Secure testing commits - Mar 2008 - r8272 - data/CVE

Author: nion
Date: 2008-03-05 14:44:11 +0000 (Wed, 05 Mar 2008)
New Revision: 8272

Modified:
   data/CVE/list
Log:
NFUs
new smarty issue


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-03-05 14:22:17 UTC (rev 8271)
+++ data/CVE/list	2008-03-05 14:44:11 UTC (rev 8272)
@@ -131,33 +131,34 @@
 CVE-2008-1070 (The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5
through ...)
 	- wireshark <unfixed> (low; bug #469488)
 CVE-2008-1069 (Multiple PHP remote file inclusion vulnerabilities in Quantum
Game ...)
-	TODO: check
+	NOT-FOR-US: Quantum Game Library
 CVE-2008-1068 (Multiple PHP remote file inclusion vulnerabilities in Portail
Web Php ...)
-	TODO: check
+	NOT-FOR-US: Portail Web Php
 CVE-2008-1067 (Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin
2.2.7 ...)
-	TODO: check
+	- phpqladmin <removed>
 CVE-2008-1066 (The modifier.regex_replace.php plugin in Smarty before 2.6.19,
as used ...)
-	TODO: check
+	- smarty <unfixed> (low; bug #469492)
+	TODO: Check moodle
 CVE-2008-1065 (Multiple SQL injection vulnerabilities in index.php in the ...)
-	TODO: check
+	NOT-FOR-US: xmmemberstats module for XOOPS
 CVE-2008-1064 (Cross-site scripting (XSS) vulnerability in images.php in the
Red ...)
-	TODO: check
+	NOT-FOR-US: rmgs module for XOOPs
 CVE-2008-1063 (Cross-site scripting (XSS) vulnerability index.php in the ...)
-	TODO: check
+	NOT-FOR-US: xmmemberstats module for XOOPS
 CVE-2008-1062 (InterVideo IMC Server (aka IMCSvr.exe) and InterVideo Home
Theater ...)
-	TODO: check
+	NOT-FOR-US: InterVideo IMC Server/InterVideo Home Theater
 CVE-2008-1061 (Multiple cross-site scripting (XSS) vulnerabilities in the
Sniplets ...)
-	TODO: check
+	NOT-FOR-US: Sniplets plugin for WordPress
 CVE-2008-1060 (Eval injection vulnerability in modules/execute.php in the
Sniplets ...)
-	TODO: check
+	NOT-FOR-US: Sniplets plugin for WordPress
 CVE-2008-1059 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Sniplets plugin for WordPress
 CVE-2008-1058 (The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1
and 4.2 ...)
 	TODO: check
 CVE-2008-1057 (The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD
4.2 ...)
 	TODO: check
 CVE-2008-1056 (Multiple stack-based buffer overflows in Symark PowerBroker 2.8
...)
-	TODO: check
+	NOT-FOR-US: Symark PowerBroker
 CVE-2003-1545 (Absolute path traversal vulnerability in nukestyles.com
viewpage.php ...)
 	TODO: check
 CVE-2008-1111 [lighttpd sends cgi source if it fails to fork the cgi handler]