Author: derevko-guest Date: 2010-01-17 16:30:22 +0000 (Sun, 17 Jan 2010) New Revision: 13847 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-17 13:56:36 UTC (rev 13846) +++ data/CVE/list 2010-01-17 16:30:22 UTC (rev 13847) @@ -31,75 +31,75 @@ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616 TODO: file bug, check affected versions CVE-2010-0350 (Directory traversal vulnerability in the Photo Book (goof_fotoboek) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0349 (Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 ...) - TODO: check + NOT-FOR-US: WebCalenderC3 CVE-2010-0348 (Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and ...) - TODO: check + NOT-FOR-US: WebCalenderC3 CVE-2010-0347 (Cross-site scripting (XSS) vulnerability in the VD / Geomap ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0346 (Cross-site scripting (XSS) vulnerability in the Tip many friends ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0345 (Cross-site scripting (XSS) vulnerability in the Majordomo extension ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0344 (SQL injection vulnerability in the zak_store_management extension ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0343 (SQL injection vulnerability in the Clan Users List (pb_clanlist) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0342 (SQL injection vulnerability in the Reports for Job (job_reports) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0341 (SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0340 (SQL injection vulnerability in the MJS Event Pro (mjseventpro) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0339 (SQL injection vulnerability in the User Links (vm19_userlinks) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0338 (SQL injection vulnerability in the TT_Products editor (ttpedit) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0337 (SQL injection vulnerability in the tt_news Mail alert ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0336 (Unspecified vulnerability in the kiddog_mysqldumper ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0335 (Cross-site scripting (XSS) vulnerability in the Vote rank for news ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0334 (SQL injection vulnerability in the Vote rank for news ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0333 (SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0332 (SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0331 (Cross-site scripting (XSS) vulnerability in the TV21 Talkshow ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0330 (SQL injection vulnerability in the Googlemaps for tt_news ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0329 (SQL injection vulnerability in the powermail extension 1.5.1 and ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0328 (Cross-site scripting (XSS) vulnerability in the Unit Converter ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0327 (Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0326 (Cross-site scripting (XSS) vulnerability in the Developer log (devlog) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0325 (Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0324 (SQL injection vulnerability in the Customer Reference List (ref_list) ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0323 (Unspecified vulnerability in the Photo Book (goof_fotoboek) extension ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0322 (SQL injection vulnerability in the init function in MK-AnydropdownMenu ...) - TODO: check + NOT-FOR-US: TYPO3 third party extensions CVE-2010-0321 (Cross-site scripting (XSS) vulnerability in jobs/index.php in Jamit ...) - TODO: check + NOT-FOR-US: Jamit Job Board 3.0 CVE-2010-0320 (Cross-site scripting (XSS) vulnerability in submitlink.php in Glitter ...) - TODO: check + NOT-FOR-US: Glitter Central Script CVE-2010-0319 (Cross-site scripting (XSS) vulnerability in index.php in Docmint 1.0 ...) - TODO: check + NOT-FOR-US: Docmint CVE-2010-0318 (The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, ...) TODO: check CVE-2010-0317 (Novell Netware 6.5 SP8 allows remote attackers to cause a denial of ...) TODO: check CVE-2010-0316 (Integer overflow in Google SketchUp before 7.1 M2 allows remote ...) - TODO: check + NOT-FOR-US: Google SketchUp CVE-2010-0315 (Google Chrome allows remote attackers to discover a