thr3ads.net - Secure testing commits - [Secure-testing-commits] r12158

If this information is useful, please help other people find it:
Share via:
Giuseppe Iuculano
2009-Jun-19 06:41 UTC
[Secure-testing-commits] r12158 - data/CVE

Author: derevko-guest
Date: 2009-06-19 06:41:07 +0000 (Fri, 19 Jun 2009)
New Revision: 12158

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-06-18 21:14:13 UTC (rev 12157)
+++ data/CVE/list	2009-06-19 06:41:07 UTC (rev 12158)
@@ -1,29 +1,29 @@
 CVE-2009-2107 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
-	TODO: check
+	NOT-FOR-US: Webmedia Explorer
 CVE-2009-2106 (SQL injection vulnerability in the Virtual Civil Services
(civserv) ...)
-	TODO: check
+	NOT-FOR-US: Virtual Civil Services extension for TYPO3
 CVE-2009-2105 (SQL injection vulnerability in the References database
(t3references) ...)
-	TODO: check
+	NOT-FOR-US: References database extension for TYPO3
 CVE-2009-2104 (Cross-site scripting (XSS) vulnerability in the Modern Guestbook
/ ...)
-	TODO: check
+	NOT-FOR-US: Modern Guestbook extension for TYPO3
 CVE-2009-2103 (SQL injection vulnerability in the Frontend MP3 Player
(fe_mp3player) ...)
-	TODO: check
+	NOT-FOR-US: Frontend MP3 Player extension for TYPO3
 CVE-2009-2102 (SQL injection vulnerability in the Jumi (com_jumi) component
2.0.3 and ...)
-	TODO: check
+	NOT-FOR-US: Jumi component for Joomla
 CVE-2009-2101 (Directory traversal vulnerability in archive.php in TorrentVolve
1.4, ...)
-	TODO: check
+	NOT-FOR-US: TorrentVolve
 CVE-2009-2100 (Directory traversal vulnerability in the JoomlaPraise
Projectfork ...)
-	TODO: check
+	NOT-FOR-US: JoomlaPraise component for Joomla
 CVE-2009-2099 (SQL injection vulnerability in the iJoomla RSS Feeder ...)
-	TODO: check
+	NOT-FOR-US: iJoomla RSS Feeder component for Joomla
 CVE-2009-2098 (SQL injection vulnerability in topicler.php in phPortal 1.0
allows ...)
-	TODO: check
+	NOT-FOR-US: phPortal
 CVE-2009-2097 (SQL injection vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Zoki Catalog
 CVE-2009-2096 (SQL injection vulnerability in house/listing_view.php in ...)
-	TODO: check
+	NOT-FOR-US: phpCollegeExchange
 CVE-2009-2095 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Mundi Mail
 CVE-2009-2094
 	RESERVED
 CVE-2009-2093
@@ -47,25 +47,25 @@
 CVE-2009-2084 (Simple Linux Utility for Resource Management (SLURM) 1.2 and 1.3
...)
 	TODO: check
 CVE-2009-2083 (Cross-site scripting (XSS) vulnerability in the term data detail
page ...)
-	TODO: check
+	NOT-FOR-US: Taxonomy
 CVE-2009-2082 (SQL injection vulnerability in insidepage.php in Creative Web
...)
-	TODO: check
+	NOT-FOR-US: Creative Web Solutions Multi-Level CMS
 CVE-2009-2081 (Directory traversal vulnerability in help.php in phpWebThings
1.5.2 ...)
-	TODO: check
+	NOT-FOR-US: phpWebThings
 CVE-2009-2080 (admin.php in MRCGIGUY The Ticket System 2.0 does not properly
restrict ...)
-	TODO: check
+	NOT-FOR-US: MRCGIGUY
 CVE-2009-2079 (Cross-site scripting (XSS) vulnerability in the administrative
page ...)
-	TODO: check
+	NOT-FOR-US: Taxonomy
 CVE-2009-2078 (Multiple cross-site scripting (XSS) vulnerabilities in Booktree
5.x ...)
-	TODO: check
+	NOT-FOR-US: Booktree module for drupal
 CVE-2009-2077 (Drupal 6.x before 6.x-2.6, a module for Drupal, allows remote
...)
-	TODO: check
+	NOT-FOR-US: Views module for Drupal
 CVE-2009-2076 (Cross-site scripting (XSS) vulnerability in Views 6.x before
6.x-2.6, ...)
-	TODO: check
+	NOT-FOR-US: Views module for Drupal
 CVE-2009-2075 (Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module
for ...)
-	TODO: check
+	NOT-FOR-US: Nodequeue module for Drupal
 CVE-2009-2074 (Cross-site scripting (XSS) vulnerability in Nodequeue 5.x before
...)
-	TODO: check
+	NOT-FOR-US: Nodequeue module for Drupal
 CVE-2009-XXXX [backuppc: web frontend installed insecurely by default]
 	- backuppc 3.1.0-6
 	[lenny] - backuppc 3.1.0-4lenny1
@@ -102,7 +102,7 @@
 CVE-2009-2060 (src/net/http/http_transaction_winhttp.cc in Google Chrome before
...)
 	- chromium-browser <itp> (bug #520324)
 CVE-2009-2059 (Opera, possibly before 9.25, uses the HTTP Host header to
determine ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2009-2058 (Apple Safari before 3.2.2 uses the HTTP Host header to determine
the ...)
 	NOT-FOR-US: Apple Safari
 CVE-2009-2057 (Microsoft Internet Explorer before 8 uses the HTTP Host header
to ...)
@@ -219,7 +219,7 @@
 CVE-2009-2012 (Unspecified vulnerability in idmap in Sun OpenSolaris snv_88
through ...)
 	NOT-FOR-US: OpenSolaris
 CVE-2009-2011 (Worldweaver DX Studio Player 3.0.29.0, 3.0.22.0, 3.0.12.0, and
...)
-	TODO: check
+	NOT-FOR-US: Worldweaver DX Studio Player
 CVE-2009-2010 (Multiple SQL injection vulnerabilities in Haudenschilt Family
...)
 	NOT-FOR-US: Haudenschilt Family Connections CMS
 CVE-2009-2009 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos
1.8.5, ...)
@@ -829,7 +829,7 @@
 	TODO: file bug
 	NOTE: see the portions of code of #530178
 CVE-2009-1761 (The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for
...)
-	TODO: check
+	NOT-FOR-US: CA ARCserve Backup
 CVE-2009-1760 (Directory traversal vulnerability in src/torrent_info.cpp in
Rasterbar ...)
 	{DSA-1815-1}
 	- libtorrent-rasterbar 0.14.4-1 (medium)
@@ -913,7 +913,7 @@
 CVE-2009-1720
 	RESERVED
 CVE-2009-1719 (The Aqua Look and Feel for Java implementation in Java 1.5 on
Mac OS X ...)
-	TODO: check
+	NOT-FOR-US: Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X
 CVE-2009-1718 (WebKit in Apple Safari before 4.0 allows user-assisted remote
...)
 	TODO: check
 CVE-2009-1717 (Integer overflow in Terminal in Apple Mac OS X 10.5 before
10.5.7 ...)
Secure testing commits - Jun 2009 - r12158 - data/CVE

[Secure-testing-commits] r12158 - data/CVE
