Secure testing commits - Mar 2010 - r14285 - data/CVE

Author: nion
Date: 2010-03-17 15:19:00 +0000 (Wed, 17 Mar 2010)
New Revision: 14285

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-03-17 14:56:45 UTC (rev 14284)
+++ data/CVE/list	2010-03-17 15:19:00 UTC (rev 14285)
@@ -1,48 +1,45 @@
-CVE-2010-XXXX [ikiwiki htmlscrubber XSS via svg images]
-	- ikiwiki 3.20100312 (low)
-	NOTE: CVE id requested on oss-sec
 CVE-2009-4718 (SQL injection vulnerability in visitorduration.php in Gonafish
...)
-	TODO: check
+	NOT-FOR-US: Gonafish WebStatCaffe
 CVE-2009-4717 (Multiple cross-site scripting (XSS) vulnerabilities in Gonafish
...)
-	TODO: check
+	NOT-FOR-US: Gonafish WebStatCaffe
 CVE-2009-4716 (Cross-site scripting (XSS) vulnerability in results.php in
EDGEPHP ...)
-	TODO: check
+	NOT-FOR-US: EDGEPHP EZWebSearch
 CVE-2009-4715 (Cross-site scripting (XSS) vulnerability in rates.php in Real
Time ...)
-	TODO: check
+	NOT-FOR-US: Real Time Currency Exchange
 CVE-2009-4714 (Cross-site scripting (XSS) vulnerability in the quiz module for
XOOPS ...)
-	TODO: check
+	NOT-FOR-US: XOOPS Celepar
 CVE-2009-4713 (Multiple cross-site scripting (XSS) vulnerabilities in the Qas
(aka ...)
-	TODO: check
+	NOT-FOR-US: XOOPS Celepar
 CVE-2009-4712 (SQL injection vulnerability in index.php in Tukanas Classifieds
(aka ...)
-	TODO: check
+	NOT-FOR-US: EasyClassifieds
 CVE-2009-4711 (SQL injection vulnerability in the CoolURI (cooluri) extension
before ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4710 (SQL injection vulnerability in the Reset backend password ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4709 (SQL injection vulnerability in the datamints Newsticker ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4708 (SQL injection vulnerability in the [Gobernalia] Front End News
...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4707 (Cross-site scripting (XSS) vulnerability in the [Gobernalia]
Front End ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4706 (Cross-site scripting (XSS) vulnerability in the Mailform
(mailform) ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4705 (Cross-site scripting (XSS) vulnerability in the Twitter Search
...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4704 (Unspecified vulnerability in the Webesse E-Card (ws_ecard)
extension ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4703 (SQL injection vulnerability in the Webesse Image Gallery
(ws_gallery) ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4702 (SQL injection vulnerability in the Tour Extension (pm_tour)
extension ...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4701 (SQL injection vulnerability in the Myth download (myth_download)
...)
-	TODO: check
+	NOT-FOR-US: typo3 third-party extension
 CVE-2009-4700 (Directory traversal vulnerability in index.php in SkaDate Dating
...)
-	TODO: check
+	NOT-FOR-US: SkaDate Dating
 CVE-2009-4699 (Multiple cross-site scripting (XSS) vulnerabilities in SkaDate
Dating ...)
-	TODO: check
+	NOT-FOR-US: SkaDate Dating
 CVE-2009-4698 (Multiple SQL injection vulnerabilities in the Qas (aka Quas)
module ...)
-	TODO: check
+	NOT-FOR-US: XOOPS Celepar
 CVE-2010-0969 [unbound DoS on 64 bit platforms]
 	- unbound 1.4.3-1
 	[lenny] - unbound <not-affected> (Vulnerable code not present)