[Secure-testing-commits] r11023 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Fri Jan 23 02:49:58 UTC 2009 

Author: white
Date: 2009-01-23 02:49:57 +0000 (Fri, 23 Jan 2009)
New Revision: 11023

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-01-22 21:14:12 UTC (rev 11022)
+++ data/CVE/list	2009-01-23 02:49:57 UTC (rev 11023)
@@ -1,19 +1,19 @@
 CVE-2009-0245 (Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS ...)
-	TODO: check
+	NOT-FOR-US: Usagi Project MyNETS
 CVE-2009-0244 (Directory traversal vulnerability in the OBEX FTP Service in the ...)
-	TODO: check
+	NOT-FOR-US: Microsoft product
 CVE-2009-0243 (Microsoft Windows does not properly enforce the Autorun and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft product
 CVE-2008-5947 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: YapBB
 CVE-2008-5946 (SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2008-5945 (Nukeviet 2.0 Beta allows remote attackers to bypass authentication and ...)
-	TODO: check
+	NOT-FOR-US: Nukeviet
 CVE-2008-5944 (Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 ...)
-	TODO: check
+	NOT-FOR-US: NavBoard
 CVE-2008-5943 (Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) ...)
-	TODO: check
+	NOT-FOR-US: NavBoard
 CVE-2008-5942 (Multiple cross-site scripting (XSS) vulnerabilities in MODx before ...)
 	TODO: check
 CVE-2008-5941 (Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and ...)
@@ -21,43 +21,43 @@
 CVE-2008-5940 (SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, ...)
 	TODO: check
 CVE-2008-5939 (Cross-site scripting (XSS) vulnerability in index.php in MODx CMS ...)
-	TODO: check
+	NOT-FOR-US: MODx CMS
 CVE-2008-5938 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: MODx CMS
 CVE-2008-5937 (AyeView 2.20 allows user-assisted attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: AyeView
 CVE-2008-5936 (front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: mini-pub
 CVE-2008-5935 (Facto stores sensitive information under the web root with ...)
 	TODO: check
 CVE-2008-5934 (SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows ...)
-	TODO: check
+	NOT-FOR-US: CMS ISWEB
 CVE-2008-5933 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
-	TODO: check
+	NOT-FOR-US: CMS ISWEB
 CVE-2008-5932 (CodeAvalanche FreeForum stores sensitive information under the web ...)
-	TODO: check
+	NOT-FOR-US: CodeAvalanche FreeForum
 CVE-2008-5931 (The Net Guys ASPired2Blog stores sensitive information under the web ...)
-	TODO: check
+	NOT-FOR-US: ASPired2Blog
 CVE-2008-5930 (SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ...)
-	TODO: check
+	NOT-FOR-US: ASPired2Blog
 CVE-2008-5929 (VP-ASP Shopping Cart 6.50 stores sensitive information under the web ...)
-	TODO: check
+	NOT-FOR-US: VP-ASP Shopping Cart
 CVE-2008-5928 (SQL injection vulnerability in redir.php in Free Links Directory ...)
-	TODO: check
+	NOT-FOR-US: Free Links Directory Script
 CVE-2008-5927 (Multiple SQL injection vulnerabilities in admin/usercheck.php in ...)
-	TODO: check
+	NOT-FOR-US: FlexPHPNews
 CVE-2008-5926 (Multiple SQL injection vulnerabilities in login.asp in ASP-DEv ...)
-	TODO: check
+	NOT-FOR-US: ASP-DEv
 CVE-2008-5925 (ASP-DEv XM Events Diary stores sensitive information under the web ...)
-	TODO: check
+	NOT-FOR-US: ASP-DEv
 CVE-2008-5924 (SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events ...)
-	TODO: check
+	NOT-FOR-US: ASP-DEv
 CVE-2008-5923 (SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary ...)
-	TODO: check
+	NOT-FOR-US: ASP-DEv
 CVE-2008-5922 (Multiple PHP remote file inclusion vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: Cant Find A Gaming CMS
 CVE-2008-5921 (SQL injection vulnerability in albums.php in Umer Inc Songs Portal ...)
-	TODO: check
+	NOT-FOR-US: Umer Inc Songs Portal
 CVE-2009-XXXX [multiple security issues in typo3-src]
 	- typo3-src 4.2.4-1 (medium)
 	NOTE: http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
@@ -192,15 +192,15 @@
 CVE-2009-0179 (libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other ...)
 	TODO: check
 CVE-2009-0178 (Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 ...)
-	TODO: check
+	NOT-FOR-US: IBM Hardware Management Console
 CVE-2009-0177 (vmwarebase.dll, as used in the vmware-authd service (aka ...)
 	NOT-FOR-US: vmware-authd
 CVE-2009-0176 (Multiple heap-based buffer overflows in the PDF distiller in the ...)
 	NOT-FOR-US: Attachment Service in Research in Motion
 CVE-2009-0175 (Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 ...)
-	TODO: check
+	NOT-FOR-US: Heathco Software MP3 TrackMaker
 CVE-2009-0174 (Stack-based buffer overflow in VUPlayer 2.49 allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: VUPlayer
 CVE-2008-5920 (The create_anchors function in utils.inc in WebSVN 1.x allows remote ...)
 	- websvn <not-affected>
 	[etch] - websvn 1.61-21 (bug #503330)

More information about the Secure-testing-commits mailing list