[Secure-testing-commits] r13505 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Thu Dec 10 20:34:29 UTC 2009 

Author: derevko-guest
Date: 2009-12-10 20:34:29 +0000 (Thu, 10 Dec 2009)
New Revision: 13505

Modified:
   data/CVE/list
Log:
- NFUs
- CVE-2009-4102 fixed 


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-10 16:15:16 UTC (rev 13504)
+++ data/CVE/list	2009-12-10 20:34:29 UTC (rev 13505)
@@ -35,9 +35,9 @@
 CVE-2009-4223 (PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web ...)
 	NOT-FOR-US: KR-Web
 CVE-2009-4222 (phpBazar 2.1.1fix and earlier does not require administrative ...)
-	TODO: check
+	NOT-FOR-US: phpBazar
 CVE-2009-4221 (SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and ...)
-	TODO: check
+	NOT-FOR-US: phpBazar
 CVE-2009-4220 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: PointComma
 CVE-2009-4219 (Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX ...)
@@ -55,15 +55,15 @@
 CVE-2009-4212
 	RESERVED
 CVE-2009-4211 (The U.S. Defense Information Systems Agency (DISA) Security Readiness ...)
-	TODO: check
+	NOT-FOR-US: U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script
 CVE-2009-4210
 	RESERVED
 CVE-2009-4209 (Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php ...)
-	TODO: check
+	NOT-FOR-US: moziloCMS
 CVE-2009-4208 (SQL injection vulnerability in the os_news module in Open-school (OS) ...)
-	TODO: check
+	NOT-FOR-US: Open-school
 CVE-2009-4207 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x ...)
-	TODO: check
+	NOT-FOR-US: module for Drupal
 CVE-2009-4206 (SQL injection vulnerability in admin.link.modify.php in Million Dollar ...)
 	NOT-FOR-US: Million Dollar Text Links
 CVE-2009-4205 (Directory traversal vulnerability in admin.php in Flashlight Free ...)
@@ -71,7 +71,7 @@
 CVE-2009-4204 (SQL injection vulnerability in read.php in Flashlight Free Edition ...)
 	NOT-FOR-US: Flashlight Free Edition
 CVE-2009-4203 (Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php ...)
-	TODO: check
+	NOT-FOR-US: Arab Portal
 CVE-2009-4202 (Directory traversal vulnerability in the Omilen Photo Gallery ...)
 	NOT-FOR-US: Joomla! component
 CVE-2009-4201 (Multiple stack-based buffer overflows in Mp3 Tag Assistant ...)
@@ -272,7 +272,7 @@
 CVE-2009-4103 (Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, ...)
 	NOT-FOR-US: Robo-FTP
 CVE-2009-4102 (Sage 1.4.3 and earlier extension for Firefox performs certain ...)
-	- firefox-sage <unfixed> (low; bug #559267)
+	- firefox-sage 1.4.3-3 (medium; bug #559267)
 CVE-2009-4101 (infoRSS 1.1.4.2 and earlier extension for Firefox performs certain ...)
 	NOT-FOR-US: infoRSS extension for Firefox
 CVE-2009-4100 (Yoono extension before 6.1.1 for Firefox performs certain operations ...)

More information about the Secure-testing-commits mailing list