[Secure-testing-commits] r14285 - data/CVE

Nico Golde nion at alioth.debian.org
Wed Mar 17 15:19:02 UTC 2010 

Author: nion
Date: 2010-03-17 15:19:00 +0000 (Wed, 17 Mar 2010)
New Revision: 14285

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-03-17 14:56:45 UTC (rev 14284)
+++ data/CVE/list	2010-03-17 15:19:00 UTC (rev 14285)
@@ -1,48 +1,45 @@
-CVE-2010-XXXX [ikiwiki htmlscrubber XSS via svg images]
-	- ikiwiki 3.20100312 (low)
-	NOTE: CVE id requested on oss-sec
 CVE-2009-4718 (SQL injection vulnerability in visitorduration.php in Gonafish ...)
-	TODO: check
+	NOT-FOR-US: Gonafish WebStatCaffe
 CVE-2009-4717 (Multiple cross-site scripting (XSS) vulnerabilities in Gonafish ...)
-	TODO: check
+	NOT-FOR-US: Gonafish WebStatCaffe
 CVE-2009-4716 (Cross-site scripting (XSS) vulnerability in results.php in EDGEPHP ...)
-	TODO: check
+	NOT-FOR-US: EDGEPHP EZWebSearch
 CVE-2009-4715 (Cross-site scripting (XSS) vulnerability in rates.php in Real Time ...)
-	TODO: check
+	NOT-FOR-US: Real Time Currency Exchange
 CVE-2009-4714 (Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS ...)
-	TODO: check
+	NOT-FOR-US: XOOPS Celepar
 CVE-2009-4713 (Multiple cross-site scripting (XSS) vulnerabilities in the Qas (aka ...)
-	TODO: check
+	NOT-FOR-US: XOOPS Celepar
 CVE-2009-4712 (SQL injection vulnerability in index.php in Tukanas Classifieds (aka ...)
-	TODO: check
+	NOT-FOR-US: EasyClassifieds
 CVE-2009-4711 (SQL injection vulnerability in the CoolURI (cooluri) extension before ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4710 (SQL injection vulnerability in the Reset backend password ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4709 (SQL injection vulnerability in the datamints Newsticker ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4708 (SQL injection vulnerability in the [Gobernalia] Front End News ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4707 (Cross-site scripting (XSS) vulnerability in the [Gobernalia] Front End ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4706 (Cross-site scripting (XSS) vulnerability in the Mailform (mailform) ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4705 (Cross-site scripting (XSS) vulnerability in the Twitter Search ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4704 (Unspecified vulnerability in the Webesse E-Card (ws_ecard) extension ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4703 (SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4702 (SQL injection vulnerability in the Tour Extension (pm_tour) extension ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4701 (SQL injection vulnerability in the Myth download (myth_download) ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4700 (Directory traversal vulnerability in index.php in SkaDate Dating ...)
-	TODO: check
+	NOT-FOR-US: SkaDate Dating
 CVE-2009-4699 (Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating ...)
-	TODO: check
+	NOT-FOR-US: SkaDate Dating
 CVE-2009-4698 (Multiple SQL injection vulnerabilities in the Qas (aka Quas) module ...)
-	TODO: check
+	NOT-FOR-US: XOOPS Celepar
 CVE-2010-0969 [unbound DoS on 64 bit platforms]
 	- unbound 1.4.3-1
 	[lenny] - unbound <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list