Author: geissert Date: 2009-12-10 16:15:16 +0000 (Thu, 10 Dec 2009) New Revision: 13504 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-09 21:14:22 UTC (rev 13503) +++ data/CVE/list 2009-12-10 16:15:16 UTC (rev 13504) @@ -1,23 +1,23 @@ CVE-2009-4236 (The process function in ...) - TODO: check + NOT-FOR-US: EC-CUBE CVE-2009-4235 (acpid 1.0.4 sets an unrestrictive umask, which might allow local users ...) TODO: check CVE-2009-4234 (Cross-site scripting (XSS) vulnerability in ...) - TODO: check + NOT-FOR-US: Micronet Network Access Controller CVE-2009-4233 (Cross-site scripting (XSS) vulnerability in modules/mod_yj_whois.php ...) - TODO: check + NOT-FOR-US: Joomla! component CVE-2009-4232 (The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not ...) - TODO: check + NOT-FOR-US: Joomla! component CVE-2009-4231 (Directory traversal vulnerability in as/lib/plugins.php in SweetRice ...) - TODO: check + NOT-FOR-US: SweetRice CVE-2009-4230 (Multiple stack-based buffer overflows in src/Task.cc in the FastCGI ...) TODO: check CVE-2009-4229 (Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active ...) TODO: check CVE-2009-4226 (Race condition in the IP module in the kernel in Sun OpenSolaris ...) - TODO: check + NOT-FOR-US: OpenSolaris kernel CVE-2009-4225 (Stack-based buffer overflow in the PestPatrol ActiveX control ...) - TODO: check + NOT-FOR-US: PestPatrol CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and ...) - xfig <unfixed> TODO: check @@ -31,25 +31,25 @@ TODO: report bug, check affected versions NOTE: http://www.exploit-db.com/exploits/10338 CVE-2009-4224 (Multiple PHP remote file inclusion vulnerabilities in SweetRice 0.5.4, ...) - TODO: check + NOT-FOR-US: SweetRice CVE-2009-4223 (PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web ...) - TODO: check + NOT-FOR-US: KR-Web CVE-2009-4222 (phpBazar 2.1.1fix and earlier does not require administrative ...) TODO: check CVE-2009-4221 (SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and ...) TODO: check CVE-2009-4220 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: PointComma CVE-2009-4219 (Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX ...) - TODO: check + NOT-FOR-US: Haihaisoft Universal Player CVE-2009-4218 (Multiple SQL injection vulnerabilities in files/login.asp in JiRo''s ...) - TODO: check + NOT-FOR-US: JiRo''s Banner System eXperience (JBSX) CVE-2009-4217 (SQL injection vulnerability in the Itamar Elharar MusicGallery ...) - TODO: check + NOT-FOR-US: Joomla! component CVE-2009-4216 (Directory traversal vulnerability in funzioni/lib/menulast.php in ...) - TODO: check + NOT-FOR-US: klinza CVE-2009-4215 (Panda Global Protection 2010, Internet Security 2010, and Antivirus ...) - TODO: check + NOT-FOR-US: Panda CVE-2009-4213 RESERVED CVE-2009-4212 @@ -65,23 +65,23 @@ CVE-2009-4207 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x ...) TODO: check CVE-2009-4206 (SQL injection vulnerability in admin.link.modify.php in Million Dollar ...) - TODO: check + NOT-FOR-US: Million Dollar Text Links CVE-2009-4205 (Directory traversal vulnerability in admin.php in Flashlight Free ...) - TODO: check + NOT-FOR-US: Flashlight Free Edition CVE-2009-4204 (SQL injection vulnerability in read.php in Flashlight Free Edition ...) - TODO: check + NOT-FOR-US: Flashlight Free Edition CVE-2009-4203 (Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php ...) TODO: check CVE-2009-4202 (Directory traversal vulnerability in the Omilen Photo Gallery ...) - TODO: check + NOT-FOR-US: Joomla! component CVE-2009-4201 (Multiple stack-based buffer overflows in Mp3 Tag Assistant ...) - TODO: check + NOT-FOR-US: Mp3 Tag Assistant Professional CVE-2009-4200 (SQL injection vulnerability in the Seminar (com_seminar) component ...) - TODO: check + NOT-FOR-US: Joomla! component CVE-2009-4199 (Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos ...) - TODO: check + NOT-FOR-US: Joomla! component CVE-2009-4198 (SQL injection vulnerability in my_orders.php in MyMiniBill allows ...) - TODO: check + NOT-FOR-US: MyMiniBill CVE-2009-4197 (rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware ...) NOT-FOR-US: Huawei MT882 V100R002B020 CVE-2009-4196 (Multiple cross-site scripting (XSS) vulnerabilities in multiple ...)