Author: jmm-guest Date: 2010-07-29 01:42:00 +0000 (Thu, 29 Jul 2010) New Revision: 15051 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-07-29 00:53:05 UTC (rev 15050) +++ data/CVE/list 2010-07-29 01:42:00 UTC (rev 15051) @@ -74,39 +74,39 @@ CVE-2010-2860 RESERVED CVE-2009-4974 (Directory traversal vulnerability in box_display.php in TotalCalendar ...) - TODO: check + NOT-FOR-US: TotalCalendar CVE-2009-4973 (SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows ...) - TODO: check + NOT-FOR-US: TotalCalendar CVE-2009-4972 (Cross-site scripting (XSS) vulnerability in index.php (aka the log in ...) - TODO: check + NOT-FOR-US: SimpleID CVE-2009-4971 (SQL injection vulnerability in the AJAX Chat (vjchat) extension before ...) - TODO: check + NOT-FOR-US: AJAX Chat CVE-2009-4970 (SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for ...) - TODO: check + NOT-FOR-US: Typo3 addon CVE-2009-4969 (SQL injection vulnerability in the Solidbase Bannermanagement ...) - TODO: check + NOT-FOR-US: Typo3 addon CVE-2009-4968 (SQL injection vulnerability in the Event Registration (event_registr) ...) - TODO: check + NOT-FOR-US: Typo3 addon CVE-2009-4967 (SQL injection vulnerability in the Car (car) extension before 0.1.1 ...) - TODO: check + NOT-FOR-US: Typo3 addon CVE-2009-4966 (SQL injection vulnerability in the AST ZipCodeSearch ...) - TODO: check + NOT-FOR-US: Typo3 addon CVE-2009-4965 (SQL injection vulnerability in the AIRware Lexicon (air_lexicon) ...) - TODO: check + NOT-FOR-US: Typo3 addon CVE-2009-4964 (Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers ...) - TODO: check + NOT-FOR-US: KSP CVE-2009-4963 (Cross-site scripting (XSS) vulnerability in the Commerce extension ...) - TODO: check + NOT-FOR-US: Typo3 addon CVE-2009-4962 (Stack-based buffer overflow in Fat Player 0.6b allows remote attackers ...) - TODO: check + NOT-FOR-US: Fat Player CVE-2009-4961 (Lanai Core 0.6 allows remote attackers to obtain configuration ...) - TODO: check + NOT-FOR-US: Lanai Core CVE-2009-4960 (Directory traversal vulnerability in modules/backup/download.php in ...) - TODO: check + NOT-FOR-US: Lanai Core CVE-2009-4959 (SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) ...) - TODO: check + NOT-FOR-US: T3M E-Mail Marketing Tool CVE-2009-4958 (SQL injection vulnerability in video.php in EMO Breader Manager allows ...) - TODO: check + NOT-FOR-US: EMO Breader Manager CVE-2010-XXXX [mediawiki XSS and data leakage] - mediawiki <unfixed> NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html @@ -314,29 +314,29 @@ CVE-2010-2773 RESERVED CVE-2010-2772 (Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded ...) - TODO: check + NOT-FOR-US: SCADA CVE-2010-2771 (solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to ...) - TODO: check + NOT-FOR-US: IBM solidDB CVE-2009-4945 (AdPeeps 8.5d1 has a default password of admin for the admin account, ...) - TODO: check + NOT-FOR-US: AdPeeps CVE-2009-4944 (Multiple cross-site scripting (XSS) vulnerabilities in ATRC ACollab ...) - TODO: check + NOT-FOR-US: ATRC ACollab CVE-2009-4943 (index.php in AdPeeps 8.5d1 allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: AdPeeps CVE-2009-4942 (Cross-site request forgery (CSRF) vulnerability in ACollab 1.2 allows ...) - TODO: check + NOT-FOR-US: ATRC ACollab CVE-2009-4941 (Cross-site scripting (XSS) vulnerability in sign_in.php in ATRC ...) - TODO: check + NOT-FOR-US: ATRC ACollab CVE-2009-4940 (SQL injection vulnerability in index.php in Zeus Cart 2.3 and earlier ...) - TODO: check + NOT-FOR-US: Zeus Cart CVE-2009-4939 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: AdPeeps CVE-2009-4938 (SQL injection vulnerability in the JVideo! (com_jvideo) component ...) - TODO: check + NOT-FOR-US: JVideo CVE-2009-4937 (Cross-site scripting (XSS) vulnerability in Small Pirate (SPirate) 2.1 ...) - TODO: check + NOT-FOR-US: SPirate CVE-2009-4936 (Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 ...) - TODO: check + NOT-FOR-US: SPirate CVE-2010-XXXX [mapserver: buffer overflow in msTmpFile()] - mapserver 5.6.4-1 (low) NOTE: CVE id requested @@ -496,9 +496,9 @@ CVE-2010-2705 RESERVED CVE-2010-2704 (Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and ...) - TODO: check + NOT-FOR-US: HP OpenView CVE-2010-2703 (Stack-based buffer overflow in the execvp_nc function in the ov.dll ...) - TODO: check + NOT-FOR-US: HP OpenView CVE-2010-2702 (Buffer overflow in the UGameEngine::UpdateConnectingMessage function ...) NOT-FOR-US: Unreal engine CVE-2010-2701 (Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow ...)