[Secure-testing-commits] r13083 - data/CVE
Kees Cook
kees at alioth.debian.org
Sat Oct 24 04:14:52 UTC 2009
Author: kees
Date: 2009-10-24 04:14:44 +0000 (Sat, 24 Oct 2009)
New Revision: 13083
Modified:
data/CVE/list
Log:
NFUs: 56
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-24 00:19:42 UTC (rev 13082)
+++ data/CVE/list 2009-10-24 04:14:44 UTC (rev 13083)
@@ -1,37 +1,37 @@
CVE-2009-3760 (Static code injection vulnerability in config/writeconfig.php in the ...)
- TODO: check
+ NOT-FOR-US: Citrix XenCenterWeb
CVE-2009-3759 (Multiple cross-site request forgery (CSRF) vulnerabilities in sample ...)
- TODO: check
+ NOT-FOR-US: Citrix XenCenterWeb
CVE-2009-3758 (SQL injection vulnerability in login.php in sample code in the ...)
- TODO: check
+ NOT-FOR-US: Citrix XenCenterWeb
CVE-2009-3757 (Multiple cross-site scripting (XSS) vulnerabilities in sample code in ...)
- TODO: check
+ NOT-FOR-US: Citrix XenCenterWeb
CVE-2009-3756 (phpBMS 0.96 allows remote attackers to obtain sensitive information ...)
- TODO: check
+ NOT-FOR-US: phpBMS
CVE-2009-3755 (Multiple cross-site scripting (XSS) vulnerabilities in phpBMS 0.96 ...)
- TODO: check
+ NOT-FOR-US: phpBMS
CVE-2009-3754 (Multiple SQL injection vulnerabilities in phpBMS 0.96 allow remote ...)
- TODO: check
+ NOT-FOR-US: phpBMS
CVE-2009-3753 (Unrestricted file upload vulnerability in Opial 1.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: Opial
CVE-2009-3752 (SQL injection vulnerability in home.php in Opial 1.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: Opial
CVE-2009-3751 (Cross-site scripting (XSS) vulnerability in home.php in Opial 1.0 ...)
- TODO: check
+ NOT-FOR-US: Opial
CVE-2009-3750 (SQL injection vulnerability in read.php in ToyLog 0.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: ToyLog
CVE-2009-3749 (The Web Administrator service (STEMWADM.EXE) in Websense Personal ...)
- TODO: check
+ NOT-FOR-US: Websense Personal Email Manager
CVE-2009-3748 (Multiple cross-site scripting (XSS) vulnerabilities in the Web ...)
- TODO: check
+ NOT-FOR-US: Websense Personal Email Manager
CVE-2009-3747 (Cross-site scripting (XSS) vulnerability in index.php in TBmnetCMS 1.0 ...)
- TODO: check
+ NOT-FOR-US: TBmnetCMS
CVE-2009-3746 (XScreenSaver in Sun Solaris 10, when the accessibility feature is ...)
- TODO: check
+ NOT-FOR-US: XScreenSaver in Sun Solaris 10
CVE-2009-3745 (Cross-site scripting (XSS) vulnerability in the help pages in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM Rational AppScan Enterprise Edition
CVE-2009-3744 (rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote ...)
- TODO: check
+ NOT-FOR-US: EMC RepliStor
CVE-2009-3743
RESERVED
CVE-2009-3742
@@ -821,41 +821,41 @@
CVE-2009-3410
RESERVED
CVE-2009-3409 (Unspecified vulnerability in the PeopleSoft Enterprise HCM (TAM) ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2009-3408 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2009-3407 (Unspecified vulnerability in the Portal component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Application Server
CVE-2009-3406 (Unspecified vulnerability in the JD Edwards Tools component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2009-3405 (Unspecified vulnerability in the JD Edwards Tools component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2009-3404 (Unspecified vulnerability in the PeopleSoft PeopleTools & Enterprise ...)
- TODO: check
+ NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2009-3403 (Unspecified vulnerability in the JRockit component in BEA Product ...)
- TODO: check
+ NOT-FOR-US: BEA Product Suite
CVE-2009-3402 (Unspecified vulnerability in the Oracle Applications Framework ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2009-3401 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2009-3400 (Unspecified vulnerability in the Oracle Advanced Benefits component in ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2009-3399 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA Product Suite
CVE-2009-3398
RESERVED
CVE-2009-3397 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2009-3396 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA Product Suite
CVE-2009-3395 (Unspecified vulnerability in the AutoVue component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2009-3394
RESERVED
CVE-2009-3393 (Unspecified vulnerability in the Oracle Application Object Library ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2009-3392 (Unspecified vulnerability in the Agile Engineering Data Management ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2009-XXXX [merkaartor merkaartor.log minor symlink attack]
- merkaartor 0.14+svnfixes~20090912-2 (unimportant; bug #548546)
[lenny] - merkaartor <not-affected> (vulnerable code not present)
@@ -5280,31 +5280,31 @@
CVE-2009-2003 (Ascad Networks Password Protector SD 1.3.1 allows remote attackers to ...)