redirect''s target ...) TODO: check CVE-2010-0314 (Apple Safari allows remote attackers to discover a redirect''s target ...) @@ -107,13 +107,13 @@ CVE-2010-0313 (The core_get_proxyauth_dn function in ns-slapd in Sun Java System ...) TODO: check CVE-2010-0312 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server ...) - TODO: check + NOT-FOR-US: IBM Tivoli Directory Server CVE-2010-0311 (Unspecified vulnerability in Sun Java System Identity Manager (aka ...) - TODO: check + NOT-FOR-US: Sun Java System Identity Manager CVE-2010-0310 (Trusted Extensions in Sun Solaris 10 allows local users to gain ...) - TODO: check + NOT-FOR-US: Trusted Extensions in Sun Solaris 10 CVE-2009-4613 (SQL injection vulnerability in realestate20/loginaction.php in NetArt ...) - TODO: check + NOT-FOR-US: NetArt Media Real Estate Portal CVE-2010-XXXX [zend framework multiple issues] - zendframework 1.9.7-1 NOTE: http://framework.zend.com/security/advisory/ZF2010-01 - ZF2010-06 @@ -287,7 +287,7 @@ CVE-2010-0250 RESERVED CVE-2010-0249 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2010-0248 RESERVED CVE-2010-0247 @@ -445,7 +445,7 @@ CVE-2010-0185 RESERVED CVE-2010-0184 (The (1) domainutility and (2) domainutilitycmd components in TIBCO ...) - TODO: check + NOT-FOR-US: TIBCO Domain Utility in TIBCO Runtime Agent CVE-2010-0183 RESERVED CVE-2010-0182 @@ -1396,7 +1396,7 @@ - eglibc 2.10.2-4 (medium; bug #560333) - glibc <removed> (medium) CVE-2010-0014 (System Security Services Daemon (SSSD) before 1.0.1, when the krb5 ...) - TODO: check + NOT-FOR-US: sssd CVE-2010-0013 (Directory traversal vulnerability in slp.c in the MSN protocol plugin ...) - pidgin 2.6.5-1 (medium; bug #563206) [lenny] - pidgin <not-affected> (vulnerable code not present) @@ -1805,7 +1805,7 @@ CVE-2009-4183 RESERVED CVE-2009-4182 (Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a ...) - TODO: check + NOT-FOR-US: HP Web Jetadmin CVE-2009-4181 (Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network ...) NOT-FOR-US: HP OpenView Network Node Manager CVE-2009-4180 (Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network ...) @@ -2417,7 +2417,7 @@ CVE-2009-3953 (The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and ...) NOT-FOR-US: Adobe Reader and Acrobat 8.0 CVE-2009-3952 (Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and ...) - TODO: check + NOT-FOR-US: Adobe Illustrator CVE-2009-3951 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...) NOT-FOR-US: ActiveX CVE-2009-3950 (Multiple cross-site scripting (XSS) vulnerabilities in Bractus ...) @@ -2943,7 +2943,7 @@ CVE-2009-3743 RESERVED CVE-2009-3742 (Cross-site scripting (XSS) vulnerability in Liferay Portal before ...) - TODO: check + NOT-FOR-US: Liferay Portal CVE-2009-3741 RESERVED CVE-2009-3740 @@ -4008,19 +4008,19 @@ CVE-2009-3417 (SQL injection vulnerability in the IDoBlog (com_idoblog) component 1.1 ...) NOT-FOR-US: IDoBlog component Joomla CVE-2009-3416 (Unspecified vulnerability in the Oracle Application Object Library ...) - TODO: check + NOT-FOR-US: Oracle E-Business Suite CVE-2009-3415 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database CVE-2009-3414 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database CVE-2009-3413 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database CVE-2009-3412 (Unspecified vulnerability in the Unzip component in Oracle Database ...) - TODO: check + NOT-FOR-US: Oracle Database and Oracle Application Server CVE-2009-3411 (Unspecified vulnerability in the Oracle Data Pump component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database CVE-2009-3410 (Unspecified vulnerability in the RDBMS component in Oracle Database ...) - TODO: check + NOT-FOR-US: Oracle Database CVE-2009-3409 (Unspecified vulnerability in the PeopleSoft Enterprise HCM (TAM) ...) NOT-FOR-US: Oracle PeopleSoft Enterprise CVE-2009-3408 (Unspecified vulnerability in the Oracle Application Object Library ...) @@ -8662,7 +8662,7 @@ CVE-2009-1997 (Unspecified vulnerability in the Authentication component in Oracle ...) NOT-FOR-US: Oracle Database CVE-2009-1996 (Unspecified vulnerability in the Logical Standby component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle Database CVE-2009-1995 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...) NOT-FOR-US: Oracle Database CVE-2009-1994 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)