[Secure-testing-commits] r14158 - data/CVE
James Strandboge
jamie-guest at alioth.debian.org
Fri Feb 26 23:57:04 UTC 2010
Author: jamie-guest
Date: 2010-02-26 23:57:03 +0000 (Fri, 26 Feb 2010)
New Revision: 14158
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-26 21:08:49 UTC (rev 14157)
+++ data/CVE/list 2010-02-26 23:57:03 UTC (rev 14158)
@@ -1,35 +1,81 @@
+CVE-2010-0725
+ NOT-FOR-US: Arab Cart
+CVE-2010-0724
+ NOT-FOR-US: Arab Cart
+CVE-2010-0723
+ NOT-FOR-US: Ero Auktion
+CVE-2010-0722
+ NOT-FOR-US: Php Auktion Pro
+CVE-2010-0721
+ NOT-FOR-US: Auktionshaus Gelb
+CVE-2010-0720
+ NOT-FOR-US: Erotik Auktionshaus
+CVE-2010-0719
+ NOT-FOR-US: Microsoft
+CVE-2010-0718
+ NOT-FOR-US: Microsoft
+CVE-2010-0716
+ NOT-FOR-US: Microsoft
+CVE-2010-0715
+ NOT-FOR-US: IBM WebSphere Portal
+CVE-2010-0714
+ NOT-FOR-US: IBM WebSphere Portal
+CVE-2010-0713
+ NOT-FOR-US: Zenoss
+CVE-2010-0712
+ NOT-FOR-US: Zenoss
+CVE-2010-0711
+ NOT-FOR-US: ASPCode CMS
+CVE-2010-0710
+ NOT-FOR-US: ASPCode CMS
+CVE-2010-0709
+ NOT-FOR-US: Limny
+CVE-2010-0708
+ NOT-FOR-US: Sun Directory Server Enterprise Edition
+CVE-2010-0707
+ NOT-FOR-US: Employee Timeclock Software
+CVE-2010-0706
+ NOT-FOR-US: Subex Nikira Fraud Management System
+CVE-2010-0705
+ NOT-FOR-US: Windows 2000
+CVE-2009-4655
+ NOT-FOR-US: Novell eDirectory
+CVE-2009-4654
+ NOT-FOR-US: Novell eDirectory
+CVE-2009-4653
+ NOT-FOR-US: Novell eDirectory
CVE-2010-0704 (Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Portal
CVE-2010-0703 (Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL ...)
- TODO: check
+ NOT-FOR-US: PortWise SSL VPN
CVE-2010-0702 (SQL injection vulnerability in cisco/services/PhonecDirectory.php in ...)
- TODO: check
+ NOT-FOR-US: Fonality Trixbox
CVE-2010-0701 (SQL injection vulnerability in ForceChangePassword.jsp in Newgen ...)
- TODO: check
+ NOT-FOR-US: Newgen Software OmniDocs
CVE-2010-0700 (Cross-site scripting (XSS) vulnerability in index.php in WampServer ...)
- TODO: check
+ NOT-FOR-US: WampServer
CVE-2010-0699 (Cross-site scripting (XSS) vulnerability in index.php in ...)
- TODO: check
+ NOT-FOR-US: VideoSearchScript Pro
CVE-2010-0698 (SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC ...)
- TODO: check
+ NOT-FOR-US: Dynamicsoft WSC CMS
CVE-2010-0697 (Cross-site scripting (XSS) vulnerability in the iTweak Upload module ...)
- TODO: check
+ NOT-FOR-US: iTweak Upload module for Drupal
CVE-2010-0696 (Directory traversal vulnerability in includes/download.php in the ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2010-0695 (Cross-site scripting (XSS) vulnerability in pages/index.php in ...)
- TODO: check
+ NOT-FOR-US: BASIC-CMS
CVE-2010-0694 (SQL injection vulnerability in the PerchaGallery (com_perchagallery) ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2010-0693 (SQL injection vulnerability in products.php in CommodityRentals Trade ...)
- TODO: check
+ NOT-FOR-US: CommodityRentals Trade Manager Script
CVE-2010-0692 (SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2010-0691 (SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows ...)
- TODO: check
+ NOT-FOR-US: JTL-Shop
CVE-2010-0690 (SQL injection vulnerability in index.php in CommodityRentals Video ...)
- TODO: check
+ NOT-FOR-US: CommodityRentals Video Games Rentals
CVE-2010-0689
- RESERVED
+ NOT-FOR-US: ActiveX
CVE-2010-0688
RESERVED
CVE-2010-0687
@@ -41,35 +87,35 @@
CVE-2010-0684
RESERVED
CVE-2010-0683
- RESERVED
+ NOT-FOR-US: TIBCO Administrator
CVE-2010-0682 (WordPress 2.9 before 2.9.2 allows remote authenticated users to read ...)
TODO: check
CVE-2010-XXXX [multiple typo issues]
- typo3-src <unfixed> (bug #571151)
CVE-2010-0681 (ZeusCMS 0.2 stores sensitive information under the web root with ...)
- TODO: check
+ NOT-FOR-US: ZeusCMS
CVE-2010-0680 (Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows ...)
- TODO: check
+ NOT-FOR-US: ZeusCMS
CVE-2010-0679 (Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ...)
- TODO: check
+ NOT-FOR-US: ActiveX
CVE-2010-0678 (PHP remote file inclusion vulnerability in includes/moderation.php in ...)
