Author: white
Date: 2009-02-05 21:42:38 +0000 (Thu, 05 Feb 2009)
New Revision: 11156
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-05 21:14:14 UTC (rev 11155)
+++ data/CVE/list 2009-02-05 21:42:38 UTC (rev 11156)
@@ -1,75 +1,75 @@
CVE-2009-0431 (SQL injection vulnerability in Default.asp in LinksPro Standard
...)
- TODO: check
+ NOT-FOR-US: LinksPro
CVE-2009-0430 (Multiple cross-site scripting (XSS) vulnerabilities in Active
Bids ...)
- TODO: check
+ NOT-FOR-US: Active Bids
CVE-2009-0429 (Multiple SQL injection vulnerabilities in Active Bids allow
remote ...)
- TODO: check
+ NOT-FOR-US: Active Bids
CVE-2009-0428 (SQL injection vulnerability in ...)
- TODO: check
+ NOT-FOR-US: DMXReady Secure Document
CVE-2009-0427 (SQL injection vulnerability in ...)
- TODO: check
+ NOT-FOR-US: DMXReady Secure Document
CVE-2009-0426 (SQL injection vulnerability in ...)
- TODO: check
+ NOT-FOR-US: DMXReady Secure Document
CVE-2009-0425 (SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0
and ...)
- TODO: check
+ NOT-FOR-US: Blue Eye CMS
CVE-2009-0424 (Cross-site scripting (XSS) vulnerability in sign1.php in AN
Guestbook ...)
- TODO: check
+ NOT-FOR-US: AN Guestbook
CVE-2009-0423 (Directory traversal vulnerability in index.php in Php Photo
Album ...)
- TODO: check
+ NOT-FOR-US: Php Photo Album
CVE-2009-0422 (Dynamic variable evaluation vulnerability in lists/admin.php in
...)
- TODO: check
+ NOT-FOR-US: phpList
CVE-2009-0421 (SQL injection vulnerability in the Eventing (com_eventing)
1.6.x ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2009-0420 (SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5
Stable ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2009-0419 (Microsoft XML Core Services, as used in Microsoft Expression
Web, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2009-0418 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP
HP-UX ...)
- TODO: check
+ NOT-FOR-US: HP HP-UX
CVE-2008-6067 (SQL injection vulnerability in search_results.php in E-Shop
Shopping ...)
- TODO: check
+ NOT-FOR-US: E-Shop Shopping Cart
CVE-2008-6066 (Multiple PHP remote file inclusion vulnerabilities in Meet#Web
0.8 ...)
- TODO: check
+ NOT-FOR-US: Meet#Web
CVE-2008-6065 (Oracle Database Server 10.1, 10.2, and 11g grants directory
WRITE ...)
- TODO: check
+ NOT-FOR-US: Oracle Database Server
CVE-2008-6064 (Multiple SQL injection vulnerabilities in DomPHP 0.81 allow
remote ...)
- TODO: check
+ NOT-FOR-US: DomPHP
CVE-2008-6063 (Microsoft Word 2007, when the "Save as PDF" add-on is
enabled, places ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-6062 (Cross-site scripting (XSS) vulnerability in ActionScript in
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Adobe Dreamweaver
CVE-2008-6061 (Cross-site scripting (XSS) vulnerability in ActionScript in
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Techsmith Camtasia Studio
CVE-2008-6060 (Cross-site scripting (XSS) vulnerability in ActionScript in
arbitrary ...)
- TODO: check
+ NOT-FOR-US: InfoSoft FusionCharts
CVE-2008-6059 (xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does
not ...)
TODO: check
CVE-2008-6058 (Syslserve 1.058 and earlier, and probably 1.059, allows remote
...)
- TODO: check
+ NOT-FOR-US: Syslserve
CVE-2008-6057 (Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb
under ...)
- TODO: check
+ NOT-FOR-US: Doug Luxem Liberum Help Desk
CVE-2008-6056 (Multiple cross-site scripting (XSS) vulnerabilities in World
Recipe ...)
- TODO: check
+ NOT-FOR-US: World Recipe
CVE-2008-6055 (PreProjects Pre Classified Listings stores pclasp.mdb under the
web ...)
- TODO: check
+ NOT-FOR-US: PreProjects Pre Classified Listings
CVE-2008-6054 (PreProjects Pre Courier and Cargo Business stores dbcourior.mdb
under ...)
- TODO: check
+ NOT-FOR-US: PreProjects Pre Classified Listings
CVE-2008-6053 (PreProjects Pre Resume Submitter stores onlineresume.mdb under
the web ...)
- TODO: check
+ NOT-FOR-US: PreProjects Pre Classified Listings
CVE-2008-6052 (PreProjects Pre E-Learning Portal stores db_elearning.mdb under
the ...)
- TODO: check
+ NOT-FOR-US: PreProjects Pre Classified Listings
CVE-2008-6051 (MetaCart Free stores metacart.mdb under the web root with
insufficient ...)
- TODO: check
+ NOT-FOR-US: MetaCart Free
CVE-2008-6050 (SQL injection vulnerability in the Tech Articles
(com_tech_article) ...)
- TODO: check
+ NOT-FOR-US: Tech Articles
CVE-2008-6049 (SQL injection vulnerability in index.php in TinyMCE 2.0.1
allows ...)
TODO: check
CVE-2008-6048 (Multiple cross-site request forgery (CSRF) vulnerabilities in
TangoCMS ...)
- TODO: check
+ NOT-FOR-US: TangoCMS
CVE-2008-6047 (Cross-site scripting (XSS) vulnerability in ADbNewsSender
before 1.5.2 ...)
- TODO: check
+ NOT-FOR-US: ADbNewsSender
CVE-2008-6046 (SQL injection vulnerability in ADbNewsSender before 1.5.2
allows ...)
- TODO: check
+ NOT-FOR-US: ADbNewsSender
CVE-2009-0417
RESERVED
CVE-2009-0416 (The SSL certificate setup program (genSslCert.sh) in Standards
Based ...)
@@ -563,13 +563,13 @@
- moin 1.8.1-1.1 (low)
NOTE: http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad
CVE-2009-0276 (Cross-domain vulnerability in the V8 JavaScript engine in
Google ...)
- TODO: check
+ NOT-FOR-US: Google Chrome
CVE-2009-0274 (Unspecified vulnerability in WebAccess in Novell GroupWise 6.5,
7.0, ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2009-0273 (Multiple cross-site scripting (XSS) vulnerabilities in Novell
...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2009-0272 (Cross-site request forgery (CSRF) vulnerability in Novell
GroupWise ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2009-0269 (fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux
kernel ...)
- linux-2.6 <unfixed>
[etch] - linux-2.6 <not-affected> (ecryptfs was merged in 2.6.19)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
