Author: jamie-guest Date: 2010-02-26 23:57:03 +0000 (Fri, 26 Feb 2010) New Revision: 14158 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-02-26 21:08:49 UTC (rev 14157) +++ data/CVE/list 2010-02-26 23:57:03 UTC (rev 14158) @@ -1,35 +1,81 @@ +CVE-2010-0725 + NOT-FOR-US: Arab Cart +CVE-2010-0724 + NOT-FOR-US: Arab Cart +CVE-2010-0723 + NOT-FOR-US: Ero Auktion +CVE-2010-0722 + NOT-FOR-US: Php Auktion Pro +CVE-2010-0721 + NOT-FOR-US: Auktionshaus Gelb +CVE-2010-0720 + NOT-FOR-US: Erotik Auktionshaus +CVE-2010-0719 + NOT-FOR-US: Microsoft +CVE-2010-0718 + NOT-FOR-US: Microsoft +CVE-2010-0716 + NOT-FOR-US: Microsoft +CVE-2010-0715 + NOT-FOR-US: IBM WebSphere Portal +CVE-2010-0714 + NOT-FOR-US: IBM WebSphere Portal +CVE-2010-0713 + NOT-FOR-US: Zenoss +CVE-2010-0712 + NOT-FOR-US: Zenoss +CVE-2010-0711 + NOT-FOR-US: ASPCode CMS +CVE-2010-0710 + NOT-FOR-US: ASPCode CMS +CVE-2010-0709 + NOT-FOR-US: Limny +CVE-2010-0708 + NOT-FOR-US: Sun Directory Server Enterprise Edition +CVE-2010-0707 + NOT-FOR-US: Employee Timeclock Software +CVE-2010-0706 + NOT-FOR-US: Subex Nikira Fraud Management System +CVE-2010-0705 + NOT-FOR-US: Windows 2000 +CVE-2009-4655 + NOT-FOR-US: Novell eDirectory +CVE-2009-4654 + NOT-FOR-US: Novell eDirectory +CVE-2009-4653 + NOT-FOR-US: Novell eDirectory CVE-2010-0704 (Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM ...) - TODO: check + NOT-FOR-US: IBM WebSphere Portal CVE-2010-0703 (Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL ...) - TODO: check + NOT-FOR-US: PortWise SSL VPN CVE-2010-0702 (SQL injection vulnerability in cisco/services/PhonecDirectory.php in ...) - TODO: check + NOT-FOR-US: Fonality Trixbox CVE-2010-0701 (SQL injection vulnerability in ForceChangePassword.jsp in Newgen ...) - TODO: check + NOT-FOR-US: Newgen Software OmniDocs CVE-2010-0700 (Cross-site scripting (XSS) vulnerability in index.php in WampServer ...) - TODO: check + NOT-FOR-US: WampServer CVE-2010-0699 (Cross-site scripting (XSS) vulnerability in index.php in ...) - TODO: check + NOT-FOR-US: VideoSearchScript Pro CVE-2010-0698 (SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC ...) - TODO: check + NOT-FOR-US: Dynamicsoft WSC CMS CVE-2010-0697 (Cross-site scripting (XSS) vulnerability in the iTweak Upload module ...) - TODO: check + NOT-FOR-US: iTweak Upload module for Drupal CVE-2010-0696 (Directory traversal vulnerability in includes/download.php in the ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2010-0695 (Cross-site scripting (XSS) vulnerability in pages/index.php in ...) - TODO: check + NOT-FOR-US: BASIC-CMS CVE-2010-0694 (SQL injection vulnerability in the PerchaGallery (com_perchagallery) ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2010-0693 (SQL injection vulnerability in products.php in CommodityRentals Trade ...) - TODO: check + NOT-FOR-US: CommodityRentals Trade Manager Script CVE-2010-0692 (SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2010-0691 (SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows ...) - TODO: check + NOT-FOR-US: JTL-Shop CVE-2010-0690 (SQL injection vulnerability in index.php in CommodityRentals Video ...) - TODO: check + NOT-FOR-US: CommodityRentals Video Games Rentals CVE-2010-0689 - RESERVED + NOT-FOR-US: ActiveX CVE-2010-0688 RESERVED CVE-2010-0687 @@ -41,35 +87,35 @@ CVE-2010-0684 RESERVED CVE-2010-0683 - RESERVED + NOT-FOR-US: TIBCO Administrator CVE-2010-0682 (WordPress 2.9 before 2.9.2 allows remote authenticated users to read ...) TODO: check CVE-2010-XXXX [multiple typo issues] - typo3-src <unfixed> (bug #571151) CVE-2010-0681 (ZeusCMS 0.2 stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: ZeusCMS CVE-2010-0680 (Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows ...) - TODO: check + NOT-FOR-US: ZeusCMS CVE-2010-0679 (Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ...) - TODO: check + NOT-FOR-US: ActiveX CVE-2010-0678 (PHP remote file inclusion vulnerability in includes/moderation.php in ...) - TODO: check + NOT-FOR-US: Katalog Stron Hurricane CVE-2010-0677 (SQL injection vulnerability in index.php in Katalog Stron Hurricane ...) - TODO: check + NOT-FOR-US: Katalog Stron Hurricane CVE-2010-0676 (Directory traversal vulnerability in index.php in the RWCards ...) - TODO: check + NOT-FOR-US: RWCards component for Joomla! CVE-2010-0675 (Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik ...) - TODO: check + NOT-FOR-US: BGSvetionik BGS CMS CVE-2010-0674 (StatCounteX 3.1 stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: StatCounteX CVE-2010-0673 (SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog ...) - TODO: check + NOT-FOR-US: Copperleaf Photolog plugin for WordPress CVE-2010-0672 (SQL injection vulnerability in index.php in WSN Guest 1.02 allows ...) - TODO: check + NOT-FOR-US: WSN Guest CVE-2010-0671 (SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS ...) - TODO: check + NOT-FOR-US: KR MEDIA Pogodny CMS CVE-2010-0670 (Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) ...) - TODO: check + NOT-FOR-US: IP-Tech JQuarks (com_jquarks) Component CVE-2010-0669 RESERVED CVE-2010-0668 @@ -81,11 +127,11 @@ CVE-2010-0665 (JAG (Just Another Guestbook) 1.14 stores sensitive information under ...) NOT-FOR-US: JAG CVE-2009-4651 (Multiple cross-site scripting (XSS) vulnerabilities in the Webee ...) - TODO: check + NOT-FOR-US: Webee Comments component for Joomla! CVE-2009-4650 (SQL injection vulnerability in the Webee Comments (com_webeecomment) ...) - TODO: check + NOT-FOR-US: Webee Comments component for Joomla! CVE-2009-4649 (Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 ...) - TODO: check + NOT-FOR-US: geccBBlite CVE-2009-4648 (Accellion Secure File Transfer Appliance before 8_0_105 does not ...) NOT-FOR-US: Accellion Secure File Transfer Appliance CVE-2009-4647 (Cross-site scripting (XSS) vulnerability in Accellion Secure File ...) @@ -176,7 +222,7 @@ CVE-2010-0641 (Cross-site scripting (XSS) vulnerability in ...) NOT-FOR-US: Cisco Collaboration Server CVE-2010-0640 (Cross-site scripting (XSS) vulnerability in CA eHealth Performance ...) - TODO: check + NOT-FOR-US: CA eHealth Performance Manager CVE-2010-0639 (The htcpHandleTstRequest function in htcp.c in Squid 2.x and 3.0 ...) TODO: check CVE-2010-0638 (Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 ...) @@ -246,7 +292,7 @@ CVE-2010-0621 RESERVED CVE-2010-0620 (Directory traversal vulnerability in the SSL Service in EMC HomeBase ...) - TODO: check + NOT-FOR-US: EMC HomeBase Server CVE-2010-0619 RESERVED CVE-2010-0618 @@ -1514,7 +1560,7 @@ CVE-2010-0190 RESERVED CVE-2010-0189 (Unspecified vulnerability in Adobe Download Manager allows remote ...) - TODO: check + NOT-FOR-US: Adobe Download Manager CVE-2010-0188 (Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 ...) NOT-FOR-US: Adobe Reader CVE-2010-0187 (Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 ...) @@ -1609,11 +1655,11 @@ CVE-2010-0149 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...) NOT-FOR-US: Cisco CVE-2010-0148 (Unspecified vulnerability in Cisco Security Agent 5.2 before ...) - TODO: check + NOT-FOR-US: Cisco Security Agent CVE-2010-0147 (SQL injection vulnerability in the Management Center for Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2010-0146 (Directory traversal vulnerability in the Management Center for Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2010-0145 (Unspecified vulnerability in the embedded HTTPS server on the Cisco ...) NOT-FOR-US: Cisco IronPort Encryption Appliance CVE-2010-0144 (Unspecified vulnerability in the WebSafe DistributorServlet in the ...) @@ -1668,9 +1714,9 @@ CVE-2010-0120 RESERVED CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, ...) - TODO: check + NOT-FOR-US: Bournal CVE-2010-0118 (Bournal before 1.4.1 allows local users to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: Bournal CVE-2010-0117 RESERVED CVE-2010-0116 @@ -1784,7 +1830,7 @@ CVE-2010-0108 (Buffer overflow in the cliproxy.objects.1 ActiveX control in the ...) NOT-FOR-US: Symantec AntiVirus CVE-2010-0107 (Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 ...) - TODO: check + NOT-FOR-US: Symantec CVE-2010-0106 (The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before ...) NOT-FOR-US: Symantec AntiVirus CVE-2010-0105 @@ -6450,7 +6496,7 @@ CVE-2008-7132 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan ...) NOT-FOR-US: Nuked-Klan CVE-2009-3036 (Cross-site scripting (XSS) vulnerability in the console in Symantec IM ...) - TODO: check + NOT-FOR-US: Symantec IM Manager CVE-2009-3035 (The web console in Symantec Altiris Notification Server 6.0.x before ...) NOT-FOR-US: Symantec Altiris Notification Server CVE-2009-3034