- TODO: check
+ NOT-FOR-US: Katalog Stron Hurricane
CVE-2010-0677 (SQL injection vulnerability in index.php in Katalog Stron Hurricane ...)
- TODO: check
+ NOT-FOR-US: Katalog Stron Hurricane
CVE-2010-0676 (Directory traversal vulnerability in index.php in the RWCards ...)
- TODO: check
+ NOT-FOR-US: RWCards component for Joomla!
CVE-2010-0675 (Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik ...)
- TODO: check
+ NOT-FOR-US: BGSvetionik BGS CMS
CVE-2010-0674 (StatCounteX 3.1 stores sensitive information under the web root with ...)
- TODO: check
+ NOT-FOR-US: StatCounteX
CVE-2010-0673 (SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog ...)
- TODO: check
+ NOT-FOR-US: Copperleaf Photolog plugin for WordPress
CVE-2010-0672 (SQL injection vulnerability in index.php in WSN Guest 1.02 allows ...)
- TODO: check
+ NOT-FOR-US: WSN Guest
CVE-2010-0671 (SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS ...)
- TODO: check
+ NOT-FOR-US: KR MEDIA Pogodny CMS
CVE-2010-0670 (Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) ...)
- TODO: check
+ NOT-FOR-US: IP-Tech JQuarks (com_jquarks) Component
CVE-2010-0669
RESERVED
CVE-2010-0668
@@ -81,11 +127,11 @@
CVE-2010-0665 (JAG (Just Another Guestbook) 1.14 stores sensitive information under ...)
NOT-FOR-US: JAG
CVE-2009-4651 (Multiple cross-site scripting (XSS) vulnerabilities in the Webee ...)
- TODO: check
+ NOT-FOR-US: Webee Comments component for Joomla!
CVE-2009-4650 (SQL injection vulnerability in the Webee Comments (com_webeecomment) ...)
- TODO: check
+ NOT-FOR-US: Webee Comments component for Joomla!
CVE-2009-4649 (Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 ...)
- TODO: check
+ NOT-FOR-US: geccBBlite
CVE-2009-4648 (Accellion Secure File Transfer Appliance before 8_0_105 does not ...)
NOT-FOR-US: Accellion Secure File Transfer Appliance
CVE-2009-4647 (Cross-site scripting (XSS) vulnerability in Accellion Secure File ...)
@@ -176,7 +222,7 @@
CVE-2010-0641 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: Cisco Collaboration Server
CVE-2010-0640 (Cross-site scripting (XSS) vulnerability in CA eHealth Performance ...)
- TODO: check
+ NOT-FOR-US: CA eHealth Performance Manager
CVE-2010-0639 (The htcpHandleTstRequest function in htcp.c in Squid 2.x and 3.0 ...)
TODO: check
CVE-2010-0638 (Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 ...)
@@ -246,7 +292,7 @@
CVE-2010-0621
RESERVED
CVE-2010-0620 (Directory traversal vulnerability in the SSL Service in EMC HomeBase ...)
- TODO: check
+ NOT-FOR-US: EMC HomeBase Server
CVE-2010-0619
RESERVED
CVE-2010-0618
@@ -1514,7 +1560,7 @@
CVE-2010-0190
RESERVED
CVE-2010-0189 (Unspecified vulnerability in Adobe Download Manager allows remote ...)
- TODO: check
+ NOT-FOR-US: Adobe Download Manager
CVE-2010-0188 (Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 ...)
NOT-FOR-US: Adobe Reader
CVE-2010-0187 (Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 ...)
@@ -1609,11 +1655,11 @@
CVE-2010-0149 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
NOT-FOR-US: Cisco
CVE-2010-0148 (Unspecified vulnerability in Cisco Security Agent 5.2 before ...)
- TODO: check
+ NOT-FOR-US: Cisco Security Agent
CVE-2010-0147 (SQL injection vulnerability in the Management Center for Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2010-0146 (Directory traversal vulnerability in the Management Center for Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2010-0145 (Unspecified vulnerability in the embedded HTTPS server on the Cisco ...)
NOT-FOR-US: Cisco IronPort Encryption Appliance
CVE-2010-0144 (Unspecified vulnerability in the WebSafe DistributorServlet in the ...)
@@ -1668,9 +1714,9 @@
CVE-2010-0120
RESERVED
CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, ...)
- TODO: check
+ NOT-FOR-US: Bournal
CVE-2010-0118 (Bournal before 1.4.1 allows local users to overwrite arbitrary files ...)
- TODO: check
+ NOT-FOR-US: Bournal
CVE-2010-0117
RESERVED
CVE-2010-0116
@@ -1784,7 +1830,7 @@
CVE-2010-0108 (Buffer overflow in the cliproxy.objects.1 ActiveX control in the ...)
NOT-FOR-US: Symantec AntiVirus
CVE-2010-0107 (Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2010-0106 (The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before ...)
NOT-FOR-US: Symantec AntiVirus
CVE-2010-0105
@@ -6450,7 +6496,7 @@
CVE-2008-7132 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan ...)
NOT-FOR-US: Nuked-Klan
CVE-2009-3036 (Cross-site scripting (XSS) vulnerability in the console in Symantec IM ...)
- TODO: check
+ NOT-FOR-US: Symantec IM Manager
CVE-2009-3035 (The web console in Symantec Altiris Notification Server 6.0.x before ...)
NOT-FOR-US: Symantec Altiris Notification Server
CVE-2009-3034
More information about the Secure-testing-commits
mailing list