[Secure-testing-commits] r13847 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Sun Jan 17 16:30:23 UTC 2010
Author: derevko-guest
Date: 2010-01-17 16:30:22 +0000 (Sun, 17 Jan 2010)
New Revision: 13847
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-01-17 13:56:36 UTC (rev 13846)
+++ data/CVE/list 2010-01-17 16:30:22 UTC (rev 13847)
@@ -31,75 +31,75 @@
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616
TODO: file bug, check affected versions
CVE-2010-0350 (Directory traversal vulnerability in the Photo Book (goof_fotoboek) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0349 (Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 ...)
- TODO: check
+ NOT-FOR-US: WebCalenderC3
CVE-2010-0348 (Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and ...)
- TODO: check
+ NOT-FOR-US: WebCalenderC3
CVE-2010-0347 (Cross-site scripting (XSS) vulnerability in the VD / Geomap ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0346 (Cross-site scripting (XSS) vulnerability in the Tip many friends ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0345 (Cross-site scripting (XSS) vulnerability in the Majordomo extension ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0344 (SQL injection vulnerability in the zak_store_management extension ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0343 (SQL injection vulnerability in the Clan Users List (pb_clanlist) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0342 (SQL injection vulnerability in the Reports for Job (job_reports) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0341 (SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0340 (SQL injection vulnerability in the MJS Event Pro (mjseventpro) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0339 (SQL injection vulnerability in the User Links (vm19_userlinks) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0338 (SQL injection vulnerability in the TT_Products editor (ttpedit) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0337 (SQL injection vulnerability in the tt_news Mail alert ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0336 (Unspecified vulnerability in the kiddog_mysqldumper ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0335 (Cross-site scripting (XSS) vulnerability in the Vote rank for news ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0334 (SQL injection vulnerability in the Vote rank for news ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0333 (SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0332 (SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0331 (Cross-site scripting (XSS) vulnerability in the TV21 Talkshow ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0330 (SQL injection vulnerability in the Googlemaps for tt_news ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0329 (SQL injection vulnerability in the powermail extension 1.5.1 and ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0328 (Cross-site scripting (XSS) vulnerability in the Unit Converter ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0327 (Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0326 (Cross-site scripting (XSS) vulnerability in the Developer log (devlog) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0325 (Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0324 (SQL injection vulnerability in the Customer Reference List (ref_list) ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0323 (Unspecified vulnerability in the Photo Book (goof_fotoboek) extension ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0322 (SQL injection vulnerability in the init function in MK-AnydropdownMenu ...)
- TODO: check
+ NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0321 (Cross-site scripting (XSS) vulnerability in jobs/index.php in Jamit ...)
- TODO: check
+ NOT-FOR-US: Jamit Job Board 3.0
CVE-2010-0320 (Cross-site scripting (XSS) vulnerability in submitlink.php in Glitter ...)
- TODO: check
+ NOT-FOR-US: Glitter Central Script
CVE-2010-0319 (Cross-site scripting (XSS) vulnerability in index.php in Docmint 1.0 ...)
- TODO: check
+ NOT-FOR-US: Docmint
CVE-2010-0318 (The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, ...)
TODO: check
CVE-2010-0317 (Novell Netware 6.5 SP8 allows remote attackers to cause a denial of ...)
TODO: check
CVE-2010-0316 (Integer overflow in Google SketchUp before 7.1 M2 allows remote ...)
- TODO: check
+ NOT-FOR-US: Google SketchUp
CVE-2010-0315 (Google Chrome allows remote attackers to discover a redirect's target ...)
TODO: check
CVE-2010-0314 (Apple Safari allows remote attackers to discover a redirect's target ...)
@@ -107,13 +107,13 @@
CVE-2010-0313 (The core_get_proxyauth_dn function in ns-slapd in Sun Java System ...)
