[Secure-testing-commits] r13528 - data/CVE

Kees Cook kees at alioth.debian.org
Sat Dec 12 20:19:02 UTC 2009 

Author: kees
Date: 2009-12-12 20:19:02 +0000 (Sat, 12 Dec 2009)
New Revision: 13528

Modified:
   data/CVE/list
Log:
NFUs: 30

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-12 20:12:13 UTC (rev 13527)
+++ data/CVE/list	2009-12-12 20:19:02 UTC (rev 13528)
@@ -1,3 +1,23 @@
+CVE-2009-4296
+	NOT-FOR-US: Taxonomy Timer module for Drupal
+CVE-2009-4295
+	NOT-FOR-US: Sun Ray Server Software
+CVE-2009-4294
+	NOT-FOR-US: Sun Ray Server Software
+CVE-2009-4293
+	NOT-FOR-US: Internet Initiative Japan
+CVE-2009-4292
+	NOT-FOR-US: Internet Initiative Japan
+CVE-2009-4266
+	NOT-FOR-US: YABSoft Advanced Image Hosting (AIH) Script
+CVE-2009-4265
+	NOT-FOR-US: Ideal Administration
+CVE-2009-4264
+	NOT-FOR-US: AROUNDMe
+CVE-2009-4263
+	NOT-FOR-US: PTCPay
+CVE-2009-4262
+	NOT-FOR-US: Harold Bakker's Newscript HB-NS
 CVE-2009-XXXX [php-net-ping argument injection]
 	- php-net-ping 2.4.2-1.1 (medium)
 	[etch] - php-net-ping 2.4.2-1+etch1
@@ -90,9 +110,9 @@
 CVE-2009-4239 (Cross-site scripting (XSS) vulnerability in the Web console in IBM ...)
 	NOT-FOR-US: IBM InfoSphere Information Server
 CVE-2009-4238
-	RESERVED
+	NOT-FOR-US: TestLink
 CVE-2009-4237
-	RESERVED
+	NOT-FOR-US: TestLink
 CVE-2009-4236 (The process function in ...)
 	NOT-FOR-US: EC-CUBE
 CVE-2009-4235 (acpid 1.0.4 sets an unrestrictive umask, which might allow local users ...)
@@ -209,17 +229,17 @@
 CVE-2009-4182
 	RESERVED
 CVE-2009-4181
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-4180
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-4179
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-4178
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-4177
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-4176
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-4175 (CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote ...)
 	NOT-FOR-US: CuteNews
 CVE-2009-4174 (The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews ...)
@@ -313,7 +333,7 @@
 CVE-2009-4133
 	RESERVED
 CVE-2009-4132
-	RESERVED
+	NOT-FOR-US: ** REJECT **
 CVE-2009-4131 [linux-2.6: ext4 move extents issue]
 	RESERVED
 	- linux-2.6 <unfixed> (medium)
@@ -772,7 +792,7 @@
 CVE-2009-3952
 	RESERVED
 CVE-2009-3951
-	RESERVED
+	NOT-FOR-US: ActiveX
 CVE-2009-3950 (Multiple cross-site scripting (XSS) vulnerabilities in Bractus ...)
 	NOT-FOR-US: Bractus SunTrack
 CVE-2009-3949 (cp/profile.php in VivaPrograms Infinity 2.0.5 and earlier does not ...)
@@ -876,11 +896,11 @@
 	- gimp 2.6.7-1.1 (medium; bug #556750)
 	NOTE: http://secunia.com/secunia_research/2009-43/
 CVE-2009-3908
-	RESERVED
+	NOT-FOR-US: ** REJECT **
 CVE-2009-3907
-	RESERVED
+	NOT-FOR-US: ** REJECT **
 CVE-2009-3906
-	RESERVED
+	NOT-FOR-US: ** REJECT **
 CVE-2009-3905 (Multiple cross-site scripting (XSS) vulnerabilities in e-Courier CMS ...)
 	NOT-FOR-US: e-Courier CMS
 CVE-2009-3904 (classes/session/cc_admin_session.php in CubeCart 4.3.4 does not ...)
@@ -1040,15 +1060,15 @@
 	NOTE: a malicious .blend file.  by design, blend files support
 	NOTE: all python operations, so ultimately any code can be executed
 CVE-2009-3849
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-3848
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-3847
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-3846
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-3845
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-3844 (Unspecified vulnerability in HP OpenView Data Protector Application ...)
 	NOT-FOR-US: HP OpenView Data Protector Application
 CVE-2009-3843 (HP Operations Manager 8.10 on Windows contains a &quot;hidden account&quot; in ...)
@@ -3534,7 +3554,7 @@
 CVE-2009-3028
 	RESERVED
 CVE-2009-3027
-	RESERVED
+	NOT-FOR-US: Symantec Backup Exec Continuous Protection Server
 CVE-2009-3025 (Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to ...)
 	- pidgin 2.6.1-1 (low)
 	[lenny] - pidgin <not-affected> (Vulnerable code introduced in 2.6.0)
@@ -10477,7 +10497,7 @@
 CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2009-0898
-	RESERVED
+	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-0897 (IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2009-0896 (Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before ...)

More information about the Secure-testing-commits mailing list