[Secure-testing-commits] r15394 - data/CVE
James Strandboge
jamie-guest at alioth.debian.org
Wed Sep 29 21:53:33 UTC 2010
Author: jamie-guest
Date: 2010-09-29 21:53:32 +0000 (Wed, 29 Sep 2010)
New Revision: 15394
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-29 21:16:24 UTC (rev 15393)
+++ data/CVE/list 2010-09-29 21:53:32 UTC (rev 15394)
@@ -1,3 +1,7 @@
+CVE-2010-3688
+ NOT-FOR-US: NetArtMEDIA WebSiteAdmin
+CVE-2010-3684
+ NOT-FOR-US: Synology Disk Station
CVE-2010-3683
RESERVED
CVE-2010-3682
@@ -189,21 +193,21 @@
- piwigo 2.1.2-2
NOTE: http://www.exploit-db.com/exploits/14973/
CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...)
- TODO: check
+ NOT-FOR-US: wpQuiz
CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt ...)
- TODO: check
+ NOT-FOR-US: NetArt MEDIA Real Estate Portal
CVE-2010-3606 (Multiple directory traversal vulnerabilities in AGENTS/index.php in ...)
- TODO: check
+ NOT-FOR-US: NetArt MEDIA Real Estate Portal
CVE-2010-3605 (Cross-site scripting (XSS) vulnerability in the powermail extension ...)
TODO: check
CVE-2010-3604 (SQL injection vulnerability in the powermail extension 1.5.3 and ...)
TODO: check
CVE-2010-3603 (Cross-site request forgery (CSRF) vulnerability in the file manager ...)
- TODO: check
+ NOT-FOR-US: mojoPortal
CVE-2010-3602 (Cross-site scripting (XSS) vulnerability in ProfileView.aspx in ...)
- TODO: check
+ NOT-FOR-US: mojoPortal
CVE-2010-3601 (SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows ...)
- TODO: check
+ NOT-FOR-US: ibPhotohost
CVE-2010-3499
RESERVED
CVE-2010-3498
@@ -223,7 +227,7 @@
CVE-2010-3491
RESERVED
CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the System ...)
- TODO: check
+ NOT-FOR-US: System Recordings component in the configuration interface in FreePBX
CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: CMS Digital Workroom
CVE-2010-3488 (Directory traversal vulnerability in QuickShare 1.0 allows remote ...)
@@ -467,7 +471,7 @@
CVE-2010-3469
RESERVED
CVE-2010-3468
- RESERVED
+ NOT-FOR-US: Mura CMS
CVE-2009-5002 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
NOT-FOR-US: IBM FileNet P8 Application Engine
CVE-2009-5001 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...)
@@ -972,19 +976,19 @@
CVE-2010-3286
RESERVED
CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Network Node Manager
CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
- TODO: check
+ NOT-FOR-US: HP System Management Homepage
CVE-2010-3283 (Open redirect vulnerability in HP System Management Homepage (SMH) ...)
- TODO: check
+ NOT-FOR-US: HP System Management Homepage
CVE-2010-3282
RESERVED
CVE-2010-3281 (Stack-based buffer overflow in the HTTP proxy service in ...)
- TODO: check
+ NOT-FOR-US: Alcatel-Lucent OmniVista
CVE-2010-3280 (The CCAgent option 9.0.8.4 and earlier in the management server (aka ...)
- TODO: check
+ NOT-FOR-US: Alcatel-Lucent OmniTouch Contact Center
CVE-2010-3279 (The default configuration of the CCAgent option before 9.0.8.4 in the ...)
- TODO: check
+ NOT-FOR-US: Alcatel-Lucent OmniTouch Contact Center
CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Alternative ...)
- php-apc <unfixed> (unimportant)
NOTE: vulnerable script is, mainly, for debugging purposes
@@ -999,7 +1003,7 @@
CVE-2010-3278 (Multiple buffer overflows in the Novell Client novfs module for the ...)
NOT-FOR-US: novfs kernel module (only included in SUSE it seems)
CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 301548 and ...)
- TODO: check
+ NOT-FOR-US: VMware Workstation
CVE-2010-3276
RESERVED
CVE-2010-3275
@@ -1032,7 +1036,7 @@
CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before ...)
NOT-FOR-US: flock
CVE-2010-3261 (Directory traversal vulnerability in RSA Authentication Agent 7.0 ...)
- TODO: check
+ NOT-FOR-US: RSA Authentication Agent 7.0 for Web
CVE-2010-3260
RESERVED
CVE-2010-3259 (Google Chrome before 6.0.472.53 does not properly restrict read access ...)
@@ -3007,7 +3011,7 @@
CVE-2010-2531 (The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 ...)
- php5 <unfixed> (low)
CVE-2010-2530
- RESERVED
+ NOT-FOR-US: NetBSD
CVE-2010-2529 (Unspecified vulnerability in ping.c in iputils 20020927, 20070202, ...)
- iputils 3:20100418-2
[lenny] - iputils 3:20071127-1+lenny1
@@ -3210,7 +3214,7 @@
NOTE: address bar to be spoofed in either webkit or chrome
NOTE: this will be address in iceweasel in cve-2010-1206
CVE-2010-2453
- RESERVED
+ NOT-FOR-US: Synology Disk Station
CVE-2009-4909 (admin/index.php in oBlog allows remote attackers to conduct ...)
NOT-FOR-US: oBlog
CVE-2009-4908 (Multiple cross-site scripting (XSS) vulnerabilities in oBlog allow ...)
More information about the Secure-testing-commits
mailing list