[Secure-testing-commits] r12651 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Fri Aug 21 07:50:25 UTC 2009
Author: derevko-guest
Date: 2009-08-21 07:50:25 +0000 (Fri, 21 Aug 2009)
New Revision: 12651
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-20 21:14:17 UTC (rev 12650)
+++ data/CVE/list 2009-08-21 07:50:25 UTC (rev 12651)
@@ -39,13 +39,13 @@
CVE-2009-2861
RESERVED
CVE-2009-2860 (Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows ...)
- TODO: check
+ NOT-FOR-US: db2jds in IBM DB2
CVE-2009-2859 (IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-2858 (Memory leak in the Security component in IBM DB2 8.1 before FP18 on ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-2857 (The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before ...)
- TODO: check
+ NOT-FOR-US: kernel in Sun Solaris
CVE-2009-2856 (Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding ...)
NOT-FOR-US: Sun Virtual Desktop Infrastructure
CVE-2009-2855 (The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 ...)
@@ -62,7 +62,7 @@
NOT-FOR-US: NASA Common Data Format
CVE-2009-2845
REJECTED
- TODO: check
+ NOT-FOR-US: duplicate of CVE-2009-2768
CVE-2008-7015 (Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel ...)
NOT-FOR-US: Unreal Tournament
CVE-2008-7014 (fhttpd 0.4.2 allows remote attackers to cause a denial of service ...)
@@ -235,15 +235,15 @@
CVE-2009-2779 (SQL injection vulnerability in index.php in AJ Matrix DNA allows ...)
NOT-FOR-US: AJ Matrix DNA
CVE-2008-7003 (Multiple SQL injection vulnerabilities in login.php in The Rat CMS ...)
- TODO: check
+ NOT-FOR-US: The Rat CMS
CVE-2008-7002 (PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir ...)
TODO: check
CVE-2008-7001 (Unrestricted file upload vulnerability in the file manager in Creative ...)
- TODO: check
+ NOT-FOR-US: Creative Mind Creator CMS
CVE-2008-7000 (PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 ...)
TODO: check
CVE-2008-6999 (phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote ...)
- TODO: check
+ NOT-FOR-US: phpAuction
CVE-2008-6998 (Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in ...)
TODO: check
CVE-2008-6997 (Google Chrome 0.2.149.27 allows user-assisted remote attackers to ...)
@@ -259,35 +259,35 @@
CVE-2008-6992 (GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, ...)
NOT-FOR-US: GreenSQL Firewall
CVE-2008-6991 (SQL injection vulnerability in public/page.php in Websens CMSbright ...)
- TODO: check
+ NOT-FOR-US: CMSbright
CVE-2008-6990 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka ...)
- TODO: check
+ NOT-FOR-US: Easy Photo Gallery
CVE-2008-6989 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka ...)
- TODO: check
+ NOT-FOR-US: Easy Photo Gallery
CVE-2008-6988 (Multiple cross-site scripting (XSS) vulnerabilities in Easy Photo ...)
- TODO: check
+ NOT-FOR-US: Easy Photo Gallery
CVE-2008-6987 (Unrestricted file upload vulnerability in eZoneScripts Dating Website ...)
- TODO: check
+ NOT-FOR-US: eZoneScripts Dating Website script
CVE-2008-6986 (SQL injection vulnerability in the actionMultipleAddProduct function ...)
- TODO: check
+ NOT-FOR-US: Zen Cart
CVE-2008-6985 (Multiple SQL injection vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Zen Cart
CVE-2008-6984 (Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, ...)
- TODO: check
+ NOT-FOR-US: Plesk
CVE-2008-6983 (modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: devalcms
CVE-2008-6982 (Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a ...)
- TODO: check
+ NOT-FOR-US: devalcms
CVE-2008-6981 (index.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: phpAdultSite CMS
CVE-2008-6980 (SQL injection vulnerability in as_archives.php in phpAdultSite CMS, ...)
- TODO: check
+ NOT-FOR-US: phpAdultSite CMS
CVE-2008-6979 (Cross-site scripting (XSS) vulnerability in as_archives.php in ...)
- TODO: check
+ NOT-FOR-US: phpAdultSite CMS
CVE-2008-6978 (Unrestricted file upload vulnerability in Full Revolution aspWebAlbum ...)
- TODO: check
+ NOT-FOR-US: aspWebAlbum
CVE-2008-6977 (Cross-site scripting (XSS) vulnerability in album.asp in Full ...)
- TODO: check
+ NOT-FOR-US: aspWebAlbum
CVE-2008-6976 (MicroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows ...)
NOT-FOR-US: MicroTik RouterOS
CVE-2009-2778 (Cross-site scripting (XSS) vulnerability in visitor/view.php in ...)
@@ -413,7 +413,7 @@
CVE-2009-2741
RESERVED
CVE-2009-2740 (kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention ...)
- TODO: check
+ NOT-FOR-US: CA Host-Based Intrusion Prevention System (HIPS)
CVE-2009-2739 (Cross-site scripting (XSS) vulnerability in FreeNAS before 0.69.2 ...)
NOT-FOR-US: FreeNAS
CVE-2009-2738 (Cross-site request forgery (CSRF) vulnerability in the WebGUI in ...)
@@ -948,7 +948,7 @@
CVE-2009-2628
RESERVED
CVE-2009-2627 (The Acer LunchApp (aka AcerCtrls.APlunch) ActiveX control in ...)
- TODO: check
+ NOT-FOR-US: Acer LunchApp
CVE-2009-2626
RESERVED
CVE-2009-2625 (Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in ...)
@@ -2464,7 +2464,7 @@
CVE-2009-2056
RESERVED
CVE-2009-2055 (Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Cisco IOS
CVE-2009-2054
RESERVED
CVE-2009-2053
@@ -7126,7 +7126,7 @@
CVE-2009-0683
RESERVED
CVE-2009-0682 (vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before ...)
- TODO: check
+ NOT-FOR-US: CA Internet Security Suite
CVE-2009-0681 (PGP Desktop before 9.10 allows local users to (1) cause a denial of ...)
NOT-FOR-US: PGP Desktop
CVE-2009-0680 (cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows ...)
More information about the Secure-testing-commits
mailing list