Secure testing commits - Oct 2007 - r7030 - data/CVE

Author: nion
Date: 2007-10-20 09:51:08 +0000 (Sat, 20 Oct 2007)
New Revision: 7030

Modified:
   data/CVE/list
Log:
NFUs
CVE-2007-5577 joomla has an itp


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-10-20 09:44:07 UTC (rev 7029)
+++ data/CVE/list	2007-10-20 09:51:08 UTC (rev 7030)
@@ -1,73 +1,73 @@
 CVE-2007-5579 (login.php in Pligg CMS 9.5 uses a guessable confirmation code
when ...)
-	TODO: check
+	NOT-FOR-US: Pligg CMS
 CVE-2007-5578 (Basic Analysis and Security Engine (BASE) before 1.3.8 sends a
...)
-	TODO: check
+	NOT-FOR-US: BASE
 CVE-2007-5577 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla!
before ...)
-	TODO: check
+	- joomla <itp> (bug #326398)
 CVE-2007-5576 (BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic
...)
-	TODO: check
+	NOT-FOR-US: BEA Tuxedo
 CVE-2007-5575 (Cross-site request forgery (CSRF) vulnerability in 1024 CMS
1.2.5 ...)
-	TODO: check
+	NOT-FOR-US: 1024 CMS
 CVE-2007-5574 (PHP remote file inclusion vulnerability in djpage.php in PHPDJ
0.5 ...)
-	TODO: check
+	NOT-FOR-US: PHPDJPHPDJ
 CVE-2007-5573 (PHP remote file inclusion vulnerability in
classes/core/language.php ...)
-	TODO: check
+	NOT-FOR-US: LimeSurvey
 CVE-2007-5572 (Multiple cross-site request forgery (CSRF) vulnerabilities in
Simple ...)
-	TODO: check
+	NOT-FOR-US: SPHPBlog
 CVE-2007-5571 (Cisco Firewall Services Module (FWSM) 3.1(6), and 3.2(2) and
earlier, ...)
-	TODO: check
+	NOT-FOR-US: Cisco Firewall Services Module
 CVE-2007-5570 (Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and
earlier, ...)
-	TODO: check
+	NOT-FOR-US: Cisco Firewall Services Module
 CVE-2007-5569 (Cisco PIX and ASA appliances with 7.1 and 7.2 software, when
...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-5568 (Cisco PIX and ASA appliances with 7.0 through 8.0 software, and
Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-5567 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Galmeta
 CVE-2007-5566 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: PHPBlog
 CVE-2007-5565 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: phpSCMS
 CVE-2007-5564 (Multiple cross-site scripting (XSS) vulnerabilities in NSSboard
...)
-	TODO: check
+	NOT-FOR-US: NSSboard
 CVE-2007-5563 (Unspecified vulnerability in VirtueMart before 1.0.13 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: VirtueMart
 CVE-2007-5562 (Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka
the ...)
-	TODO: check
+	NOT-FOR-US: Netgear firmware
 CVE-2007-5561 (Format string vulnerability in the logging function in the
Oracle OPMN ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2007-5560 (Heap-based buffer overflow in the Juniper HTTP Service allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Juniper HTTP Service
 CVE-2007-5559 (Heap-based buffer overflow in the IBM ThinkVantage TPM Service
allows ...)
-	TODO: check
+	NOT-FOR-US: IBM ThinkVantage TPM Service
 CVE-2007-5558 (Integer overflow in the LG Mobile handset allows remote
attackers to ...)
-	TODO: check
+	NOT-FOR-US: LG Mobile handset
 CVE-2007-5557 (Unspecified vulnerability in the NEC mobile handset allows
remote ...)
-	TODO: check
+	NOT-FOR-US: NEC mobile handset
 CVE-2007-5556 (Unspecified vulnerability in the Avaya VoIP Handset allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Avaya VoIP Handset
 CVE-2007-5555 (Symantec Altiris Deployment Solution 6 allows local users to
obtain ...)
-	TODO: check
+	NOT-FOR-US: Symantec Altiris Deployment Solution
 CVE-2007-5554 (Oracle allows remote attackers to obtain server memory contents
via ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2007-5553 (Unspecified vulnerability in rvd in TIBCO Rendezvous allows
remote ...)
-	TODO: check
+	NOT-FOR-US: TIBCO Rendezvous
 CVE-2007-5552 (Integer overflow in Cisco IOS allows remote attackers to execute
...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-5551 (Off-by-one error in Cisco IOS allows remote attackers to execute
...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-5550 (Unspecified vulnerability in Cisco IOS allows remote attackers
to ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-5549 (Unspecified vulnerability in Command EXEC in Cisco IOS allows
local ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-5548 (Multiple stack-based buffer overflows in Command EXEC in Cisco
IOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-5547 (Cross-site scripting (XSS) vulnerability in Cisco IOS allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2007-5546 (Multiple stack-based buffer overflows in TIBCO SmartPGM FX allow
...)
-	TODO: check
+	NOT-FOR-US: TIBCO SmartPGM FX
 CVE-2007-5545 (Format string vulnerability in TIBCO SmartPGM FX allows remote
...)
-	TODO: check
+	NOT-FOR-US: TIBCO SmartPGM FX
 CVE-2007-5544
 	RESERVED
 CVE-2007-5543
@@ -362,7 +362,8 @@
 CVE-2007-5474
 	RESERVED
 CVE-2007-5473 (StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when
...)
-	TODO: check
+	NOT-FOR-US: Mono
+	NOTE: mono is in experimental but this is a windows only issue
 CVE-2007-5472
 	RESERVED
 CVE-2003-1373 (Directory traversal vulnerability in auth.php for PhpBB 1.4.0
through ...)