thr3ads.net - Secure testing commits - [Secure-testing-commits] r11961

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2009-May-23 15:45 UTC

[Secure-testing-commits] r11961 - data/CVE

Author: derevko-guest
Date: 2009-05-23 15:45:49 +0000 (Sat, 23 May 2009)
New Revision: 11961

Modified:
   data/CVE/list
Log:
- NFUs
- CVE-2009-173{2,3}: ipplan is affected


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-05-23 13:49:51 UTC (rev 11960)
+++ data/CVE/list	2009-05-23 15:45:49 UTC (rev 11961)
@@ -47,21 +47,21 @@
 CVE-2009-1738 (Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x
before ...)
 	TODO: check
 CVE-2009-1737 (Directory traversal vulnerability in bom.php in MyPic 2.1 allows
...)
-	TODO: check
+	NOT-FOR-US: MyPic
 CVE-2009-1736 (SQL injection vulnerability in the GridSupport (GS) Ticket
System ...)
-	TODO: check
+	NOT-FOR-US: GridSupport component for Joomla
 CVE-2009-1735 (Cross-site scripting (XSS) vulnerability in search.php in
VidSharePro ...)
-	TODO: check
+	NOT-FOR-US: VidSharePro
 CVE-2009-1734 (SQL injection vulnerability in listing_video.php in VidSharePro
allows ...)
-	TODO: check
+	NOT-FOR-US: VidSharePro
 CVE-2009-1733 (Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a
allows ...)
-	TODO: check
+	- ipplan <unfixed> (low; bug #530271)
 CVE-2009-1732 (Cross-site scripting (XSS) vulnerability in admin/usermanager in
IPlan ...)
-	TODO: check
+	- ipplan <unfixed> (low; bug #530271)
 CVE-2009-1731 (SQL injection vulnerability in panel/index.php in MLFFAT 2.1
allows ...)
-	TODO: check
+	NOT-FOR-US: MLFFAT
 CVE-2009-1730 (Multiple directory traversal vulnerabilities in NetMechanica
...)
-	TODO: check
+	NOT-FOR-US: NetDecision TFTP Server
 CVE-2009-1729 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java
System ...)
 	TODO: check
 CVE-2009-1728
@@ -165,9 +165,9 @@
 CVE-2009-1679
 	RESERVED
 CVE-2008-6813 (SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL
...)
-	TODO: check
+	NOT-FOR-US: phpWebNews
 CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2
allows ...)
-	TODO: check
+	NOT-FOR-US: phpWebNews
 CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 includes places the X authority
magic ...)
 	- slim <unfixed> (low; bug #529306)
 CVE-2009-1755 (Off-by-one error in the packet_read_query_section function in
packet.c ...)

Secure testing commits - May 2009 - r11961 - data/CVE

[Secure-testing-commits] r11961 - data/CVE