Author: fw
Date: 2007-06-02 07:41:37 +0000 (Sat, 02 Jun 2007)
New Revision: 5965

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-06-02 07:41:09 UTC (rev 5964)
+++ data/CVE/list       2007-06-02 07:41:37 UTC (rev 5965)
@@ -216,7 +216,7 @@
        - firefox <removed> (medium)
        - mozilla <removed> (medium)
 CVE-2007-2866 (Multiple SQL injection vulnerabilities in ...)
-       TODO: check
+       NOT-FOR-US: PHPEcho CMS
 CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in 
phpPgAdmin ...)
        - phppgadmin <unfixed> (low; bug #427151)
 CVE-2007-2864
@@ -224,46 +224,46 @@
 CVE-2007-2863
        RESERVED
 CVE-2007-2862 (Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might 
allow ...)
-       TODO: check
+       NOT-FOR-US: CubeCart
 CVE-2007-2861 (Multiple PHP remote file inclusion vulnerabilities in Simple 
...)
-       TODO: check
+       NOT-FOR-US: SAXON
 CVE-2007-2860 (user.php in BoastMachine 3.0 platinum allows remote 
authenticated ...)
-       TODO: check
+       NOT-FOR-US: BoastMachine
 CVE-2007-2859 (Multiple PHP remote file inclusion vulnerabilities in SimpGB 
1.46.0 ...)
-       TODO: check
+       NOT-FOR-US: SimpGB
 CVE-2007-2858 (SQL injection vulnerability in the IP-Search functionality in 
the ...)
-       TODO: check
+       NOT-FOR-US: IP-Tracking Mod for phpBB
 CVE-2007-2857 (PHP remote file inclusion vulnerability in sample/xls2mysql in 
ABC ...)
-       TODO: check
+       NOT-FOR-US: ABC Excel Parser Pro
 CVE-2007-2856 (Buffer overflow in the Dart Communications PowerTCP ZIP 
Compression ...)
-       TODO: check
+       NOT-FOR-US: Dart Communications PowerTCP
 CVE-2007-2855 (Buffer overflow in a certain ActiveX control in DartZipLite.dll 
...)
-       TODO: check
+       NOT-FOR-US: Dart ZipLite
 CVE-2007-2854 (Multiple SQL injection vulnerabilities in account_change.php in 
...)
-       TODO: check
+       NOT-FOR-US: BtiTracker
 CVE-2007-2853 (The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in 
Virtual CD ...)
-       TODO: check
+       NOT-FOR-US: Virtual CD
 CVE-2007-2852 (Multiple stack-based buffer overflows in ESET NOD32 Antivirus 
before ...)
-       TODO: check
+       NOT-FOR-US: ESET NOD32 Antivirus
 CVE-2007-2851 (A certain ActiveX control in LeadTools Raster Variant Object 
Library ...)
-       TODO: check
+       NOT-FOR-US: LeadTools
 CVE-2007-2850 (The Session Reliability Service (XTE) in Citrix MetaFrame 
Presentation ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2007-2849 (KnowledgeTree Document Management (aka KnowledgeTree Open 
Source) ...)
-       TODO: check
+       NOT-FOR-US: KnowledgeTree
 CVE-2007-2848 (Stack-based buffer overflow in the SetPath function in the 
shComboBox ...)
-       TODO: check
+       NOT-FOR-US: Sky Software
 CVE-2007-2847 (Multiple cross-site scripting (XSS) vulnerabilities in 
hlstats.php in ...)
-       TODO: check
+       NOT-FOR-US: HLstats
 CVE-2007-2846 (Heap-based buffer overflow in the SIS unpacker in avast! 
Anti-Virus ...)
-       TODO: check
+       NOT-FOR-US: Avast
 CVE-2007-2845 (Heap-based buffer overflow in the CAB unpacker in avast! 
Anti-Virus ...)
-       TODO: check
+       NOT-FOR-US: Avast
 CVE-2007-2844 (PHP 4.x and 5.x before 5.2.1, when running on multi-threaded 
systems, ...)
        - php5 5.2.2-1 (low)
        - php4 <unfixed> (low)
 CVE-2007-2843 (Cross-domain vulnerability in Apple Safari 2.0.4 allows remote 
...)
-       TODO: check
+       NOT-FOR-US: Apple Safari
        NOTE: Does not seem to work with Konqueror.
 CVE-2007-2842
        RESERVED
@@ -286,7 +286,7 @@
 CVE-2007-2833
        RESERVED
 CVE-2007-2832 (Cross-site scripting (XSS) vulnerability in the web application 
...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2007-2831 (Array index error in the (1) ieee80211_ioctl_getwmmparams and 
(2) ...)
        - madwifi-source <unfixed> (high)
 CVE-2007-2830 (The ath_beacon_config function in if_ath.c in MadWifi before 
0.9.3.1 ...)
@@ -294,19 +294,19 @@
 CVE-2007-2829 (The 802.11 network stack in net80211/ieee80211_input.c in 
MadWifi ...)
        - madwifi-source <unfixed> (medium)
 CVE-2007-2828 (Cross-site request forgery (CSRF) vulnerability in 
adsense-deluxe.php ...)
-       TODO: check
+       NOT-FOR-US: AdSense-Deluxe
 CVE-2007-2827 (Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS 
ActiveX ...)
-       TODO: check
+       NOT-FOR-US: LeadTools
 CVE-2007-2826 (PHP remote file inclusion vulnerability in lib/addressbook.php 
in ...)
-       TODO: check
+       NOT-FOR-US: Madirish Webmail
 CVE-2007-2825 (Multiple cross-site scripting (XSS) vulnerabilities in 
ReadMsg.php in ...)
-       TODO: check
+       NOT-FOR-US: @Mail
 CVE-2007-2824 (SQL injection vulnerability in paypal.php in AlstraSoft 
E-Friends 4.21 ...)
-       TODO: check
+       NOT-FOR-US: AlstraSoft E-Friends
 CVE-2007-2823 (Multiple buffer overflows in HT Editor before 2.0.6 might allow 
remote ...)
-       TODO: check
+       NOT-FOR-US: HT Editor
 CVE-2007-2822 (TutorialCMS 1.01 and earlier, when register_globals is enabled, 
allows ...)
-       TODO: check
+       NOT-FOR-US: TutorialCMS
 CVE-2007-2821 (SQL injection vulnerability in wp-admin/admin-ajax.php in 
WordPress ...)
        - wordpress 2.2-1 (high)
 CVE-2007-2820 (Multiple stack-based buffer overflows in the KSign KSignSWAT 
ActiveX ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to