Author: jamie-guest Date: 2010-09-29 21:53:32 +0000 (Wed, 29 Sep 2010) New Revision: 15394 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-09-29 21:16:24 UTC (rev 15393) +++ data/CVE/list 2010-09-29 21:53:32 UTC (rev 15394) @@ -1,3 +1,7 @@ +CVE-2010-3688 + NOT-FOR-US: NetArtMEDIA WebSiteAdmin +CVE-2010-3684 + NOT-FOR-US: Synology Disk Station CVE-2010-3683 RESERVED CVE-2010-3682 @@ -189,21 +193,21 @@ - piwigo 2.1.2-2 NOTE: http://www.exploit-db.com/exploits/14973/ CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...) - TODO: check + NOT-FOR-US: wpQuiz CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt ...) - TODO: check + NOT-FOR-US: NetArt MEDIA Real Estate Portal CVE-2010-3606 (Multiple directory traversal vulnerabilities in AGENTS/index.php in ...) - TODO: check + NOT-FOR-US: NetArt MEDIA Real Estate Portal CVE-2010-3605 (Cross-site scripting (XSS) vulnerability in the powermail extension ...) TODO: check CVE-2010-3604 (SQL injection vulnerability in the powermail extension 1.5.3 and ...) TODO: check CVE-2010-3603 (Cross-site request forgery (CSRF) vulnerability in the file manager ...) - TODO: check + NOT-FOR-US: mojoPortal CVE-2010-3602 (Cross-site scripting (XSS) vulnerability in ProfileView.aspx in ...) - TODO: check + NOT-FOR-US: mojoPortal CVE-2010-3601 (SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows ...) - TODO: check + NOT-FOR-US: ibPhotohost CVE-2010-3499 RESERVED CVE-2010-3498 @@ -223,7 +227,7 @@ CVE-2010-3491 RESERVED CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the System ...) - TODO: check + NOT-FOR-US: System Recordings component in the configuration interface in FreePBX CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...) NOT-FOR-US: CMS Digital Workroom CVE-2010-3488 (Directory traversal vulnerability in QuickShare 1.0 allows remote ...) @@ -467,7 +471,7 @@ CVE-2010-3469 RESERVED CVE-2010-3468 - RESERVED + NOT-FOR-US: Mura CMS CVE-2009-5002 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...) NOT-FOR-US: IBM FileNet P8 Application Engine CVE-2009-5001 (The Workplace (aka WP) component in IBM FileNet P8 Application Engine ...) @@ -972,19 +976,19 @@ CVE-2010-3286 RESERVED CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...) - TODO: check + NOT-FOR-US: HP OpenView Network Node Manager CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH) ...) - TODO: check + NOT-FOR-US: HP System Management Homepage CVE-2010-3283 (Open redirect vulnerability in HP System Management Homepage (SMH) ...) - TODO: check + NOT-FOR-US: HP System Management Homepage CVE-2010-3282 RESERVED CVE-2010-3281 (Stack-based buffer overflow in the HTTP proxy service in ...) - TODO: check + NOT-FOR-US: Alcatel-Lucent OmniVista CVE-2010-3280 (The CCAgent option 9.0.8.4 and earlier in the management server (aka ...) - TODO: check + NOT-FOR-US: Alcatel-Lucent OmniTouch Contact Center CVE-2010-3279 (The default configuration of the CCAgent option before 9.0.8.4 in the ...) - TODO: check + NOT-FOR-US: Alcatel-Lucent OmniTouch Contact Center CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Alternative ...) - php-apc <unfixed> (unimportant) NOTE: vulnerable script is, mainly, for debugging purposes @@ -999,7 +1003,7 @@ CVE-2010-3278 (Multiple buffer overflows in the Novell Client novfs module for the ...) NOT-FOR-US: novfs kernel module (only included in SUSE it seems) CVE-2010-3277 (The installer in VMware Workstation 7.x before 7.1.2 build 301548 and ...) - TODO: check + NOT-FOR-US: VMware Workstation CVE-2010-3276 RESERVED CVE-2010-3275 @@ -1032,7 +1036,7 @@ CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before ...) NOT-FOR-US: flock CVE-2010-3261 (Directory traversal vulnerability in RSA Authentication Agent 7.0 ...) - TODO: check + NOT-FOR-US: RSA Authentication Agent 7.0 for Web CVE-2010-3260 RESERVED CVE-2010-3259 (Google Chrome before 6.0.472.53 does not properly restrict read access ...) @@ -3007,7 +3011,7 @@ CVE-2010-2531 (The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 ...) - php5 <unfixed> (low) CVE-2010-2530 - RESERVED + NOT-FOR-US: NetBSD CVE-2010-2529 (Unspecified vulnerability in ping.c in iputils 20020927, 20070202, ...) - iputils 3:20100418-2 [lenny] - iputils 3:20071127-1+lenny1 @@ -3210,7 +3214,7 @@ NOTE: address bar to be spoofed in either webkit or chrome NOTE: this will be address in iceweasel in cve-2010-1206 CVE-2010-2453 - RESERVED + NOT-FOR-US: Synology Disk Station CVE-2009-4909 (admin/index.php in oBlog allows remote attackers to conduct ...) NOT-FOR-US: oBlog CVE-2009-4908 (Multiple cross-site scripting (XSS) vulnerabilities in oBlog allow ...)