[Secure-testing-commits] r11291 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Sun Mar 1 09:39:24 UTC 2009 

Author: white
Date: 2009-03-01 09:39:24 +0000 (Sun, 01 Mar 2009)
New Revision: 11291

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-03-01 09:14:12 UTC (rev 11290)
+++ data/CVE/list	2009-03-01 09:39:24 UTC (rev 11291)
@@ -260,89 +260,89 @@
 CVE-2008-6255 (Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote ...)
 	NOT-FOR-US: vBulletin
 CVE-2008-6254 (SQL injection vulnerability in scripts/documents.php in Jadu Galaxies ...)
-	TODO: check
+	NOT-FOR-US: Jadu Galaxies
 CVE-2008-6253 (Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in ...)
 	TODO: check
 CVE-2008-6252 (Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 ...)
-	TODO: check
+	NOT-FOR-US: smcFanControl
 CVE-2008-6251 (PHP remote file inclusion vulnerability in includes/init.php in phpFan ...)
-	TODO: check
+	NOT-FOR-US: phpFan
 CVE-2008-6250 (SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Comdev Web Blogger
 CVE-2008-6249 (SQL injection vulnerability in plugins/users/index.php in Galatolo ...)
-	TODO: check
+	NOT-FOR-US: Galatolo WebManager
 CVE-2008-6248 (Cross-site scripting (XSS) vulnerability in all.php in Galatolo ...)
-	TODO: check
+	NOT-FOR-US: Galatolo WebManager
 CVE-2008-6247 (SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) ...)
-	TODO: check
+	NOT-FOR-US: Scripts For Sites 
 CVE-2008-6246 (SQL injection vulnerability in category.php in Scripts For Sites (SFS) ...)
-	TODO: check
+	NOT-FOR-US: Scripts For Sites 
 CVE-2008-6245 (SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ ...)
-	TODO: check
+	NOT-FOR-US: Scripts For Sites 
 CVE-2008-6244 (SQL injection vulnerability in view_reviews.php in Scripts for Sites ...)
-	TODO: check
+	NOT-FOR-US: Scripts For Sites 
 CVE-2008-6243 (SQL injection vulnerability in showcategory.php in Scripts For Sites ...)
-	TODO: check
+	NOT-FOR-US: Scripts For Sites 
 CVE-2008-6242 (SQL injection vulnerability in SearchResults.php in Scripts For Sites ...)
-	TODO: check
+	NOT-FOR-US: Scripts For Sites 
 CVE-2008-6241 (Multiple SQL injection vulnerabilities in admin/usercheck.php in ...)
-	TODO: check
+	NOT-FOR-US: FlexPHPSite
 CVE-2008-6240 (Cross-site scripting (XSS) vulnerability in data/views/index.html in ...)
-	TODO: check
+	NOT-FOR-US: OpenEdit Digital Asset Management
 CVE-2008-6239 (Cross-site request forgery (CSRF) vulnerability in OpenEdit Digital ...)
-	TODO: check
+	NOT-FOR-US: OpenEdit Digital Asset Management
 CVE-2008-6238 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: OpenEdit Digital Asset Management
 CVE-2008-6237 (SQL injection vulnerability in software-description.php in Scripts For ...)
-	TODO: check
+	NOT-FOR-US: Scripts For Sites 
 CVE-2008-6236 (SQL injection vulnerability in login.php in Simple Document Management ...)
-	TODO: check
+	NOT-FOR-US: Simple Document Management System
 CVE-2008-6235 (The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted ...)
 	TODO: check
 CVE-2008-6234 (SQL injection vulnerability in the com_musica module in Joomla! and ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2008-6233 (SQL injection vulnerability in index.php in Five Dollar Scripts Drinks ...)
-	TODO: check
+	NOT-FOR-US: Five Dollar Scripts Drinks script
 CVE-2008-6232 (Pre Shopping Mall allows remote attackers to bypass authentication and ...)
-	TODO: check
+	NOT-FOR-US: Pre Shopping Mall
 CVE-2008-6231 (Pre Classified Listing PHP allows remote attackers to bypass ...)
-	TODO: check
+	NOT-FOR-US: Pre Classified Listing PHP
 CVE-2008-6230 (SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast ...)
-	TODO: check
+	NOT-FOR-US: Pre Projects Pre Podcast Portal
 CVE-2008-6229 (Cross-site scripting (XSS) vulnerability in the administrative ...)
 	TODO: check
 CVE-2008-6228 (Pre Multi-Vendor Shopping Malls allows remote attackers to bypass ...)
-	TODO: check
+	NOT-FOR-US: Pre Multi-Vendor Shopping Malls
 CVE-2008-6227 (SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor ...)
-	TODO: check
+	NOT-FOR-US: Pre Multi-Vendor Shopping Malls 
 CVE-2008-6226 (SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto ...)
-	TODO: check
+	NOT-FOR-US: Pre Projects PHP Auto Listings Script
 CVE-2008-6225 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: Mole Group Airline Ticket Sale Script
 CVE-2008-6224 (Directory traversal vulnerability in visualizza.php in Way Of The ...)
-	TODO: check
+	NOT-FOR-US: Way Of The Warrior
 CVE-2008-6223 (PHP remote file inclusion vulnerability in visualizza.php in Way Of ...)
-	TODO: check
+	NOT-FOR-US: Way Of The Warrior
 CVE-2008-6222 (Directory traversal vulnerability in the Pro Desk Support Center ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2008-6221 (PHP remote file inclusion vulnerability in config.dadamail.php in the ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2008-6220 (SQL injection vulnerability in login.php in Simple Document Management ...)
-	TODO: check
+	NOT-FOR-US: Simple Document Management System
 CVE-2008-6219 (nsrexecd.exe in multiple EMC Networker products including EMC ...)
-	TODO: check
+	NOT-FOR-US: EMC Networker products
 CVE-2008-6218 (Memory leak in the png_handle_tEXt function in pngrutil.c in libpng ...)
 	TODO: check
 CVE-2008-6217 (Cross-site scripting (XSS) vulnerability in index.php in Extrakt ...)
-	TODO: check
+	NOT-FOR-US: Extrakt Framework
 CVE-2008-6216 (SQL injection vulnerability in cadena_ofertas_ext.php in Venalsur ...)
-	TODO: check
+	NOT-FOR-US: Venalsur Booking center Booking System
 CVE-2008-6215 (Cross-site scripting (XSS) vulnerability in cadena_ofertas_ext.php in ...)
-	TODO: check
+	NOT-FOR-US: Venalsur Booking center Booking System
 CVE-2008-6214 (SQL injection vulnerability in poll_results.php in Harlandscripts Pro ...)
-	TODO: check
+	NOT-FOR-US: Harlandscripts Pro Traffic One
 CVE-2008-6213 (SQL injection vulnerability in mypage.php in Harlandscripts Pro ...)
-	TODO: check
+	NOT-FOR-US: Harlandscripts Pro Traffic One
 CVE-2009-XXXX [thunar: potential exploits via  application launchers]
 	- thunar <unfixed> (bug #517020; low)
 	NOTE: CVE needs to be requested

More information about the Secure-testing-commits mailing list