[Secure-testing-commits] r11399 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Sat Mar 14 13:33:43 UTC 2009 

Author: white
Date: 2009-03-14 13:33:42 +0000 (Sat, 14 Mar 2009)
New Revision: 11399

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-03-14 11:50:56 UTC (rev 11398)
+++ data/CVE/list	2009-03-14 13:33:42 UTC (rev 11399)
@@ -73,71 +73,71 @@
 CVE-2009-0836 (Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2008-6450 (Cross-site scripting (XSS) vulnerability in Under Construction, Baby ...)
-	TODO: check
+	NOT-FOR-US: Under Construction, Baby
 CVE-2008-6449 (Cross-site request forgery (CSRF) vulnerability in multiple Century ...)
-	TODO: check
+	NOT-FOR-US: Century Systems routers
 CVE-2008-6448 (Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC ...)
 	TODO: check
 CVE-2008-6447 (Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail ...)
 	NOT-FOR-US: QuikSoft EasyMail
 CVE-2008-6446 (Static code injection vulnerability in the Guestbook component in CMS ...)
-	TODO: check
+	NOT-FOR-US: CMS MAXSITE
 CVE-2008-6445 (Unspecified vulnerability in YourPlace before 1.0.1 has unknown impact ...)
-	TODO: check
+	NOT-FOR-US: YourPlace
 CVE-2008-6444 (Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might ...)
 	NOT-FOR-US: Baidu Hi IM
 CVE-2008-6443 (SQL injection vulnerability in forum_duzen.php in phpKF allows remote ...)
-	TODO: check
+	NOT-FOR-US: phpKF
 CVE-2008-6442 (Insecure method vulnerability in Sina Inc. DLoader Class ActiveX ...)
 	NOT-FOR-US: Sina Inc. DLoader Class ActiveX
 CVE-2008-6441 (Format string vulnerability in the Epic Games Unreal engine client, as ...)
-	TODO: check
+	NOT-FOR-US: Epic Games Unreal engine client
 CVE-2008-6440 (Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Cerberus Helpdesk
 CVE-2008-6439 (Cross-site scripting (XSS) vulnerability in search_results.php in ...)
-	TODO: check
+	NOT-FOR-US: ABK-Soft AbleDating
 CVE-2008-6438 (SQL injection vulnerability in macgurublog_menu/macgurublog.php in the ...)
-	TODO: check
+	NOT-FOR-US: MacGuru BLOG Engine
 CVE-2008-6437 (Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeForum ...)
-	TODO: check
+	NOT-FOR-US: PHPFreeForum
 CVE-2008-6436 (Cross-site scripting (XSS) vulnerability in the Web Server in Xerox ...)
-	TODO: check
+	NOT-FOR-US: Xerox WorkCentre
 CVE-2008-6435 (Multiple cross-site scripting (XSS) vulnerabilities in phpSQLiteCMS 1 ...)
-	TODO: check
+	NOT-FOR-US: phpSQLiteCMS
 CVE-2008-6434 (SQL injection vulnerability in index.cfm in Blue River Interactive ...)
-	TODO: check
+	NOT-FOR-US: Blue River Interactive Group Sava CMS
 CVE-2008-6433 (Cross-site scripting (XSS) vulnerability in index.cfm in Blue River ...)
-	TODO: check
+	NOT-FOR-US: Blue River Interactive Group Sava CMS
 CVE-2008-6431 (Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 ...)
-	TODO: check
+	NOT-FOR-US: BMForum
 CVE-2008-6430 (SQL injection vulnerability in the MyContent (com_mycontent) component ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2008-6429 (SQL injection vulnerability in the PrayerCenter (com_prayercenter) ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2008-6428 (The CGI framework in Kaya 0.4.0 allows remote attackers to inject ...)
 	TODO: check
 CVE-2008-6427 (SQL injection vulnerability in index.php in Hivemaker Professional ...)
-	TODO: check
+	NOT-FOR-US: Hivemaker Professional
 CVE-2008-6425 (SQL injection vulnerability in news.php in ComicShout 2.8 allows ...)
-	TODO: check
+	NOT-FOR-US: ComicShout
 CVE-2008-6424 (Directory traversal vulnerability in FFFTP 1.96b allows remote FTP ...)
-	TODO: check
+	NOT-FOR-US: FFFTP
 CVE-2008-6423 (Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 ...)
-	TODO: check
+	NOT-FOR-US: PassWiki
 CVE-2008-6422 (Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and ...)
-	TODO: check
+	NOT-FOR-US: PsychoStats
 CVE-2008-6421 (PHP remote file inclusion vulnerability in social_game_play.php in ...)
-	TODO: check
+	NOT-FOR-US: Social Site Generator
 CVE-2008-6420 (Social Site Generator (SSG) 2.0 allows remote attackers to read ...)
-	TODO: check
+	NOT-FOR-US: Social Site Generator
 CVE-2008-6419 (Multiple SQL injection vulnerabilities in Social Site Generator (SSG) ...)
-	TODO: check
+	NOT-FOR-US: Social Site Generator
 CVE-2008-6418 (SQL injection vulnerability in scrape.php in TorrentTrader before ...)
-	TODO: check
+	NOT-FOR-US: TorrentTrader
 CVE-2008-6417 (Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows ...)
-	TODO: check
+	NOT-FOR-US: GreenSQL-Console
 CVE-2008-6416 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: GreenSQL-Console
 CVE-2009-0854 (Untrusted search path vulnerability in dash 0.5.4, when used as a ...)
 	- dash <not-affected> (Debian uses upstream's patch to implement -l)
 CVE-2009-0835 (The __secure_computing function in kernel/seccomp.c in the seccomp ...)

More information about the Secure-testing-commits mailing list