thr3ads.net - Secure testing commits - [Secure-testing-commits] r13134

If this information is useful, please help other people find it:
Share via:
Raphael Geissert
2009-Oct-29 00:30 UTC
[Secure-testing-commits] r13134 - data/CVE

Author: geissert
Date: 2009-10-29 00:30:26 +0000 (Thu, 29 Oct 2009)
New Revision: 13134

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-10-28 23:06:07 UTC (rev 13133)
+++ data/CVE/list	2009-10-29 00:30:26 UTC (rev 13134)
@@ -1,53 +1,55 @@
 CVE-2009-3825 (Multiple directory traversal vulnerabilities in GenCMS 2006
allow ...)
-	TODO: check
+	NOT-FOR-US: GenCMS
 CVE-2009-3824 (Directory traversal vulnerability in include/processor.php in
...)
-	TODO: check
+	NOT-FOR-US: Greenwood PHP Content Manager
 CVE-2009-3823 (Directory traversal vulnerability in myhtml.php in Mobilelib
GOLD 3.0, ...)
-	TODO: check
+	NOT-FOR-US: Mobilelib GOLD 
 CVE-2009-3822 (PHP remote file inclusion vulnerability in Fiji Web Design Ajax
Chat ...)
-	TODO: check
+	NOT-FOR-US: com_ajaxchat component for Joomla
 CVE-2009-3821 (Cross-site scripting (XSS) vulnerability in the Apache Solr
Search ...)
-	TODO: check
+	NOT-FOR-US: Apache Solr Search extension for TYPO3
 CVE-2009-3820 (SQL injection vulnerability in the Flagbit Filebase
(fb_filebase) ...)
-	TODO: check
+	NOT-FOR-US: Flagbit Filebase extension for TYPO3
 CVE-2009-3819 (Unspecified vulnerability in the Random Images
(maag_randomimage) ...)
-	TODO: check
+	NOT-FOR-US: Random Images extension for TYPO3
 CVE-2009-3818 (Unspecified vulnerability in the session handling feature in
freeCap ...)
-	TODO: check
+	NOT-FOR-US: freeCap CAPTCHA for TYPO3
 CVE-2009-3817 (PHP remote file inclusion vulnerability in doc/releasenote.php
in the ...)
-	TODO: check
+	NOT-FOR-US: com_booklibrary component for Joomla!
 CVE-2009-3816 (Multiple cross-site scripting (XSS) vulnerabilities in
Activities ...)
-	TODO: check
+	NOT-FOR-US: IBM Lotus Connections
 CVE-2009-3815 (RunCMS 2M1, when running with certain error_reporting levels,
allows ...)
-	TODO: check
+	NOT-FOR-US: RunCMS 2M1
 CVE-2009-3814 (Static code injection vulnerability in RunCMS 2M1 allows remote
...)
-	TODO: check
+	NOT-FOR-US: RunCMS 2M1
 CVE-2009-3813 (Multiple SQL injection vulnerabilities in RunCMS 2M1 allow
remote ...)
-	TODO: check
+	NOT-FOR-US: RunCMS 2M1
 CVE-2009-3812 (Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0,
Radio ...)
-	TODO: check
+	NOT-FOR-US: OtsAV products
 CVE-2009-3811 (Stack-based buffer overflow in Music Tag Editor 1.61 build 212
allows ...)
-	TODO: check
+	NOT-FOR-US: Music Tag Editor
 CVE-2009-3810 (Heap-based buffer overflow in Acoustica MP3 Audio Mixer 2.471
allows ...)
-	TODO: check
+	NOT-FOR-US: Acoustica MP3 Audio Mixer
 CVE-2009-3809 (Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote
...)
-	TODO: check
+	NOT-FOR-US: Acoustica MP3 Audio Mixer
 CVE-2009-3808 (MixSense DJ Studio 1.0.0.1 allows remote attackers to cause a
denial ...)
-	TODO: check
+	NOT-FOR-US: MixSense DJ Studio
 CVE-2009-3807 (Stack-based buffer overflow in MixVibes 7.043 Pro allows remote
...)
-	TODO: check
+	NOT-FOR-US: MixVibes
 CVE-2009-3806 (SQL injection vulnerability in feedback_js.php in DedeCMS 5.1
allows ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2009-3805 (gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11,
allows ...)
 	TODO: check
+	NOTE: looks like an issue in gpg2 for windows (gpg4win.org), not specific
+	NOTE: to kleopatra
 CVE-2009-3804 (Multiple SQL injection vulnerabilities in modules/forum/post.php
in ...)
-	TODO: check
+	NOT-FOR-US: RunCMS 2M1
 CVE-2009-3803 (Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS
...)
-	TODO: check
+	NOT-FOR-US: Amiro.CMS
 CVE-2009-3802 (Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain
...)
-	TODO: check
+	NOT-FOR-US: Amiro.CMS
 CVE-2009-3801 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5
allows ...)
-	TODO: check
+	NOT-FOR-US: OpenDocMan
 CVE-2009-XXXX [eglibc: ldd arbitrary code execution]
 	- eglibc <unfixed> (low; bug #552518)
 	- glibc <removed> (low; bug #552518)
@@ -82,13 +84,13 @@
 CVE-2009-3791
 	RESERVED
 CVE-2009-3790 (Heap-based buffer overflow in FormMax (formerly AcroForm)
evaluation ...)
-	TODO: check
+	NOT-FOR-US: FormMax
 CVE-2009-3789 (Multiple cross-site scripting (XSS) vulnerabilities in
OpenDocMan ...)
-	TODO: check
+	NOT-FOR-US: OpenDocMan
 CVE-2009-3788 (SQL injection vulnerability in index.php in OpenDocMan 1.2.5
allows ...)
-	TODO: check
+	NOT-FOR-US: OpenDocMan
 CVE-2009-3787 (files.php in Vivvo CMS 4.1.5.1 allows remote attackers to
conduct ...)
-	TODO: check
+	NOT-FOR-US: Vivvo CMS
 CVE-2009-3786 (Cross-site scripting (XSS) vulnerability in Organic Groups (OG)
...)
 	TODO: check
 CVE-2009-3785 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
Secure testing commits - Oct 2009 - r13134 - data/CVE

[Secure-testing-commits] r13134 - data/CVE
