"new" thttpd issue

NFUs

3 files changed, 9 insertions, 9 deletions

diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index fb3b5cee72..ced826a602 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -15663,7 +15663,7 @@ CVE-2007-0159 (Directory traversal vulnerability in the GeoIP_update_database_ge
 	- geoip 1.3.17-1.1 (bug #406628; low)
 	[sarge] - geoip <no-dsa> (Minor issue)
 CVE-2007-0158 (thttpd 2007 has buffer underflow. ...)
-	TODO: check
+	- thttpd <removed>
 CVE-2007-0157 (Array index error in the uri_lookup function in the URI parser for neo ...)
 	- neon26 0.26.2-3.1 (medium; bug #404723)
 	NOTE: neon25 doesn't have the uri_lookup macro
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index 898395cd56..d0b058a553 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -2980,7 +2980,7 @@ CVE-2012-5560 (The default configuration in mate-settings-daemon 1.5.3 allows lo
 CVE-2012-5559 (Cross-site scripting (XSS) vulnerability in the page manager node view ...)
 	NOT-FOR-US: Drupal chaos tool addon
 CVE-2012-5558 (Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x  ...)
-	TODO: check
+	NOT-FOR-US: Drupal contributed-module
 CVE-2012-5557 (The User Read-Only module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7. ...)
 	NOT-FOR-US: Drupal contributed-module
 CVE-2012-5556 (Multiple cross-site request forgery (CSRF) vulnerabilities in the REST ...)
@@ -13392,13 +13392,13 @@ CVE-2012-1262 (Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.
 	{DSA-2423-1}
 	- movabletype-opensource 5.1.3+dfsg-1
 CVE-2012-1261 (Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusion ...)
-	TODO: check
+	NOT-FOR-US: Plixer
 CVE-2012-1260 (Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in P ...)
-	TODO: check
+	NOT-FOR-US: Plixer
 CVE-2012-1259 (Multiple SQL injection vulnerabilities in Plixer International Scrutin ...)
-	TODO: check
+	NOT-FOR-US: Plixer
 CVE-2012-1258 (cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow &amp ...)
-	TODO: check
+	NOT-FOR-US: Plixer
 CVE-2012-1257 (Pidgin 2.10.0 uses DBUS for certain cleartext communication, which all ...)
 	- pidgin <unfixed> (unimportant)
 	NOTE: Negligible local information disclosure
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index f2a7aa819e..ede5d32c8e 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -1339,7 +1339,7 @@ CVE-2014-9910 (An elevation of privilege vulnerability in the Broadcom Wi-Fi dri
 CVE-2014-9909 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver c ...)
 	NOT-FOR-US: Android Broadcom driver
 CVE-2014-9908 (A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0. ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2014-9907 (coders/dds.c in ImageMagick allows remote attackers to cause a denial  ...)
 	{DSA-3652-1 DLA-731-1}
 	- imagemagick 8:6.9.6.2+dfsg-2 (bug #832942)
@@ -8795,7 +8795,7 @@ CVE-2014-7259 (SQUARE ENIX Co., Ltd. Kaku-San-Sei Million Arthur before 2.25 for
 CVE-2014-7258 (Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 a ...)
 	NOT-FOR-US: KENT-WEB CLip Board
 CVE-2014-7257 (SQL injection vulnerability in DBD::PgPP 0.05 and earlier ...)
-	TODO: check
+	NOT-FOR-US: DBD::PgPP
 CVE-2014-7256 (The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking Int ...)
 	NOT-FOR-US: SEIL Routers
 CVE-2014-7255 (Internet Initiative Japan Inc. SEIL Series routers SEIL/X1 2.50 throug ...)
@@ -18768,7 +18768,7 @@ CVE-2014-3213
 CVE-2014-3212
 	RESERVED
 CVE-2014-3211 (Publify before 8.0.1 is vulnerable to a Denial of Service attack ...)
-	TODO: check
+	NOT-FOR-US: Publify
 CVE-2014-3210 (SQL injection vulnerability in dopbs-backend-forms.php in the Booking  ...)
 	NOT-FOR-US: WordPress plugin Booking System
 CVE-2014-3208