[Secure-testing-commits] r14783 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Wed Jun 2 18:47:22 UTC 2010 

Author: jmm-guest
Date: 2010-06-02 18:47:14 +0000 (Wed, 02 Jun 2010)
New Revision: 14783

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-06-02 18:00:07 UTC (rev 14782)
+++ data/CVE/list	2010-06-02 18:47:14 UTC (rev 14783)
@@ -1,5 +1,5 @@
 CVE-2010-XXXX [rpm setuid handling]
-	- rpm <unfixed> (bug filed; unimportant)
+	- rpm <unfixed> (bug #584257; unimportant)
 	NOTE: Marking as unimportant since rpm isn't used as a package manager
 CVE-2010-2116 (The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 ...)
 	TODO: check
@@ -89,11 +89,11 @@
 CVE-2009-4876 (admin/cikkform.php in Netrix CMS 1.0 allows remote attackers to modify ...)
 	NOT-FOR-US: Netrix CMS
 CVE-2009-4875 (FCKeditor.Java 2.4 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: FCKeditor.Java, different than fckeditor in the archive
 CVE-2009-4874 (TalkBack 2.3.14 does not properly restrict access to the edit comment ...)
-	TODO: check
+	NOT-FOR-US: TalkBack
 CVE-2009-4873 (Stack-based buffer overflow in the HTTP server in Rhino Software ...)
-	TODO: check
+	NOT-FOR-US: Rhino Software Serv-U Web Client
 CVE-2010-2079 (DataTrack System 3.5 allows remote attackers to bypass intended ...)
 	NOT-FOR-US: DataTrack System
 CVE-2010-2078 (DataTrack System 3.5 allows remote attackers to list the root ...)
@@ -152,43 +152,43 @@
 	RESERVED
 	- zonecheck 2.1.1-1 (bug #583290)
 CVE-2010-2051 (SQL injection vulnerability in article.php in Debliteck DBCart allows ...)
-	TODO: check
+	NOT-FOR-US: Debliteck DBCart
 CVE-2010-2050 (Directory traversal vulnerability in the Moron Solutions MS Comment ...)
-	TODO: check
+	NOT-FOR-US: Moron Solutions MS Comment
 CVE-2010-2049 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: ManageEngine ADAudit Plus
 CVE-2010-2048 (Multiple cross-site scripting (XSS) vulnerabilities in the Heartbeat ...)
-	TODO: check
+	NOT-FOR-US: Heartbeat module for Drupal
 CVE-2010-2047 (SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 ...)
-	TODO: check
+	NOT-FOR-US: JE CMS
 CVE-2010-2046 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: ActiveHelper LiveHelp for Joomla 
 CVE-2010-2045 (Directory traversal vulnerability in the Dione Form Wizard (aka FDione ...)
-	TODO: check
+	NOT-FOR-US: Dione Form Wizard
 CVE-2010-2044 (SQL injection vulnerability in the Konsultasi (com_konsultasi) ...)
-	TODO: check
+	NOT-FOR-US: Konsultasi for Joomla 
 CVE-2010-2043 (Cross-site scripting (XSS) vulnerability in Home.aspx in DataTrack ...)
-	TODO: check
+	NOT-FOR-US: DataTrack System 
 CVE-2010-2042 (SQL injection vulnerability in search.php in ECShop 2.7.2 allows ...)
-	TODO: check
+	NOT-FOR-US: ECShop
 CVE-2010-2041 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
-	TODO: check
+	NOT-FOR-US: PHP-Calendar
 CVE-2010-2040 (Cross-site scripting (XSS) vulnerability in search.php in V-EVA ...)
-	TODO: check
+	NOT-FOR-US: V-EVA Shopzilla script
 CVE-2010-2039 (Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, ...)
-	TODO: check
+	NOT-FOR-US: gpEasy CMS
 CVE-2010-2038 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: gpEasy CMS
 CVE-2010-2037 (Directory traversal vulnerability in the Percha Downloads Attach ...)
-	TODO: check
+	NOT-FOR-US: Percha
 CVE-2010-2036 (Directory traversal vulnerability in the Percha Fields Attach ...)
-	TODO: check
+	NOT-FOR-US: Percha
 CVE-2010-2035 (Directory traversal vulnerability in the Percha Gallery ...)
-	TODO: check
+	NOT-FOR-US: Percha
 CVE-2010-2034 (Directory traversal vulnerability in the Percha Image Attach ...)
-	TODO: check
+	NOT-FOR-US: Percha
 CVE-2010-2033 (Directory traversal vulnerability in the Percha Multicategory Article ...)
-	TODO: check
+	NOT-FOR-US: Percha
 CVE-2010-2032 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: Caucho Technology Resin Professional
 CVE-2010-2031 (KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield ...)

More information about the Secure-testing-commits mailing list