Secure testing commits - Dec 2009 - r13448 - data/CVE

Author: white
Date: 2009-12-04 09:06:35 +0000 (Fri, 04 Dec 2009)
New Revision: 13448

Modified:
   data/CVE/list
Log:
Some NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-12-04 02:29:41 UTC (rev 13447)
+++ data/CVE/list	2009-12-04 09:06:35 UTC (rev 13448)
@@ -1,13 +1,13 @@
 CVE-2009-4175 (CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows
remote ...)
-	TODO: check
+	NOT-FOR-US: CuteNews
 CVE-2009-4174 (The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews
...)
-	TODO: check
+	NOT-FOR-US: CuteNews
 CVE-2009-4173 (Cross-site request forgery (CSRF) vulnerability in CutePHP
CuteNews ...)
-	TODO: check
+	NOT-FOR-US: CuteNews
 CVE-2009-4172 (Cross-site scripting (XSS) vulnerability in index.php in CutePHP
...)
-	TODO: check
+	NOT-FOR-US: CuteNews
 CVE-2009-4171 (An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger
...)
-	TODO: check
+	NOT-FOR-US: ActiveX
 CVE-2009-4170 (WP-Cumulus Plug-in 1.20 for WordPress, and possibly other
versions, ...)
 	TODO: check
 CVE-2009-4169 (Cross-site scripting (XSS) vulnerability in wp-cumulus.php in
the ...)
@@ -35,21 +35,21 @@
 CVE-2009-4158 (SQL injection vulnerability in the Calendar Base (cal) extension
...)
 	TODO: check
 CVE-2009-4157 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2009-4156 (PHP remote file inclusion vulnerability in modules/pms/index.php
in ...)
-	TODO: check
+	NOT-FOR-US: Ciamos CMS
 CVE-2009-4155 (Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow
remote ...)
-	TODO: check
+	NOT-FOR-US: Eshopbuilde
 CVE-2009-4154 (Directory traversal vulnerability in
includes/feedcreator.class.php in ...)
-	TODO: check
+	NOT-FOR-US: Elxis CMS
 CVE-2009-4153 (Unspecified vulnerability in the XMLAccess component in IBM
WebSphere ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-4152 (Cross-site scripting (XSS) vulnerability in the Collaboration
...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2009-4151 (Session fixation vulnerability in
html/Elements/SetupSessionCookie in ...)
 	TODO: check
 CVE-2009-4150 (dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before
FP4, and ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2009-4149
 	RESERVED
 CVE-2009-4148