[Secure-testing-commits] r12134 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Tue Jun 16 06:27:16 UTC 2009 

Author: derevko-guest
Date: 2009-06-16 06:27:14 +0000 (Tue, 16 Jun 2009)
New Revision: 12134

Modified:
   data/CVE/list
Log:
- NFUs
- New xulrunner and libpng issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-06-15 21:14:13 UTC (rev 12133)
+++ data/CVE/list	2009-06-16 06:27:14 UTC (rev 12134)
@@ -23,31 +23,33 @@
 CVE-2009-2045
 	RESERVED
 CVE-2009-2044 (Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to ...)
-	TODO: check
+	- xulrunner <unfixed> (low)
+	TODO: check when MFSA is issued
 CVE-2009-2043 (nsViewManager.cpp in Mozilla Firefox 3.0.2 through 3.0.10 allows ...)
-	TODO: check
+	TODO: check when MFSA is issued
+	- xulrunner <unfixed> (low)
 CVE-2009-2042 (libpng before 1.2.37 does not properly parse 1-bit interlaced images ...)
-	TODO: check
+	- libpng 1.2.37-1 (low)
 CVE-2009-2041 (Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab ...)
-	TODO: check
+	NOT-FOR-US: activeCollab
 CVE-2009-2040 (admin/options.php in Grestul 1.2 does not properly restrict access, ...)
-	TODO: check
+	NOT-FOR-US: Grestul
 CVE-2009-2039 (Unspecified vulnerability in the Luottokunta module before 1.3 for ...)
-	TODO: check
+	NOT-FOR-US: Luottokunta module for osCommerce
 CVE-2009-2038 (Unspecified vulnerability in the Finnish Bank Payment module 2.2 for ...)
-	TODO: check
+	NOT-FOR-US: Finnish Bank Payment module 2.2 for osCommerce
 CVE-2009-2037 (Multiple directory traversal vulnerabilities in Online Grades &amp; ...)
-	TODO: check
+	NOT-FOR-US: Online Grades
 CVE-2009-2036 (SQL injection vulnerability in index.php in Open Biller 0.1 allows ...)
-	TODO: check
+	NOT-FOR-US: Open Biller 
 CVE-2009-2035 (Unspecified vulnerability in Services 6.x before 6.x-0.14, a module ...)
 	TODO: check
 CVE-2009-2034 (SQL injection vulnerability in writemessage.php in Yogurt 0.3, when ...)
-	TODO: check
+	NOT-FOR-US: Yogurt
 CVE-2009-2033 (Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 ...)
-	TODO: check
+	NOT-FOR-US: Yogurt
 CVE-2009-2032 (Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, ...)
-	TODO: check
+	NOT-FOR-US: PDshopPro
 CVE-2009-XXXX [git-daemon Parameter Parsing Infinite Loop Denial of Service]
 	- git-core <unfixed> (medium; bug #532935)
 	[etch] - git-core <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list