Secure testing commits - Oct 2007 - r7004 - data/CVE

Author: nion
Date: 2007-10-18 13:40:02 +0000 (Thu, 18 Oct 2007)
New Revision: 7004

Modified:
   data/CVE/list
Log:
CVE-2007-5481 dcc not-affected
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-10-18 12:36:44 UTC (rev 7003)
+++ data/CVE/list	2007-10-18 13:40:02 UTC (rev 7004)
@@ -103,31 +103,31 @@
 CVE-2007-5490 (SQL injection vulnerability in default.asp in Okul Otomasyon
Portal ...)
 	NOT-FOR-US: Okul Otomasyon Portal
 CVE-2007-5489 (Directory traversal vulnerability in index.php in Artmedic CMS
3.4 and ...)
-	TODO: check
+	NOT-FOR-US: Artmedic CMS
 CVE-2007-5487 (Stack-based buffer overflow in COWON America jetAudio Basic
7.0.3 ...)
-	TODO: check
+	NOT-FOR-US: COWON America jetAudioc
 CVE-2007-5486 (dotProject before 2.1 does not properly check privileges when
invoking ...)
-	TODO: check
+	NOT-FOR-US: dotProject
 CVE-2007-5485 (SQL injection vulnerability in index.php in the mg2 1.0 module
for ...)
-	TODO: check
+	NOT-FOR-US: KwsPHP
 CVE-2007-5484 (Directory traversal vulnerability in wxis.exe in WWWISIS 7.1
allows ...)
-	TODO: check
+	NOT-FOR-US: WWWISIS
 CVE-2007-5483 (Unspecified vulnerability in the Administrative Scripting Tools
(such ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2007-5482 (Unspecified vulnerability in the FTP service in Sun ...)
-	TODO: check
+	NOT-FOR-US: Sun firmware
 CVE-2007-5481 (Distributed Checksum Clearinghouse (DCC) 1.3.65 allows remote
...)
-	TODO: check
+	- dcc <not-affected> (vulnerable code introduced in 1.3.65)
 CVE-2007-5480 (Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge
...)
-	TODO: check
+	NOT-FOR-US: ZInnovaAge InnovaShop
 CVE-2007-5479 (Cross-site scripting (XSS) vulnerability in Search.asp in
Xcomputer ...)
-	TODO: check
+	NOT-FOR-US: Xcomputer
 CVE-2007-5478 (Cross-site scripting (XSS) vulnerability in projects in Nabh
...)
-	TODO: check
+	NOT-FOR-US: Sbportal
 CVE-2007-5477 (Cross-site scripting (XSS) vulnerability in auth.w in djeyl.net
WebMod ...)
-	TODO: check
+	NOT-FOR-US: djeyl.net WebMod
 CVE-2007-5476 (Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and
earlier, ...)
-	TODO: check
+	NOT-FOR-US: Opera specific flash vulnerability
 CVE-2007-5475
 	RESERVED
 CVE-2007-5474
@@ -161,13 +161,13 @@
 CVE-2003-1362 (Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly
...)
 	TODO: check
 CVE-2003-1361 (Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of
Tivoli ...)
-	TODO: check
+	NOT-FOR-US: HP-UX
 CVE-2003-1360 (Buffer overflow in the setupterm function of (1) lanadmin and
(2) ...)
-	TODO: check
+	NOT-FOR-US: HP-UX
 CVE-2003-1359 (Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22
allows ...)
-	TODO: check
+	NOT-FOR-US: HP-UX
 CVE-2003-1358 (rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment
...)
-	TODO: check
+	NOT-FOR-US: HP-UX
 CVE-2007-5488 (Multiple SQL injection vulnerabilities in cdr_addon_mysql in
...)
 	- asterisk-addons 1.4.4-1
 CVE-2007-5471 (libgssapi before 0.6-13.7, as used by the ISC BIND named daemon
in ...)