NFU, bug numbers

svn path=/; revision=2159
author: Stefan Behte <craig@gentoo.org> 2010-10-01 20:29:21 +0000
committer: Stefan Behte <craig@gentoo.org> 2010-10-01 20:29:21 +0000
commit: 15c623060a363150f7a14fe4d8485c752ecea403 (patch)
tree: 04331d4a35781d383941ae125f18f74033547d0b
parent: MITRE sync (diff)
download: security-15c623060a363150f7a14fe4d8485c752ecea403.tar.gz
security-15c623060a363150f7a14fe4d8485c752ecea403.tar.bz2
security-15c623060a363150f7a14fe4d8485c752ecea403.zip
1 files changed, 33 insertions, 33 deletions
diff --git a/data/CVE/list b/data/CVE/list
index e61bfd9..4f31197 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -86460,7 +86460,7 @@ CVE-2010-0403 (Directory traversal vulnerability in about.php in phpGroupWare (p
 CVE-2010-0404 (Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before ...)
 	BUG: 320957
 CVE-2010-0405 (Integer overflow in the BZ2_decompress function in decompress.c in ...)
-	TODO: check
+	BUG: 338215
 CVE-2010-0406 (OpenTTD before 1.0.1 allows remote attackers to cause a denial of ...)
 	BUG: 320955
 CVE-2010-0407 (Multiple buffer overflows in the MSGFunctionDemarshall function in ...)
@@ -88653,7 +88653,7 @@ CVE-2010-1500 (Google Chrome before 4.1.249.1059 does not properly support forms
 	TODO: check
 CVE-2010-1501
 	REJECTED
-	TODO: check
+	NOT-FOR-US: this
 CVE-2010-1502 (Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows ...)
 	TODO: check
 CVE-2010-1503 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
@@ -90263,10 +90263,10 @@ CVE-2010-2302 (Use-after-free vulnerability in WebCore in WebKit in Google Chrom
 	TODO: check
 CVE-2010-2303
 	REJECTED
-	TODO: check
+	NOT-FOR-US: this
 CVE-2010-2304
 	REJECTED
-	TODO: check
+	NOT-FOR-US: this
 CVE-2010-2305 (Buffer overflow in an ActiveX control in SSHelper.dll for Symantec ...)
 	NOT-FOR-US: symantec sygate_personal_firewall
 CVE-2010-2306 (The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; ...)
@@ -90564,7 +90564,7 @@ CVE-2010-2451 (Multiple format string vulnerabilities in the DCC functionality i
 CVE-2010-2452 (Directory traversal vulnerability in the DCC functionality in KVIrc ...)
 	BUG: 326149
 CVE-2010-2453 (Multiple cross-site scripting (XSS) vulnerabilities in Synology Disk ...)
-	TODO: check
+	NOT-FOR-US: Synology Disk Station
 CVE-2010-2454 (Apple Safari does not properly manage the address bar between the ...)
 	TODO: check
 CVE-2010-2455 (Opera does not properly manage the address bar between the request to ...)
@@ -90640,7 +90640,7 @@ CVE-2010-2489 (Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might
 CVE-2010-2490
 	RESERVED
 CVE-2010-2491 (Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup ...)
-	TODO: check
+	BUG: 326395
 CVE-2010-2492 (Buffer overflow in the ecryptfs_uid_hash macro in ...)
 	TODO: check
 CVE-2010-2493 (The default configuration of the deployment descriptor (aka web.xml) ...)
@@ -91256,13 +91256,13 @@ CVE-2010-2797
 CVE-2010-2798 (The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux ...)
 	TODO: check
 CVE-2010-2799 (Stack-based buffer overflow in the nestlex function in nestlex.c in ...)
-	TODO: check
+	BUG: 330785
 CVE-2010-2800 (The MS-ZIP decompressor in cabextract before 1.3 allows remote ...)
