[Secure-testing-commits] r11556 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Fri Apr 3 21:32:11 UTC 2009
Author: jmm-guest
Date: 2009-04-03 21:32:10 +0000 (Fri, 03 Apr 2009)
New Revision: 11556
Modified:
data/CVE/list
Log:
NFUs
xul non-issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-03 21:14:12 UTC (rev 11555)
+++ data/CVE/list 2009-04-03 21:32:10 UTC (rev 11556)
@@ -1,45 +1,46 @@
CVE-2009-1238 (Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2009-1237 (Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2009-1236 (Heap-based buffer overflow in the AppleTalk networking stack in XNU ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2009-1235 (XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2009-1234 (Opera 9.64 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2009-1233 (Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Safari on Windows
CVE-2009-1232 (The XUL parser in Mozilla Firefox 3.0.8 and earlier 3.0.x versions ...)
- TODO: check
+ - xulrunner <unfixed> (unimportant)
+ NOTE: Browser crashes not treated as security issues
CVE-2009-1231 (Unspecified vulnerability in the eClient in IBM DB2 Content Manager ...)
- TODO: check
+ NOT-FOR-US: DB2
CVE-2009-1230 (Static code injection vulnerability in index.php in Podcast Generator ...)
- TODO: check
+ NOT-FOR-US: Podcast Generator
CVE-2009-1229 (SQL injection vulnerability in Arcadwy Arcade Script allows remote ...)
- TODO: check
+ NOT-FOR-US: Arcadwy Arcade Script
CVE-2009-1228 (Cross-site scripting (XSS) vulnerability in register.php in Arcadwy ...)
- TODO: check
+ NOT-FOR-US: Arcadwy Arcade Script
CVE-2009-1227 (Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI ...)
- TODO: check
+ NOT-FOR-US: Check Point
CVE-2009-1226 (core/admin/delete.php in Podcast Generator 1.1 and earlier does not ...)
- TODO: check
+ NOT-FOR-US: Podcast Generator
CVE-2009-1225 (Cross-site scripting (XSS) vulnerability in index.php in Turnkey Ebook ...)
- TODO: check
+ NOT-FOR-US: Turnkey Ebook Store
CVE-2009-1224 (SQL injection vulnerability in ...)
- TODO: check
+ NOT-FOR-US: vsp stats processor
CVE-2009-1223 (aspWebCalendar Free Edition stores sensitive information under the web ...)
- TODO: check
+ NOT-FOR-US: aspWebCalendar Free Edition
CVE-2009-1222 (Directory traversal vulnerability in index.php in webEdition 6.0.0.4 ...)
- TODO: check
+ NOT-FOR-US: webEdition
CVE-2008-6582 (SQL injection vulnerability in index.php in Miniweb 2.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: Miniweb
CVE-2008-6581 (login.php in PhpAddEdit 1.3 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: PhpAddEdit
CVE-2008-6580 (The Red_Reservations script for ColdFusion stores sensitive ...)
- TODO: check
+ NOT-FOR-US: ColdFusion
CVE-2003-1571 (Web Wiz Guestbook 6.0 stores sensitive information under the web root ...)
- TODO: check
+ NOT-FOR-US: Web Wiz Guestbook
CVE-2009-XXXX [unspecified DoS]
- libapache-mod-security 2.5.9-1
TODO: Investigate, check stable/oldstable, if necessary open RT ticket
More information about the Secure-testing-commits
mailing list