[Secure-testing-commits] r12158 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Fri Jun 19 06:41:09 UTC 2009
Author: derevko-guest
Date: 2009-06-19 06:41:07 +0000 (Fri, 19 Jun 2009)
New Revision: 12158
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-06-18 21:14:13 UTC (rev 12157)
+++ data/CVE/list 2009-06-19 06:41:07 UTC (rev 12158)
@@ -1,29 +1,29 @@
CVE-2009-2107 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: Webmedia Explorer
CVE-2009-2106 (SQL injection vulnerability in the Virtual Civil Services (civserv) ...)
- TODO: check
+ NOT-FOR-US: Virtual Civil Services extension for TYPO3
CVE-2009-2105 (SQL injection vulnerability in the References database (t3references) ...)
- TODO: check
+ NOT-FOR-US: References database extension for TYPO3
CVE-2009-2104 (Cross-site scripting (XSS) vulnerability in the Modern Guestbook / ...)
- TODO: check
+ NOT-FOR-US: Modern Guestbook extension for TYPO3
CVE-2009-2103 (SQL injection vulnerability in the Frontend MP3 Player (fe_mp3player) ...)
- TODO: check
+ NOT-FOR-US: Frontend MP3 Player extension for TYPO3
CVE-2009-2102 (SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and ...)
- TODO: check
+ NOT-FOR-US: Jumi component for Joomla
CVE-2009-2101 (Directory traversal vulnerability in archive.php in TorrentVolve 1.4, ...)
- TODO: check
+ NOT-FOR-US: TorrentVolve
CVE-2009-2100 (Directory traversal vulnerability in the JoomlaPraise Projectfork ...)
- TODO: check
+ NOT-FOR-US: JoomlaPraise component for Joomla
CVE-2009-2099 (SQL injection vulnerability in the iJoomla RSS Feeder ...)
- TODO: check
+ NOT-FOR-US: iJoomla RSS Feeder component for Joomla
CVE-2009-2098 (SQL injection vulnerability in topicler.php in phPortal 1.0 allows ...)
- TODO: check
+ NOT-FOR-US: phPortal
CVE-2009-2097 (SQL injection vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Zoki Catalog
CVE-2009-2096 (SQL injection vulnerability in house/listing_view.php in ...)
- TODO: check
+ NOT-FOR-US: phpCollegeExchange
CVE-2009-2095 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Mundi Mail
CVE-2009-2094
RESERVED
CVE-2009-2093
@@ -47,25 +47,25 @@
CVE-2009-2084 (Simple Linux Utility for Resource Management (SLURM) 1.2 and 1.3 ...)
TODO: check
CVE-2009-2083 (Cross-site scripting (XSS) vulnerability in the term data detail page ...)
- TODO: check
+ NOT-FOR-US: Taxonomy
CVE-2009-2082 (SQL injection vulnerability in insidepage.php in Creative Web ...)
- TODO: check
+ NOT-FOR-US: Creative Web Solutions Multi-Level CMS
CVE-2009-2081 (Directory traversal vulnerability in help.php in phpWebThings 1.5.2 ...)
- TODO: check
+ NOT-FOR-US: phpWebThings
CVE-2009-2080 (admin.php in MRCGIGUY The Ticket System 2.0 does not properly restrict ...)
- TODO: check
+ NOT-FOR-US: MRCGIGUY
CVE-2009-2079 (Cross-site scripting (XSS) vulnerability in the administrative page ...)
- TODO: check
+ NOT-FOR-US: Taxonomy
CVE-2009-2078 (Multiple cross-site scripting (XSS) vulnerabilities in Booktree 5.x ...)
- TODO: check
+ NOT-FOR-US: Booktree module for drupal
CVE-2009-2077 (Drupal 6.x before 6.x-2.6, a module for Drupal, allows remote ...)
- TODO: check
+ NOT-FOR-US: Views module for Drupal
CVE-2009-2076 (Cross-site scripting (XSS) vulnerability in Views 6.x before 6.x-2.6, ...)
- TODO: check
+ NOT-FOR-US: Views module for Drupal
CVE-2009-2075 (Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for ...)
- TODO: check
+ NOT-FOR-US: Nodequeue module for Drupal
CVE-2009-2074 (Cross-site scripting (XSS) vulnerability in Nodequeue 5.x before ...)
- TODO: check
+ NOT-FOR-US: Nodequeue module for Drupal
CVE-2009-XXXX [backuppc: web frontend installed insecurely by default]
- backuppc 3.1.0-6
[lenny] - backuppc 3.1.0-4lenny1
@@ -102,7 +102,7 @@
CVE-2009-2060 (src/net/http/http_transaction_winhttp.cc in Google Chrome before ...)
- chromium-browser <itp> (bug #520324)
CVE-2009-2059 (Opera, possibly before 9.25, uses the HTTP Host header to determine ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2009-2058 (Apple Safari before 3.2.2 uses the HTTP Host header to determine the ...)
NOT-FOR-US: Apple Safari
CVE-2009-2057 (Microsoft Internet Explorer before 8 uses the HTTP Host header to ...)
@@ -219,7 +219,7 @@
CVE-2009-2012 (Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through ...)
NOT-FOR-US: OpenSolaris
CVE-2009-2011 (Worldweaver DX Studio Player 3.0.29.0, 3.0.22.0, 3.0.12.0, and ...)
- TODO: check
+ NOT-FOR-US: Worldweaver DX Studio Player
CVE-2009-2010 (Multiple SQL injection vulnerabilities in Haudenschilt Family ...)
NOT-FOR-US: Haudenschilt Family Connections CMS
CVE-2009-2009 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, ...)
@@ -829,7 +829,7 @@
TODO: file bug
NOTE: see the portions of code of #530178
CVE-2009-1761 (The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for ...)
- TODO: check
+ NOT-FOR-US: CA ARCserve Backup
CVE-2009-1760 (Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar ...)
{DSA-1815-1}
- libtorrent-rasterbar 0.14.4-1 (medium)
@@ -913,7 +913,7 @@
CVE-2009-1720
RESERVED
CVE-2009-1719 (The Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X ...)
- TODO: check
+ NOT-FOR-US: Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X
CVE-2009-1718 (WebKit in Apple Safari before 4.0 allows user-assisted remote ...)
TODO: check
CVE-2009-1717 (Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 ...)
More information about the Secure-testing-commits
mailing list