[Secure-testing-commits] r11961 - data/CVE

Sat May 23 15:45:49 UTC 2009

Author: derevko-guest
Date: 2009-05-23 15:45:49 +0000 (Sat, 23 May 2009)
New Revision: 11961

Modified:
   data/CVE/list
Log:
- NFUs
- CVE-2009-173{2,3}: ipplan is affected


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2009-05-23 13:49:51 UTC (rev 11960)
+++ data/CVE/list	2009-05-23 15:45:49 UTC (rev 11961)
@@ -47,21 +47,21 @@
 CVE-2009-1738 (Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x before ...)
 	TODO: check
 CVE-2009-1737 (Directory traversal vulnerability in bom.php in MyPic 2.1 allows ...)
-	TODO: check
+	NOT-FOR-US: MyPic
 CVE-2009-1736 (SQL injection vulnerability in the GridSupport (GS) Ticket System ...)
-	TODO: check
+	NOT-FOR-US: GridSupport component for Joomla
 CVE-2009-1735 (Cross-site scripting (XSS) vulnerability in search.php in VidSharePro ...)
-	TODO: check
+	NOT-FOR-US: VidSharePro
 CVE-2009-1734 (SQL injection vulnerability in listing_video.php in VidSharePro allows ...)
-	TODO: check
+	NOT-FOR-US: VidSharePro
 CVE-2009-1733 (Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a allows ...)
-	TODO: check
+	- ipplan <unfixed> (low; bug #530271)
 CVE-2009-1732 (Cross-site scripting (XSS) vulnerability in admin/usermanager in IPlan ...)
-	TODO: check
+	- ipplan <unfixed> (low; bug #530271)
 CVE-2009-1731 (SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows ...)
-	TODO: check
+	NOT-FOR-US: MLFFAT
 CVE-2009-1730 (Multiple directory traversal vulnerabilities in NetMechanica ...)
-	TODO: check
+	NOT-FOR-US: NetDecision TFTP Server
 CVE-2009-1729 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
 	TODO: check
 CVE-2009-1728
@@ -165,9 +165,9 @@
 CVE-2009-1679
 	RESERVED
 CVE-2008-6813 (SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL ...)
-	TODO: check
+	NOT-FOR-US: phpWebNews
 CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 allows ...)
-	TODO: check
+	NOT-FOR-US: phpWebNews
 CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 includes places the X authority magic ...)
 	- slim <unfixed> (low; bug #529306)
 CVE-2009-1755 (Off-by-one error in the packet_read_query_section function in packet.c ...)


