[Secure-testing-commits] r15369 - data/CVE

[Giuseppe Iuculano]

Author: iuculano
Date: 2010-09-23 16:46:04 +0000 (Thu, 23 Sep 2010)
New Revision: 15369

Modified:
   data/CVE/list
Log:
CVE-2010-3476 fixed in otrs2 2.4.8+dfsg1-1
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-09-23 16:28:14 UTC (rev 15368)
+++ data/CVE/list	2010-09-23 16:46:04 UTC (rev 15369)
@@ -205,7 +205,7 @@
 CVE-2010-3500
 	RESERVED
 CVE-2010-3476 (Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before ...)
-	TODO: check
+	- otrs2 2.4.8+dfsg1-1
 CVE-2010-3475 (IBM DB2 9.7 before FP3 does not properly enforce privilege ...)
 	NOT-FOR-US: IBM DB2
 CVE-2010-3474 (IBM DB2 9.7 before FP3 does not perform the expected drops or ...)
@@ -350,7 +350,7 @@
 CVE-2010-3424 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: Invision Power Board
 CVE-2010-3423 (SQL injection vulnerability in the Yr Weatherdata module for Drupal ...)
-	TODO: check
+	NOT-FOR-US: Yr Weatherdata module for Drupal
 CVE-2010-3422 (SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 ...)
 	NOT-FOR-US: JGen for Joomla
 CVE-2010-3421 (Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ...)
@@ -730,7 +730,7 @@
 	- phpmyadmin 4:3.3.7-1 (low)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before ...)
-	TODO: check
+	NOT-FOR-US: flock
 CVE-2010-3261
 	RESERVED
 CVE-2010-3260
@@ -896,7 +896,7 @@
 	NOTE: poc didn't work.  may be windows-only
 	TODO: check with upstream
 CVE-2010-3202 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 ...)
-	TODO: check
+	NOT-FOR-US: flock
 CVE-2010-3201
 	RESERVED
 CVE-2010-3200 (MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote ...)