[Secure-testing-commits] r13756 - data/CVE

Thu Jan 7 21:35:07 UTC 2010

Author: geissert
Date: 2010-01-07 21:35:07 +0000 (Thu, 07 Jan 2010)
New Revision: 13756

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-01-07 21:25:17 UTC (rev 13755)
+++ data/CVE/list	2010-01-07 21:35:07 UTC (rev 13756)
@@ -121,9 +121,9 @@
 CVE-2010-0159
 	RESERVED
 CVE-2010-0158 (SQL injection vulnerability in the JoomlaBamboo (JB) Simpla Admin ...)
-	TODO: check
+	NOT-FOR-US: JoomlaBamboo (JB) Simpla Admin template
 CVE-2010-0157 (Directory traversal vulnerability in the Bible Study (com_biblestudy) ...)
-	TODO: check
+	NOT-FOR-US: component for Joomla!
 CVE-2010-0156
 	RESERVED
 CVE-2010-0155
@@ -207,55 +207,55 @@
 CVE-2010-0116
 	RESERVED
 CVE-2009-4585 (UranyumSoft Listing Service stores sensitive information under the web ...)
-	TODO: check
+	NOT-FOR-US: UranyumSoft Listing Service
 CVE-2009-4584 (admin.php in dB Masters Multimedia Links Directory 3.1.3 allows remote ...)
-	TODO: check
+	NOT-FOR-US: dB Masters Multimedia Links Directory
 CVE-2009-4583 (SQL injection vulnerability in the DhForum (com_dhforum) component for ...)
-	TODO: check
+	NOT-FOR-US: component for Joomla!
 CVE-2009-4582 (SQL injection vulnerability in detail.php in the Dictionary module for ...)
-	TODO: check
+	NOT-FOR-US: XOOPS module
 CVE-2009-4581 (Directory traversal vulnerability in modules/admincp.php in ...)
-	TODO: check
+	NOT-FOR-US: RoseOnlineCMS
 CVE-2009-4580 (Multiple cross-site scripting (XSS) vulnerabilities in Hasta Blog 2.3 ...)
-	TODO: check
+	NOT-FOR-US: Hasta Blog
 CVE-2009-4579 (Cross-site scripting (XSS) vulnerability in the Artist avenue ...)
-	TODO: check
+	NOT-FOR-US: component for Joomla!
 CVE-2009-4578 (Cross-site scripting (XSS) vulnerability in the Facileforms ...)
-	TODO: check
+	NOT-FOR-US: component for Joomla!
 CVE-2009-4577 (SQL injection vulnerability in the MDForum module 2.x through 2.07 for ...)
-	TODO: check
+	NOT-FOR-US: MDForum module for MAXdev MDPro
 CVE-2009-4576 (SQL injection vulnerability in the BeeHeard (com_beeheard) component ...)
-	TODO: check
+	NOT-FOR-US: component for Joomla!
 CVE-2009-4575 (Cross-site scripting (XSS) vulnerability in the Q-Personel ...)
-	TODO: check
+	NOT-FOR-US: component for Joomla!
 CVE-2009-4574 (SQL injection vulnerability in country_escorts.php in I-Escorts ...)
-	TODO: check
+	NOT-FOR-US: I-Escorts Directory Script
 CVE-2009-4573 (Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus ...)
-	TODO: check
+	NOT-FOR-US: component for Joomla!
 CVE-2009-4572 (Cross-site request forgery (CSRF) vulnerability in PhpShop 0.8.1 ...)
-	TODO: check
+	NOT-FOR-US: PhpShop
 CVE-2009-4571 (Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 ...)
-	TODO: check
+	NOT-FOR-US: PhpShop
 CVE-2009-4570 (Cross-site scripting (XSS) vulnerability in PhpShop 0.8.1 allows ...)
-	TODO: check
+	NOT-FOR-US: PhpShop
 CVE-2009-4569 (SQL injection vulnerability in elkagroup Image Gallery allows remote ...)
 	TODO: check
 CVE-2009-4568 (Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and ...)
-	TODO: check
+	- webmin <itp> (bug #377948)
 CVE-2009-4567 (Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php ...)
-	TODO: check
+	NOT-FOR-US: Viscacha
 CVE-2009-4566 (SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows ...)
-	TODO: check
+	NOT-FOR-US: Zenphoto
 CVE-2009-4564 (SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ...)
-	TODO: check
+	NOT-FOR-US: Zenphoto
 CVE-2009-4563 (Cross-site request forgery (CSRF) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Zenphoto
 CVE-2009-4562 (Cross-site scripting (XSS) vulnerability in zp-core/admin.php in ...)
-	TODO: check
+	NOT-FOR-US: Zenphoto
 CVE-2009-4561 (Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague ...)
-	TODO: check
+	NOT-FOR-US: WebLeague
 CVE-2009-4560 (SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows ...)
-	TODO: check
+	NOT-FOR-US: WebLeague
 CVE-2009-4559 (Cross-site scripting (XSS) vulnerability in the Submitted By module ...)
 	TODO: check
 CVE-2009-4558 (The Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before ...)
@@ -263,21 +263,21 @@
 CVE-2009-4557 (Cross-site scripting (XSS) vulnerability in the Image Assist module ...)
 	TODO: check
 CVE-2009-4556 (Quick Heal AntiVirus Plus 2009 10.00 SP1 and Quick Heal Total Security ...)
-	TODO: check
+	NOT-FOR-US: Quick Heal products
 CVE-2009-4555 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: AgoraCart
 CVE-2009-4554 (Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums ...)
-	TODO: check
+	NOT-FOR-US: Snitz Forums
 CVE-2009-4553 (Stack-based buffer overflow in iRehearse allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: iRehearse
 CVE-2009-4552 (Cross-site scripting (XSS) vulnerability in the Survey Pro module for ...)
-	TODO: check
+	NOT-FOR-US: module for Miniweb
 CVE-2009-4551 (SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 ...)
-	TODO: check
+	NOT-FOR-US: module for Miniweb
 CVE-2009-4550 (SQL injection vulnerability in the Kunena Forum (com_kunena) component ...)
-	TODO: check
+	NOT-FOR-US: component for Joomla!
 CVE-2009-4549 (Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote ...)
-	TODO: check
+	NOT-FOR-US: A2 Media Player Pro
 CVE-2009-4548 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk ...)
 	TODO: check
 CVE-2009-4547 (Multiple cross-site scripting (XSS) vulnerabilities in ViArt CMS 3.x ...)
@@ -479,7 +479,7 @@
 CVE-2009-4476 (Stack-based buffer overflow in HAURI ViRobot Desktop 5.5 before ...)
 	NOT-FOR-US: HAURI ViRobot Desktop
 CVE-2009-4475 (SQL injection vulnerability in the Joomlub (com_joomlub) component for ...)
-	NOT-FOR-US: Joomla! component
+	NOT-FOR-US: component for Joomla!
 CVE-2009-4474 (SQL injection vulnerability in the Mike de Boer zoom (com_zoom) ...)
 	NOT-FOR-US: Mambo component
 CVE-2009-4473 (Multiple cross-site scripting (XSS) vulnerabilities in ...)