NOT-FOR-US: Ascad Networks Password Protector
CVE-2009-2002 (Unspecified vulnerability in the WebLogic Portal component in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA Product Suite
CVE-2009-2001 (Unspecified vulnerability in the PL/SQL component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-2000 (Unspecified vulnerability in the Authentication component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1999 (Unspecified vulnerability in the Business Intelligence Enterprise ...)
- TODO: check
+ NOT-FOR-US: Oracle Application Server
CVE-2009-1998 (Unspecified vulnerability in the Oracle Communications Order and ...)
- TODO: check
+ NOT-FOR-US: Oracle Industry Applications
CVE-2009-1997 (Unspecified vulnerability in the Authentication component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1996
RESERVED
CVE-2009-1995 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1994 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1993 (Unspecified vulnerability in the Application Express component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1992 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1991 (Unspecified vulnerability in the Oracle Text component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1990 (Unspecified vulnerability in the Business Intelligence Enterprise ...)
- TODO: check
+ NOT-FOR-US: Oracle Application Server
CVE-2009-1989 (Unspecified vulnerability in the PeopleSoft Enterprise FMS component ...)
NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2009-1988 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS eProfile ...)
@@ -5314,7 +5314,7 @@
CVE-2009-1986 (Unspecified vulnerability in the Oracle Applications Manager component ...)
NOT-FOR-US: Oracle Applications Manager
CVE-2009-1985 (Unspecified vulnerability in the Network Authentication component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1984 (Unspecified vulnerability in the Application Install component in ...)
NOT-FOR-US: Oracle E-Business Suite
CVE-2009-1983 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
@@ -5326,7 +5326,7 @@
CVE-2009-1980 (Unspecified vulnerability in the Oracle Application Object Library ...)
NOT-FOR-US: Oracle E-Business Suite
CVE-2009-1979 (Unspecified vulnerability in the Network Authentication component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1978 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
NOT-FOR-US: Oracle Secure Backup
CVE-2009-1977 (Unspecified vulnerability in the Oracle Secure Backup component in ...)
@@ -5340,9 +5340,9 @@
CVE-2009-1973 (Unspecified vulnerability in the Virtual Private Database component in ...)
NOT-FOR-US: Oracle Database
CVE-2009-1972 (Unspecified vulnerability in the Auditing component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1971 (Unspecified vulnerability in the Data Pump component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1970 (Unspecified vulnerability in the Listener component in Oracle Database ...)
NOT-FOR-US: Oracle Database
CVE-2009-1969 (Unspecified vulnerability in the Auditing component in Oracle Database ...)
@@ -5354,9 +5354,9 @@
CVE-2009-1966 (Unspecified vulnerability in the Config Management component in (1) ...)
NOT-FOR-US: Oracle Database
CVE-2009-1965 (Unspecified vulnerability in the Net Foundation Layer component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1964 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1963 (Unspecified vulnerability in the Network Foundation component in ...)
NOT-FOR-US: Oracle Database
CVE-2008-6832 (Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA ...)
@@ -6755,7 +6755,7 @@
CVE-2009-1480 (SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows ...)
NOT-FOR-US: Pragyan CMS
CVE-2009-1479 (Directory traversal vulnerability in client/desktop/default.htm in ...)
- TODO: check
+ NOT-FOR-US: Boxalino
CVE-2009-1478 (Multiple unspecified vulnerabilities in the DTrace ioctl handlers in ...)
NOT-FOR-US: Solaris
CVE-2008-6774 (internettoolbar/edit.php in YourPlace 1.0.2 and earlier does not end ...)
@@ -8600,7 +8600,7 @@
CVE-2009-1019 (Unspecified vulnerability in the Network Authentication component in ...)
NOT-FOR-US: Oracle Database
CVE-2009-1018 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1017 (Unspecified vulnerability in the BI Publisher component in Oracle ...)
NOT-FOR-US: Oracle Application Server
CVE-2009-1016 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
@@ -8622,7 +8622,7 @@
CVE-2009-1008 (Unspecified vulnerability in the Outside In Technology component in ...)
NOT-FOR-US: Oracle Application Server
CVE-2009-1007 (Unspecified vulnerability in the Data Mining component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2009-1006 (Unspecified vulnerability in the JRockit component in BEA Product ...)
NOT-FOR-US: BEA Product Suite
CVE-2009-1005 (Unspecified vulnerability in the Oracle Data Service Integrator ...)
@@ -17868,9 +17868,9 @@
- linux-2.6 2.6.26-5
[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.26)
CVE-2008-3685 (Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent ...)
- TODO: check
+ NOT-FOR-US: EMC Documentum ApplicationXtender Workflow
CVE-2008-3684 (Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service ...)
- TODO: check
+ NOT-FOR-US: EMC Documentum ApplicationXtender Workflow
CVE-2008-3683 (Unspecified vulnerability in the FTP subsystem in Sun Java System Web ...)
NOT-FOR-US: Sun Java System Web Proxy Server
CVE-2008-3682 (SQL injection vulnerability in dpage.php in YPN PHP Realty allows ...)
More information about the Secure-testing-commits
mailing list