[Secure-testing-commits] r15051 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Thu Jul 29 01:42:00 UTC 2010 

Author: jmm-guest
Date: 2010-07-29 01:42:00 +0000 (Thu, 29 Jul 2010)
New Revision: 15051

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-07-29 00:53:05 UTC (rev 15050)
+++ data/CVE/list	2010-07-29 01:42:00 UTC (rev 15051)
@@ -74,39 +74,39 @@
 CVE-2010-2860
 	RESERVED
 CVE-2009-4974 (Directory traversal vulnerability in box_display.php in TotalCalendar ...)
-	TODO: check
+	NOT-FOR-US: TotalCalendar
 CVE-2009-4973 (SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows ...)
-	TODO: check
+	NOT-FOR-US: TotalCalendar
 CVE-2009-4972 (Cross-site scripting (XSS) vulnerability in index.php (aka the log in ...)
-	TODO: check
+	NOT-FOR-US: SimpleID
 CVE-2009-4971 (SQL injection vulnerability in the AJAX Chat (vjchat) extension before ...)
-	TODO: check
+	NOT-FOR-US: AJAX Chat 
 CVE-2009-4970 (SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for ...)
-	TODO: check
+	NOT-FOR-US: Typo3 addon
 CVE-2009-4969 (SQL injection vulnerability in the Solidbase Bannermanagement ...)
-	TODO: check
+	NOT-FOR-US: Typo3 addon
 CVE-2009-4968 (SQL injection vulnerability in the Event Registration (event_registr) ...)
-	TODO: check
+	NOT-FOR-US: Typo3 addon
 CVE-2009-4967 (SQL injection vulnerability in the Car (car) extension before 0.1.1 ...)
-	TODO: check
+	NOT-FOR-US: Typo3 addon
 CVE-2009-4966 (SQL injection vulnerability in the AST ZipCodeSearch ...)
-	TODO: check
+	NOT-FOR-US: Typo3 addon
 CVE-2009-4965 (SQL injection vulnerability in the AIRware Lexicon (air_lexicon) ...)
-	TODO: check
+	NOT-FOR-US: Typo3 addon
 CVE-2009-4964 (Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: KSP
 CVE-2009-4963 (Cross-site scripting (XSS) vulnerability in the Commerce extension ...)
-	TODO: check
+	NOT-FOR-US: Typo3 addon
 CVE-2009-4962 (Stack-based buffer overflow in Fat Player 0.6b allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Fat Player
 CVE-2009-4961 (Lanai Core 0.6 allows remote attackers to obtain configuration ...)
-	TODO: check
+	NOT-FOR-US: Lanai Core
 CVE-2009-4960 (Directory traversal vulnerability in modules/backup/download.php in ...)
-	TODO: check
+	NOT-FOR-US: Lanai Core
 CVE-2009-4959 (SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) ...)
-	TODO: check
+	NOT-FOR-US: T3M E-Mail Marketing Tool
 CVE-2009-4958 (SQL injection vulnerability in video.php in EMO Breader Manager allows ...)
-	TODO: check
+	NOT-FOR-US: EMO Breader Manager
 CVE-2010-XXXX [mediawiki XSS and data leakage]
 	- mediawiki <unfixed>
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
@@ -314,29 +314,29 @@
 CVE-2010-2773
 	RESERVED
 CVE-2010-2772 (Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded ...)
-	TODO: check
+	NOT-FOR-US: SCADA
 CVE-2010-2771 (solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: IBM solidDB
 CVE-2009-4945 (AdPeeps 8.5d1 has a default password of admin for the admin account, ...)
-	TODO: check
+	NOT-FOR-US: AdPeeps
 CVE-2009-4944 (Multiple cross-site scripting (XSS) vulnerabilities in ATRC ACollab ...)
-	TODO: check
+	NOT-FOR-US: ATRC ACollab
 CVE-2009-4943 (index.php in AdPeeps 8.5d1 allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOT-FOR-US: AdPeeps
 CVE-2009-4942 (Cross-site request forgery (CSRF) vulnerability in ACollab 1.2 allows ...)
-	TODO: check
+	NOT-FOR-US: ATRC ACollab
 CVE-2009-4941 (Cross-site scripting (XSS) vulnerability in sign_in.php in ATRC ...)
-	TODO: check
+	NOT-FOR-US: ATRC ACollab
 CVE-2009-4940 (SQL injection vulnerability in index.php in Zeus Cart 2.3 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Zeus Cart
 CVE-2009-4939 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
-	TODO: check
+	NOT-FOR-US: AdPeeps
 CVE-2009-4938 (SQL injection vulnerability in the JVideo! (com_jvideo) component ...)
-	TODO: check
+	NOT-FOR-US: JVideo
 CVE-2009-4937 (Cross-site scripting (XSS) vulnerability in Small Pirate (SPirate) 2.1 ...)
-	TODO: check
+	NOT-FOR-US: SPirate
 CVE-2009-4936 (Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 ...)
-	TODO: check
+	NOT-FOR-US: SPirate
 CVE-2010-XXXX [mapserver: buffer overflow in msTmpFile()]
 	- mapserver 5.6.4-1 (low)
 	NOTE: CVE id requested
@@ -496,9 +496,9 @@
 CVE-2010-2705
 	RESERVED
 CVE-2010-2704 (Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and ...)
-	TODO: check
+	NOT-FOR-US: HP OpenView 
 CVE-2010-2703 (Stack-based buffer overflow in the execvp_nc function in the ov.dll ...)
-	TODO: check
+	NOT-FOR-US: HP OpenView 
 CVE-2010-2702 (Buffer overflow in the UGameEngine::UpdateConnectingMessage function ...)
 	NOT-FOR-US: Unreal engine
 CVE-2010-2701 (Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow ...)

More information about the Secure-testing-commits mailing list