thr3ads.net - Secure testing commits - [Secure-testing-commits] r17416

If this information is useful, please help other people find it:
Share via:
Moritz Muehlenhoff
2011-Oct-13 15:20 UTC
[Secure-testing-commits] r17416 - data/CVE

Author: jmm
Date: 2011-10-13 15:20:17 +0000 (Thu, 13 Oct 2011)
New Revision: 17416

Modified:
   data/CVE/list
Log:
- plone not-affected
- libdata-formvalidator-perl no-dsa
- NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-10-13 14:55:07 UTC (rev 17415)
+++ data/CVE/list	2011-10-13 15:20:17 UTC (rev 17416)
@@ -16,7 +16,7 @@
 CVE-2011-4031
 	RESERVED
 CVE-2011-4030 (The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1,
and ...)
-	TODO: check
+	- plone3 <not-affected> (Only affects Plone 4.x)
 CVE-2011-4029
 	RESERVED
 CVE-2011-4028
@@ -26,85 +26,85 @@
 CVE-2011-4026
 	RESERVED
 CVE-2010-4963 (SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8
allows ...)
-	TODO: check
+	NOT-FOR-US: Hulihan BXR
 CVE-2010-4962 (Unspecified vulnerability in the Webkit PDFs (webkitpdf)
extension ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2010-4961 (SQL injection vulnerability in the Webkit PDFs (webkitpdf)
extension ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2010-4960 (Cross-site scripting (XSS) vulnerability in the Branchenbuch
(aka ...)
-	TODO: check
+	NOT-FOR-US: Branchenbuch
 CVE-2010-4959 (SQL injection vulnerability in the login feature in Pre Projects
Pre ...)
-	TODO: check
+	NOT-FOR-US: Pre Projects Pre Podcast Portal 
 CVE-2010-4958 (SQL injection vulnerability in index.php in Prado Portal 1.2.0
allows ...)
-	TODO: check
+	NOT-FOR-US: Prado Portal
 CVE-2010-4957 (SQL injection vulnerability in the Questionnaire
(ke_questionnaire) ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2010-4956 (Cross-site scripting (XSS) vulnerability in the Questionnaire
...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2010-4955 (SQL injection vulnerability in board/board.php in APBoard
Developers ...)
-	TODO: check
+	NOT-FOR-US: APBoard Developers APBoard
 CVE-2010-4954 (SQL injection vulnerability in product_reviews_info.php in
xt:Commerce ...)
-	TODO: check
+	NOT-FOR-US: xt:Commerce Gambio
 CVE-2010-4953 (Unspecified vulnerability in the JW Calendar (jw_calendar)
extension ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2010-4952 (SQL injection vulnerability in the FE user statistic (festat)
...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2010-4951 (Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox
...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2010-4950 (SQL injection vulnerability in the Event (event) extension
before ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2010-4949 (Cross-site scripting (XSS) vulnerability in the (1) FreiChat
component ...)
-	TODO: check
+	NOT-FOR-US: Joomla extension
 CVE-2010-4948 (PHP remote file inclusion vulnerability in
libs/adodb/adodb.inc.php in ...)
-	TODO: check
+	NOT-FOR-US: PHP Free Photo Gallery
 CVE-2010-4947 (Cross-site scripting (XSS) vulnerability in
advanced_search_result.php ...)
-	TODO: check
+	NOT-FOR-US: ALLPC 
 CVE-2010-4946 (SQL injection vulnerability in product_info.php in ALLPC 2.5
allows ...)
-	TODO: check
+	NOT-FOR-US: ALLPC 
 CVE-2010-4945 (SQL injection vulnerability in the CamelcityDB
(com_camelcitydb2) ...)
-	TODO: check
+	NOT-FOR-US: CamelcityDB
 CVE-2010-4944 (SQL injection vulnerability in the Elite Experts
(com_elite_experts) ...)
-	TODO: check
