16 UTC (rev 13504)
@@ -1,23 +1,23 @@
 CVE-2009-4236 (The process function in ...)
-	TODO: check
+	NOT-FOR-US: EC-CUBE
 CVE-2009-4235 (acpid 1.0.4 sets an unrestrictive umask, which might allow local users ...)
 	TODO: check
 CVE-2009-4234 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Micronet Network Access Controller
 CVE-2009-4233 (Cross-site scripting (XSS) vulnerability in modules/mod_yj_whois.php ...)
-	TODO: check
+	NOT-FOR-US: Joomla! component
 CVE-2009-4232 (The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not ...)
-	TODO: check
+	NOT-FOR-US: Joomla! component
 CVE-2009-4231 (Directory traversal vulnerability in as/lib/plugins.php in SweetRice ...)
-	TODO: check
+	NOT-FOR-US: SweetRice
 CVE-2009-4230 (Multiple stack-based buffer overflows in src/Task.cc in the FastCGI ...)
 	TODO: check
 CVE-2009-4229 (Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active ...)
 	TODO: check
 CVE-2009-4226 (Race condition in the IP module in the kernel in Sun OpenSolaris ...)
-	TODO: check
+	NOT-FOR-US: OpenSolaris kernel
 CVE-2009-4225 (Stack-based buffer overflow in the PestPatrol ActiveX control ...)
-	TODO: check
+	NOT-FOR-US: PestPatrol
 CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and ...)
 	- xfig <unfixed>
 	TODO: check
@@ -31,25 +31,25 @@
 	TODO: report bug, check affected versions
 	NOTE: http://www.exploit-db.com/exploits/10338
 CVE-2009-4224 (Multiple PHP remote file inclusion vulnerabilities in SweetRice 0.5.4, ...)
-	TODO: check
+	NOT-FOR-US: SweetRice
 CVE-2009-4223 (PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web ...)
-	TODO: check
+	NOT-FOR-US: KR-Web
 CVE-2009-4222 (phpBazar 2.1.1fix and earlier does not require administrative ...)
 	TODO: check
 CVE-2009-4221 (SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and ...)
 	TODO: check
 CVE-2009-4220 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: PointComma
 CVE-2009-4219 (Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX ...)
-	TODO: check
+	NOT-FOR-US: Haihaisoft Universal Player
 CVE-2009-4218 (Multiple SQL injection vulnerabilities in files/login.asp in JiRo's ...)
-	TODO: check
+	NOT-FOR-US: JiRo's Banner System eXperience (JBSX)
 CVE-2009-4217 (SQL injection vulnerability in the Itamar Elharar MusicGallery ...)
-	TODO: check
+	NOT-FOR-US: Joomla! component
 CVE-2009-4216 (Directory traversal vulnerability in funzioni/lib/menulast.php in ...)
-	TODO: check
+	NOT-FOR-US: klinza
 CVE-2009-4215 (Panda Global Protection 2010, Internet Security 2010, and Antivirus ...)
-	TODO: check
+	NOT-FOR-US: Panda
 CVE-2009-4213
 	RESERVED
 CVE-2009-4212
@@ -65,23 +65,23 @@
 CVE-2009-4207 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x ...)
 	TODO: check
 CVE-2009-4206 (SQL injection vulnerability in admin.link.modify.php in Million Dollar ...)
-	TODO: check
+	NOT-FOR-US: Million Dollar Text Links
 CVE-2009-4205 (Directory traversal vulnerability in admin.php in Flashlight Free ...)
-	TODO: check
+	NOT-FOR-US: Flashlight Free Edition
 CVE-2009-4204 (SQL injection vulnerability in read.php in Flashlight Free Edition ...)
-	TODO: check
+	NOT-FOR-US: Flashlight Free Edition
 CVE-2009-4203 (Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php ...)
 	TODO: check
 CVE-2009-4202 (Directory traversal vulnerability in the Omilen Photo Gallery ...)
-	TODO: check
+	NOT-FOR-US: Joomla! component
 CVE-2009-4201 (Multiple stack-based buffer overflows in Mp3 Tag Assistant ...)
-	TODO: check
+	NOT-FOR-US: Mp3 Tag Assistant Professional
 CVE-2009-4200 (SQL injection vulnerability in the Seminar (com_seminar) component ...)
-	TODO: check
+	NOT-FOR-US: Joomla! component
 CVE-2009-4199 (Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos ...)
-	TODO: check
+	NOT-FOR-US: Joomla! component
 CVE-2009-4198 (SQL injection vulnerability in my_orders.php in MyMiniBill allows ...)
-	TODO: check
+	NOT-FOR-US: MyMiniBill
 CVE-2009-4197 (rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware ...)
 	NOT-FOR-US: Huawei MT882 V100R002B020
 CVE-2009-4196 (Multiple cross-site scripting (XSS) vulnerabilities in multiple ...)

More information about the Secure-testing-commits mailing list