Author: gilbert-guest Date: 2010-03-18 02:35:58 +0000 (Thu, 18 Mar 2010) New Revision: 14289 Modified: data/CVE/list Log: NFUs; new barnowl issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-03-18 02:10:51 UTC (rev 14288) +++ data/CVE/list 2010-03-18 02:35:58 UTC (rev 14289) @@ -1,47 +1,47 @@ CVE-2010-0985 (Directory traversal vulnerability in the Abbreviations Manager ...) - TODO: check + NOT-FOR-US: com_abbrev component for Joomla! CVE-2010-0984 (Acidcat CMS 3.5.3 and earlier stores sensitive information under the ...) - TODO: check + NOT-FOR-US: Acidcat CMS CVE-2010-0983 (PHP remote file inclusion vulnerability in include/mail.inc.php in ...) - TODO: check + NOT-FOR-US: Rezervi CVE-2010-0982 (Directory traversal vulnerability in the CARTwebERP (com_cartweberp) ...) - TODO: check + NOT-FOR-US: com_cartweberp component for Joomla! CVE-2010-0981 (SQL injection vulnerability in the TPJobs (com_tpjobs) component for ...) - TODO: check + NOT-FOR-US: com_tpjobs component for Joomla! CVE-2010-0980 (SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats ...) - TODO: check + NOT-FOR-US: Left 4 Dead Stats CVE-2010-0979 (Cross-site scripting (XSS) vulnerability in display.php in ...) - TODO: check + NOT-FOR-US: Obsession-Design Image-Gallery CVE-2010-0978 (KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under ...) - TODO: check + NOT-FOR-US: KMSoft Guestbook CVE-2010-0977 (PD PORTAL 4.0 stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: PD PORTAL CVE-2010-0976 (Acidcat CMS 3.5.x does not prevent access to install.asp after ...) - TODO: check + NOT-FOR-US: Acidcat CMS CVE-2010-0975 (PHP remote file inclusion vulnerability in external.php in ...) - TODO: check + NOT-FOR-US: PHPCityPortal CVE-2010-0974 (Multiple SQL injection vulnerabilities in PHPCityPortal allow remote ...) - TODO: check + NOT-FOR-US: PHPCityPortal CVE-2010-0973 (SQL injection vulnerability in index.php in phppool media Domain ...) - TODO: check + NOT-FOR-US: phppool Media Domain Verkaus and Auktions Portal CVE-2010-0972 (Directory traversal vulnerability in the GCalendar (com_gcalendar) ...) - TODO: check + NOT-FOR-US: com_gcalendar component for Joomla! CVE-2010-0971 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 ...) - TODO: check + NOT-FOR-US: ATutor CMS CVE-2010-0970 (SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows ...) - TODO: check + NOT-FOR-US: PhpMyLogon CVE-2010-0968 (SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 ...) - TODO: check + NOT-FOR-US: Geekhelps ADMP CVE-2010-0967 (Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, ...) - TODO: check + NOT-FOR-US: Geekhelps ADMP CVE-2010-0966 (PHP remote file inclusion vulnerability in inc/config.php in deV!L`z ...) - TODO: check + NOT-FOR-US: deV!L`z Clanportal CVE-2010-0965 (Jevci Siparis Formu Scripti stores sensitive information under the web ...) - TODO: check + NOT-FOR-US: Jevci Siparis Formu Scripti CVE-2010-0964 (SQL injection vulnerability in start.php in Eros Webkatalog allows ...) - TODO: check + NOT-FOR-US: Eros Webkatalog CVE-2010-0963 (Cross-site scripting (XSS) vulnerability in index.php in dl Download ...) - TODO: check + NOT-FOR-US: dl Download Ticket Service CVE-2007-6733 (The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does ...) TODO: check CVE-2010-XXXX [ikiwiki htmlscrubber XSS via svg images] @@ -593,7 +593,7 @@ CVE-2010-0794 RESERVED CVE-2010-0793 (Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to ...) - TODO: check + - barnowl <undetermined> (bug #574418) CVE-2010-0792 (fcrontab in fcron before 3.0.5 allows local users to read arbitrary ...) - fcron <unfixed> (low; bug #572587) [lenny] - fcron <no-dsa> (Minor issue)