 	BUG: 329891
 CVE-2010-2801 (Integer signedness error in the Quantum decompressor in cabextract ...)
 	BUG: 329891
 CVE-2010-2802 (Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 ...)
-	TODO: check
+	BUG: 330481
 CVE-2010-2803 (The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct ...)
 	TODO: check
 CVE-2010-2804
@@ -91804,7 +91804,7 @@ CVE-2010-3070 (Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used
 CVE-2010-3071
 	RESERVED
 CVE-2010-3072 (The string-comparison functions in String.cci in Squid 3.x before ...)
-	TODO: check
+	BUG: 334263
 CVE-2010-3073 (SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer ...)
 	TODO: check
 CVE-2010-3074 (SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of ...)
@@ -92064,7 +92064,7 @@ CVE-2010-3200 (MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote
 CVE-2010-3201
 	RESERVED
 CVE-2010-3202 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 ...)
-	TODO: check
+	NOT-FOR-US: flock
 CVE-2010-3203 (Directory traversal vulnerability in the PicSell (com_picsell) ...)
 	NOT-FOR-US: xmlswf com_picsell
 CVE-2010-3204 (Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 ...)
@@ -92182,9 +92182,9 @@ CVE-2010-3259 (Google Chrome before 6.0.472.53 does not properly restrict read a
 CVE-2010-3260
 	RESERVED
 CVE-2010-3261 (Directory traversal vulnerability in RSA Authentication Agent 7.0 ...)
-	TODO: check
+	NOT-FOR-US: rsa authentication_agent_for_web
 CVE-2010-3262 (Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before ...)
-	TODO: check
+	NOT-FOR-US: flock
 CVE-2010-3263 (Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php ...)
 	TODO: check
 CVE-2010-3264 (The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores ...)
@@ -92226,11 +92226,11 @@ CVE-2010-3281 (Stack-based buffer overflow in the HTTP proxy service in ...)
 CVE-2010-3282
 	RESERVED
 CVE-2010-3283 (Open redirect vulnerability in HP System Management Homepage (SMH) ...)
-	TODO: check
+	NOT-FOR-US: hp system_management_homepage
 CVE-2010-3284 (Unspecified vulnerability in HP System Management Homepage (SMH) ...)
-	TODO: check
+	NOT-FOR-US: hp system_management_homepage
 CVE-2010-3285 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
-	TODO: check
+	NOT-FOR-US: hp openview_network_node_manager
 CVE-2010-3286
 	RESERVED
 CVE-2010-3287
@@ -92248,7 +92248,7 @@ CVE-2010-3292
 CVE-2010-3293
 	RESERVED
 CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Alternative ...)
-	TODO: check
+	NOT-FOR-US: pecl php alternative_php_cache
 CVE-2010-3295
 	RESERVED
 CVE-2010-3296 (The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in ...)
@@ -92272,7 +92272,7 @@ CVE-2010-3304 (The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX AC
 CVE-2010-3305
 	RESERVED
 CVE-2010-3306 (Directory traversal vulnerability in the modURL function in instance.c ...)
-	TODO: check
+	NOT-FOR-US: salvo_g _tomaselli weborf
 CVE-2010-3307
 	RESERVED
 CVE-2010-3308
@@ -92477,13 +92477,13 @@ CVE-2010-3407 (Stack-based buffer overflow in the MailCheck821Address function i
 	NOT-FOR-US: ibm lotus_domino
 CVE-2010-3408
 	REJECTED
-	TODO: check
+	NOT-FOR-US: this
 CVE-2010-3409
 	REJECTED
-	TODO: check
+	NOT-FOR-US: this
 CVE-2010-3410
 	REJECTED
-	TODO: check
+	NOT-FOR-US: this
 CVE-2010-3411 (Google Chrome before 6.0.472.59 on Linux does not properly handle ...)
 	TODO: check
 CVE-2010-3412 (Race condition in the console implementation in Google Chrome before ...)