+	NOT-FOR-US: Joomla extension
 CVE-2010-4943 (Multiple PHP remote file inclusion vulnerabilities in Saurus CMS
4.7.0 ...)
-	TODO: check
+	NOT-FOR-US: Saurus CMS
 CVE-2010-4942 (SQL injection vulnerability in location.php in the eCal module
in ...)
-	TODO: check
+	NOT-FOR-US: E-Xoopport Samsara 
 CVE-2010-4941 (SQL injection vulnerability in the Teams (com_teams) component
...)
-	TODO: check
+	NOT-FOR-US: Joomla extension
 CVE-2010-4940 (SQL injection vulnerability in index.php in WAnewsletter 2.1.2
allows ...)
-	TODO: check
+	NOT-FOR-US: WAnewsletter
 CVE-2010-4939 (PHP remote file inclusion vulnerability in index.php in MailForm
1.2 ...)
-	TODO: check
+	NOT-FOR-US: MailForm
 CVE-2010-4938 (SQL injection vulnerability in the Weblinks (com_weblinks)
component ...)
-	TODO: check
+	NOT-FOR-US: Joomla extension
 CVE-2010-4937 (Multiple SQL injection vulnerabilities in the Amblog
(com_amblog) ...)
-	TODO: check
+	NOT-FOR-US: Amblog
 CVE-2010-4936 (SQL injection vulnerability in the Slide Show (com_slideshow)
...)
-	TODO: check
+	NOT-FOR-US: Slide Show extension for Joomla
 CVE-2010-4935 (SQL injection vulnerability in poll.php in Entrans 0.3.2 and
earlier ...)
-	TODO: check
+	NOT-FOR-US: Entrans
 CVE-2010-4934 (SQL injection vulnerability in video.php in Get Tube 4.51 and
earlier ...)
-	TODO: check
+	NOT-FOR-US: Get Tube
 CVE-2010-4933 (SQL injection vulnerability in filemgmt/singlefile.php in
Geeklog ...)
-	TODO: check
+	NOT-FOR-US: Geeklog
 CVE-2010-4932 (Cross-site scripting (XSS) vulnerability in search.php in
Entrans ...)
-	TODO: check
+	NOT-FOR-US: Entrans
 CVE-2010-4931 (** DISPUTED ** Directory traversal vulnerability in maincore.php
in ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2010-4930 (Cross-site scripting (XSS) vulnerability in index.php in @mail
Webmail ...)
-	TODO: check
+	NOT-FOR-US: @mail Webmail
 CVE-2010-4929 (SQL injection vulnerability in the Joostina (com_ezautos)
component ...)
-	TODO: check
+	NOT-FOR-US: Joomla extension
 CVE-2010-4928 (Cross-site scripting (XSS) vulnerability in the Restaurant Guide
...)
-	TODO: check
+	NOT-FOR-US: Joomla extension
 CVE-2010-4927 (SQL injection vulnerability in the Restaurant Guide ...)
-	TODO: check
+	NOT-FOR-US: Joomla extension
 CVE-2010-4926 (SQL injection vulnerability in the TimeTrack (com_timetrack)
component ...)
-	TODO: check
+	NOT-FOR-US: Joomla extension
 CVE-2010-4925 (SQL injection vulnerability in clic.php in the Partenaires
module 1.5 ...)
-	TODO: check
+	NOT-FOR-US: Nuked Klan
 CVE-2010-4924 (** DISPUTED ** PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: clearBudget
 CVE-2010-4923 (SQL injection vulnerability in book/detail.php in Virtue Netz
Virtue ...)
 	TODO: check
 CVE-2010-4922 (SQL injection vulnerability in contentAE.asp in Allinta CMS
22.07.2010 ...)
@@ -4928,7 +4928,9 @@
 	[squeeze] - tomcat6 <no-dsa> (Minor issue)
 	- tomcat7 7.0.16-3 (low; bug #632882)
 CVE-2011-2201 (The Data::FormValidator module 4.66 and earlier for Perl, when
...)
-	- libdata-formvalidator-perl <undetermined>
+	- libdata-formvalidator-perl 4.66-3 (low; bug #629511)
+	[lenny] - libdata-formvalidator-perl <no-dsa> (Minor issue)
+	[squeeze] - libdata-formvalidator-perl <no-dsa> (Minor issue)
 CVE-2011-2200 (The _dbus_header_byteswap function in dbus-marshal-header.c in
D-Bus ...)
 	- dbus 1.4.12-1 (low; bug #629938)
 	[squeeze] - dbus 1.2.24-4+squeeze1
Secure testing commits - Oct 2011 - r17416 - data/CVE

[Secure-testing-commits] r17416 - data/CVE
