Author: nion
Date: 2009-08-19 23:15:10 +0000 (Wed, 19 Aug 2009)
New Revision: 12643
Modified:
data/CVE/list
Log:
- new/old squid issue (CVE-2009-2855)
- CVE-2009-285{1,3,4} fixed in wordpress 2.8.3-1
- NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-08-19 22:54:00 UTC (rev 12642)
+++ data/CVE/list 2009-08-19 23:15:10 UTC (rev 12643)
@@ -1,17 +1,17 @@
CVE-2009-2856 (Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous
binding ...)
- TODO: check
+ NOT-FOR-US: Sun Virtual Desktop Infrastructure
CVE-2009-2855 (The strListGetItem function in src/HttpHeaderTools.c in Squid
2.7 ...)
- TODO: check
+ - squid <unfixed> (low; bug #534982)
CVE-2009-2854 (Wordpress before 2.8.3 does not check capabilities for certain
...)
- TODO: check
+ - wordpress 2.8.3-1
CVE-2009-2853 (Wordpress before 2.8.3 allows remote attackers to gain
privileges via ...)
- TODO: check
+ - wordpress 2.8.3-1
CVE-2009-2852 (WP-Syntax plugin 0.9.1 and earlier for Wordpress, with ...)
- TODO: check
+ NOT-FOR-US: WP-Syntax plugin
CVE-2009-2851 (Cross-site scripting (XSS) vulnerability in the administrator
...)
- TODO: check
+ - wordpress 2.8.3-1 (low)
CVE-2009-2850 (Multiple buffer overflows in NASA Common Data Format (CDF) allow
...)
- TODO: check
+ NOT-FOR-US: NASA Common Data Format
CVE-2009-2845
REJECTED
TODO: check
@@ -159,33 +159,33 @@
CVE-2009-2793
RESERVED
CVE-2009-2792 (Directory traversal vulnerability in plugings/pagecontent.php in
...)
- TODO: check
+ NOT-FOR-US: Really Simple CMS
CVE-2009-2791 (PHP remote file inclusion vulnerability in pda_projects.php in
...)
- TODO: check
+ NOT-FOR-US: WebDynamite ProjectButler
CVE-2009-2790 (SQL injection vulnerability in cat_products.php in SoftBiz
Dating ...)
- TODO: check
+ NOT-FOR-US: SoftBiz Dating
CVE-2009-2789 (SQL injection vulnerability in the Permis (com_groups) component
1.0 ...)
- TODO: check
+ NOT-FOR-US: com_groups component for Joomla!
CVE-2009-2788 (Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow
...)
- TODO: check
+ NOT-FOR-US: Mobilelib GOLD
CVE-2009-2787 (Directory traversal vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Reputation plugin for PunBB
CVE-2009-2786 (SQL injection vulnerability in reputation.php in the Reputation
plugin ...)
- TODO: check
+ NOT-FOR-US: Reputation plugin for PunBB
CVE-2009-2785 (Multiple cross-site scripting (XSS) vulnerabilities in PHP Open
...)
- TODO: check
+ NOT-FOR-US: PHP Open Classifieds Script
CVE-2009-2784 (Multiple directory traversal vulnerabilities in dit.cms 1.3,
when ...)
- TODO: check
+ NOT-FOR-US: dit.cms
CVE-2009-2783 (Multiple cross-site scripting (XSS) vulnerabilities in XOOPS
2.3.3 ...)
- TODO: check
+ NOT-FOR-US: XOOPS
CVE-2009-2782 (SQL injection vulnerability in the JFusion (com_jfusion)
component for ...)
- TODO: check
+ NOT-FOR-US: com_jfusion component for Joomla!
CVE-2009-2781 (SQL injection vulnerability in forum.php in Arab Portal 2.x,
when ...)
- TODO: check
+ NOT-FOR-US: Arab Portal
CVE-2009-2780 (Multiple cross-site scripting (XSS) vulnerabilities in 68
Classifieds ...)
- TODO: check
+ NOT-FOR-US: 68 Classifieds
CVE-2009-2779 (SQL injection vulnerability in index.php in AJ Matrix DNA allows
...)
- TODO: check
+ NOT-FOR-US: AJ Matrix DNA
CVE-2008-7003 (Multiple SQL injection vulnerabilities in login.php in The Rat
CMS ...)
TODO: check
CVE-2008-7002 (PHP 5.2.5 does not enforce (a) open_basedir and (b)
safe_mode_exec_dir ...)