TODO: check
CVE-2010-0312 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Directory Server
CVE-2010-0311 (Unspecified vulnerability in Sun Java System Identity Manager (aka ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Identity Manager
CVE-2010-0310 (Trusted Extensions in Sun Solaris 10 allows local users to gain ...)
- TODO: check
+ NOT-FOR-US: Trusted Extensions in Sun Solaris 10
CVE-2009-4613 (SQL injection vulnerability in realestate20/loginaction.php in NetArt ...)
- TODO: check
+ NOT-FOR-US: NetArt Media Real Estate Portal
CVE-2010-XXXX [zend framework multiple issues]
- zendframework 1.9.7-1
NOTE: http://framework.zend.com/security/advisory/ZF2010-01 - ZF2010-06
@@ -287,7 +287,7 @@
CVE-2010-0250
RESERVED
CVE-2010-0249 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-0248
RESERVED
CVE-2010-0247
@@ -445,7 +445,7 @@
CVE-2010-0185
RESERVED
CVE-2010-0184 (The (1) domainutility and (2) domainutilitycmd components in TIBCO ...)
- TODO: check
+ NOT-FOR-US: TIBCO Domain Utility in TIBCO Runtime Agent
CVE-2010-0183
RESERVED
CVE-2010-0182
@@ -1396,7 +1396,7 @@
- eglibc 2.10.2-4 (medium; bug #560333)
- glibc <removed> (medium)
CVE-2010-0014 (System Security Services Daemon (SSSD) before 1.0.1, when the krb5 ...)
- TODO: check
+ NOT-FOR-US: sssd
CVE-2010-0013 (Directory traversal vulnerability in slp.c in the MSN protocol plugin ...)
- pidgin 2.6.5-1 (medium; bug #563206)
[lenny] - pidgin <not-affected> (vulnerable code not present)
@@ -1805,7 +1805,7 @@
CVE-2009-4183
RESERVED
CVE-2009-4182 (Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a ...)
- TODO: check
+ NOT-FOR-US: HP Web Jetadmin
CVE-2009-4181 (Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network ...)
NOT-FOR-US: HP OpenView Network Node Manager
CVE-2009-4180 (Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network ...)
@@ -2417,7 +2417,7 @@
CVE-2009-3953 (The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and ...)
NOT-FOR-US: Adobe Reader and Acrobat 8.0
CVE-2009-3952 (Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and ...)
- TODO: check
+ NOT-FOR-US: Adobe Illustrator
CVE-2009-3951 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...)
NOT-FOR-US: ActiveX
CVE-2009-3950 (Multiple cross-site scripting (XSS) vulnerabilities in Bractus ...)
@@ -2943,7 +2943,7 @@
CVE-2009-3743
RESERVED
CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal before ...)
- TODO: check
+ NOT-FOR-US: Liferay Portal
CVE-2009-3741
RESERVED
CVE-2009-3740
@@ -4008,19 +4008,19 @@
CVE-2009-3417 (SQL injection vulnerability in the IDoBlog (com_idoblog) component 1.1 ...)
NOT-FOR-US: IDoBlog component Joomla
CVE-2009-3416 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2009-3415 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-3414 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-3413 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-3412 (Unspecified vulnerability in the Unzip component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle Database and Oracle Application Server
CVE-2009-3411 (Unspecified vulnerability in the Oracle Data Pump component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-3410 (Unspecified vulnerability in the RDBMS component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-3409 (Unspecified vulnerability in the PeopleSoft Enterprise HCM (TAM) ...)
NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2009-3408 (Unspecified vulnerability in the Oracle Application Object Library ...)
@@ -8662,7 +8662,7 @@
CVE-2009-1997 (Unspecified vulnerability in the Authentication component in Oracle ...)
NOT-FOR-US: Oracle Database
CVE-2009-1996 (Unspecified vulnerability in the Logical Standby component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1995 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...)
NOT-FOR-US: Oracle Database
CVE-2009-1994 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
More information about the Secure-testing-commits
mailing list