@@ -92599,7 +92599,7 @@ CVE-2010-3466 (Cross-site scripting (XSS) vulnerability in index.php in the ...)
 CVE-2010-3467 (SQL injection vulnerability in modules/sections/index.php in ...)
 	NOT-FOR-US: e xoopport samsara
 CVE-2010-3468 (Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 ...)
-	TODO: check
+	NOT-FOR-US: Mura CMS
 CVE-2010-3469
 	RESERVED
 CVE-2010-3470 (Multiple cross-site scripting (XSS) vulnerabilities in the Workplace ...)
@@ -92643,7 +92643,7 @@ CVE-2010-3488 (Directory traversal vulnerability in QuickShare 1.0 allows remote
 CVE-2010-3489 (Cross-site scripting (XSS) vulnerability in ...)
 	NOT-FOR-US: digitalworkroom cms_digital_workroom
 CVE-2010-3490 (Directory traversal vulnerability in page.recordings.php in the System ...)
-	TODO: check
+	NOT-FOR-US: freepbx
 CVE-2010-3491
 	RESERVED
 CVE-2010-3492
@@ -92865,21 +92865,21 @@ CVE-2010-3599
 CVE-2010-3600
 	RESERVED
 CVE-2010-3601 (SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows ...)
-	TODO: check
+	NOT-FOR-US: invisionpower ibphotohost
 CVE-2010-3602 (Cross-site scripting (XSS) vulnerability in ProfileView.aspx in ...)
-	TODO: check
+	NOT-FOR-US: sourcetreesolutions mojoportal
 CVE-2010-3603 (Cross-site request forgery (CSRF) vulnerability in the file manager ...)
-	TODO: check
+	NOT-FOR-US: sourcetreesolutions mojoportal
 CVE-2010-3604 (SQL injection vulnerability in the powermail extension 1.5.3 and ...)
-	TODO: check
+	NOT-FOR-US: alex_kellner powermail
 CVE-2010-3605 (Cross-site scripting (XSS) vulnerability in the powermail extension ...)
-	TODO: check
+	NOT-FOR-US: alex_kellner powermail
 CVE-2010-3606 (Multiple directory traversal vulnerabilities in AGENTS/index.php in ...)
-	TODO: check
+	NOT-FOR-US: netartmedia real_estate_portal
 CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt ...)
-	TODO: check
+	NOT-FOR-US: netartmedia real_estate_portal
 CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...)
-	TODO: check
+	NOT-FOR-US: wire_plastic_design wpquiz
 CVE-2010-3609
 	RESERVED
 CVE-2010-3610
@@ -93031,15 +93031,15 @@ CVE-2010-3682
 CVE-2010-3683
 	RESERVED
 CVE-2010-3684 (The FTP authentication module in Synology Disk Station 2.x logs ...)
-	TODO: check
+	NOT-FOR-US: Synology Disk Station
 CVE-2010-3685 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
 	TODO: check
 CVE-2010-3686 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...)
 	TODO: check
 CVE-2010-3687 (Unspecified vulnerability in the powermail extension 1.5.3 and earlier ...)
-	TODO: check
+	NOT-FOR-US: powermail extension
 CVE-2010-3688 (Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA ...)
-	TODO: check
+	NOT-FOR-US: websiteadmin
 CVE-2010-3689
 	RESERVED
 CVE-2010-3690
author	Stefan Behte <craig@gentoo.org>	2010-10-01 20:29:21 +0000
committer	Stefan Behte <craig@gentoo.org>	2010-10-01 20:29:21 +0000
commit	15c623060a363150f7a14fe4d8485c752ecea403 (patch)
tree	04331d4a35781d383941ae125f18f74033547d0b
parent	MITRE sync (diff)
download	security-15c623060a363150f7a14fe4d8485c752ecea403.tar.gz security-15c623060a363150f7a14fe4d8485c752ecea403.tar.bz2 security-15c623060a363150f7a14fe4d8485c752ecea403.zip