[Secure-testing-commits] r13628 - data/CVE
Steffen Joeris
white at alioth.debian.org
Wed Dec 23 09:08:55 UTC 2009
Author: white
Date: 2009-12-23 09:08:55 +0000 (Wed, 23 Dec 2009)
New Revision: 13628
Modified:
data/CVE/list
Log:
Some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-12-23 07:08:58 UTC (rev 13627)
+++ data/CVE/list 2009-12-23 09:08:55 UTC (rev 13628)
@@ -65,13 +65,13 @@
CVE-2009-4376 (Buffer overflow in the daintree_sna_read function in the Daintree SNA ...)
TODO: check
CVE-2009-4375 (SQL injection vulnerability in repository/repository_attachment.php in ...)
- TODO: check
+ NOT-FOR-US: AlienVault Open Source Security Information Management
CVE-2009-4374 (Directory traversal vulnerability in ...)
- TODO: check
+ NOT-FOR-US: AlienVault Open Source Security Information Management
CVE-2009-4373 (Unrestricted file upload vulnerability in ...)
- TODO: check
+ NOT-FOR-US: AlienVault Open Source Security Information Management
CVE-2009-4372 (AlienVault Open Source Security Information Management (OSSIM) 2.1.5, ...)
- TODO: check
+ NOT-FOR-US: AlienVault Open Source Security Information Management
CVE-2009-4371 (Cross-site scripting (XSS) vulnerability in the Locale module ...)
TODO: check
CVE-2009-4370 (Cross-site scripting (XSS) vulnerability in the Menu module ...)
@@ -79,49 +79,49 @@
CVE-2009-4369 (Cross-site scripting (XSS) vulnerability in the Contact module ...)
TODO: check
CVE-2009-4368 (Multiple unspecified vulnerabilities in Centreon before 2.1.4 have ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2009-4367 (The Staging Webservice ("sitecore modules/staging/service/api.asmx") ...)
- TODO: check
+ NOT-FOR-US: Sitecore Staging Module
CVE-2009-4366 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez ...)
- TODO: check
+ NOT-FOR-US: ScriptsEz Ez Blog
CVE-2009-4365 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: ScriptsEz Ez Blog
CVE-2009-4364 (Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez ...)
- TODO: check
+ NOT-FOR-US: ScriptsEz Ez Blog
CVE-2009-4363 (Text_Filter/lib/Horde/Text/Filter/Xss.php in Horde Application ...)
TODO: check
CVE-2009-4362 (Multiple buffer overflows in qosmod in IBM AIX 6.1 allow local users ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2009-4361 (Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users ...)
- TODO: check
+ NOT-FOR-US: IBM AIX
CVE-2009-4360 (SQL injection vulnerability in modules/content/index.php in the ...)
- TODO: check
+ NOT-FOR-US: XOOPS
CVE-2009-4359 (Cross-site scripting (XSS) vulnerability in folder.php in the ...)
- TODO: check
+ NOT-FOR-US: XOOPS
CVE-2009-4358 (freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure ...)
- TODO: check
+ NOT-FOR-US: freebsd-update
CVE-2009-4357 (CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 ...)
- TODO: check
+ NOT-FOR-US: IBM Rational ClearQuest
CVE-2009-4356 (Multiple integer overflows in the jpeg.w5s and png.w5s filters in ...)
- TODO: check
+ NOT-FOR-US: Winamp
CVE-2009-4355
RESERVED
CVE-2009-4354 (TransWARE Active! mail 2003 build 2003.0139.0871 and earlier does not ...)
- TODO: check
+ NOT-FOR-US: TransWARE Active
CVE-2009-4353 (The Mobile Edition of TransWARE Active! mail 2003 build 2003.0139.0871 ...)
- TODO: check
+ NOT-FOR-US: TransWARE Active
CVE-2009-4352 (Multiple cross-site scripting (XSS) vulnerabilities in TransWARE ...)
- TODO: check
+ NOT-FOR-US: TransWARE Active
CVE-2009-4351 (SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, ...)
- TODO: check
+ NOT-FOR-US: WSCreator
CVE-2009-4350 (SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 ...)
- TODO: check
+ NOT-FOR-US: Arctic Issue Tracker
CVE-2009-4349 (Cross-site request forgery (CSRF) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Link Up Gold
CVE-2009-4348 (Cross-site scripting (XSS) vulnerability in index.php in Harold ...)
- TODO: check
+ NOT-FOR-US: Harold Bakker's NewsScript
CVE-2009-4347 (Cross-site scripting (XSS) vulnerability in daloradius-users/login.php ...)
- TODO: check
+ NOT-FOR-US: daloRADIUS
CVE-2009-4346 (Cross-site scripting (XSS) vulnerability in the Frontend news ...)
TODO: check
CVE-2009-4345 (Cross-site scripting (XSS) vulnerability in the vShoutbox (vshoutbox) ...)
@@ -145,27 +145,27 @@
CVE-2009-4336 (Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth ...)
TODO: check
CVE-2009-4335 (Multiple unspecified vulnerabilities in bundled stored procedures in ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4334 (The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4333 (The Relational Data Services component in IBM DB2 9.5 before FP5 ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4332 (db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4331 (The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4330 (Unspecified vulnerability in db2licm in the Engine Utilities component ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4329 (Unspecified vulnerability in the Engine Utilities component in IBM DB2 ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4328 (Unspecified vulnerability in the DRDA Services component in IBM DB2 ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4327 (The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4326 (The RAND scalar function in the Common Code Infrastructure component ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-4325 (The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2009-XXXX [apache2: potential disclosure of private php files]
- apache2 <unfixed> (low; bug #562006)
CVE-2009-XXXX [Wireshark: Daintree SNA buffer overflow]
More information about the Secure-testing-commits
mailing list