[Secure-testing-commits] r5359 - data/CVE

Alex de Oliveira Silva Sat, 27 Jan 2007 12:33:38 -0800

Author: enerv-guest
Date: 2007-01-27 21:33:33 +0100 (Sat, 27 Jan 2007)
New Revision: 5359


Modified:
   data/CVE/list
Log:
some NFUs.



Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-01-27 20:11:54 UTC (rev 5358)
+++ data/CVE/list       2007-01-27 20:33:33 UTC (rev 5359)
@@ -618,15 +618,15 @@
 CVE-2006-6939 (GNU ed before 0.3 allows local users to overwrite arbitrary 
files via ...)
        - ed 0.2-19
 CVE-2006-6938 (Directory traversal vulnerability in includes/common.php in 
NitroTech ...)
-       TODO: check
+       NOT-FOR-US: NitroTech CMS
 CVE-2006-6937 (SQL injection vulnerability in displaypic.asp in Xtreme ASP 
Photo ...)
        NOT-FOR-US: ASP Photo Gallery
 CVE-2006-6936 (Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo 
Gallery ...)
        NOT-FOR-US: ASP Photo Gallery
 CVE-2006-6935 (SQL injection vulnerability in the login component in 
Portix-PHP 0.4.2 ...)
-       TODO: check
+       NOT-FOR:US: Portix
 CVE-2006-6934 (Multiple cross-site scripting (XSS) vulnerabilities in 
Portix-PHP ...)
-       TODO: check
+       NOT-FOR-US: Portix
 CVE-2006-6933 (Easy Chat Server 2.1 stores sensitive information under the web 
root ...)
        NOT-FOR-US: Easy Chat Server
 CVE-2006-6932 (Multiple SQL injection vulnerabilities in Image Gallery with 
Access ...)
@@ -643,15 +643,15 @@
 CVE-2006-6927 (Multiple SQL injection vulnerabilities in Rialto 1.6 allow 
remote ...)
        NOT-FOR-US: Rialto
 CVE-2006-6926 (Buffer overflow in eXtremail 2.1 has unknown impact and attack 
...)
-       TODO: check
+       NOT-FOR-US: eXtremail
 CVE-2006-6925 (Multiple cross-site scripting (XSS) vulnerabilities in 
bitweaver 1.3.1 ...)
-       TODO: check
+       NOT-FOR-US: bitweaver
 CVE-2006-6924 (bitweaver 1.3.1 and earlier allows remote attackers to obtain 
...)
-       TODO: check
+       NOT-FOR-US: bitweaver
 CVE-2006-6923 (SQL injection vulnerability in newsletters/edition.php in 
bitweaver ...)
-       TODO: check
+       NOT-FOR-US: bitweaver
 CVE-2006-6922 (SQL injection vulnerability in Deadlock User Management System 
...)
-       TODO: check
+       NOT-FOR-US: Deadlock
 CVE-2006-6921 (Unspecified versions of the Linux kernel allows local users to 
cause a ...)
        - linux-2.6 <unfixed> (low)
 CVE-2005-4823 (Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the 
HP ...)
@@ -936,12 +936,12 @@
 CVE-2007-0097 (Multiple stack-based buffer overflows in the (1) LoadTree and 
(2) ...)
        NOT-FOR-US: ConeXware PowerArchive
 CVE-2007-0096 (CarbonCommunities stores sensitive information under the web 
root with ...)
-       TODO: check
+       NOT-FOR-US: Carbon Communities
 CVE-2007-0095 (phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive 
...)
        - phpmyadmin <unfixed> (bug #399329; unimportant)
        NOTE: Only path disclosure
 CVE-2007-0094 (Sven Moderow GuestBook 0.3a stores sensitive information under 
the web ...)
-       TODO: check
+       NOT-FOR-US: Sven Moderow GuestBook
 CVE-2007-0093 (SQL injection vulnerability in page.php in Simple Web Content 
...)
        TODO: check
 CVE-2007-0092 (SQL injection vulnerability in productdetail.asp in E-SMARTCART 
1.0 ...)
@@ -1011,11 +1011,11 @@
 CVE-2007-0060
        RESERVED
 CVE-2007-0059 (Cross-zone scripting vulnerability in Apple Quicktime 3 to 
7.1.3 ...)
-       TODO: check
+       NOT-FOR-US: Apple Quicktime
 CVE-2007-0058 (Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 
3.6.1.1 ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2007-0057 (Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x 
through ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2007-0056 (Multiple cross-site scripting (XSS) vulnerabilities in AShop 
Deluxe ...)
        TODO: check
 CVE-2007-0055 (Directory traversal vulnerability in 
formbankcgi.exe/AbfrageForm in ...)
@@ -1027,7 +1027,7 @@
 CVE-2007-0052 (SQL injection vulnerability in haberdetay.asp in Vizayn Haber 
allows ...)
        TODO: check
 CVE-2007-0051 (Format string vulnerability in Apple iPhoto 6.0.5 (316), and 
possibly ...)
-       TODO: check
+       NOT-FOR-US: Apple iPhoto
 CVE-2006-6910 (formbankcgi.exe in Fersch Formbankserver 1.9, when the 
PATH_INFO ...)
        TODO: check
 CVE-2006-6909 (Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse 
(aka ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r5359 - data/CVE

Reply via email to