[Secure-testing-commits] r12730 - data/CVE

James Strandboge jamie-guest at alioth.debian.org
Tue Sep 1 23:08:31 UTC 2009


Author: jamie-guest
Date: 2009-09-01 23:08:31 +0000 (Tue, 01 Sep 2009)
New Revision: 12730

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-09-01 21:14:17 UTC (rev 12729)
+++ data/CVE/list	2009-09-01 23:08:31 UTC (rev 12730)
@@ -1,3 +1,49 @@
+CVE-2009-3038
+	NOT-FOR-US: ActiveX
+CVE-2009-3037
+	NOT-FOR-US: Autonomy KeyView XLS viewer
+CVE-2008-7152
+	NOT-FOR-US: Specimen Image Database
+CVE-2008-7151
+	NOT-FOR-US: Live third-party Drupal module
+CVE-2008-7150
+	NOT-FOR-US: Refine by Taxonomy
+CVE-2008-7149
+	NOT-FOR-US: AgileWiki
+CVE-2008-7148
+	NOT-FOR-US: Synfig Animation Studio
+CVE-2008-7147
+	NOT-FOR-US: IntraLearn Software IntraLearn
+CVE-2008-7146
+	NOT-FOR-US: IntraLearn Software IntraLearn
+CVE-2008-7145
+	NOT-FOR-US: CoronaMatrix phpAddressBook
+CVE-2008-7144
+	NOT-FOR-US: RARLAB WinRAR
+CVE-2008-7143
+	NOT-FOR-US: phpBB 2
+CVE-2008-7142
+	NOT-FOR-US: cPanel
+CVE-2008-7141
+	NOT-FOR-US: @lex Poll
+CVE-2008-7140
+	NOT-FOR-US: @lex Guestbook
+CVE-2008-7139
+	NOT-FOR-US: Eye-Fi
+CVE-2008-7138
+	NOT-FOR-US: Eye-Fi
+CVE-2008-7137
+	NOT-FOR-US: Eye-Fi
+CVE-2008-7136
+	NOT-FOR-US: ICQ Toolbar
+CVE-2008-7135
+	NOT-FOR-US: ICQ Toolbar
+CVE-2008-7134
+	NOT-FOR-US: Chris LaPointe RedGalaxy Download Center
+CVE-2008-7133
+	NOT-FOR-US: onlinetools.org EasyImageCatalogue
+CVE-2008-7132
+	NOT-FOR-US: Nuked-Klan
 CVE-2009-3036
 	RESERVED
 CVE-2009-3035
@@ -23,31 +69,31 @@
 CVE-2009-3024 (The verify_hostname_of_cert function in the certificate checking ...)
 	TODO: check
 CVE-2009-3023 (Buffer overflow in the FTP server in Microsoft IIS 5.0 and 6.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft IIS
 CVE-2009-3022 (Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and ...)
-	TODO: check
+	NOT-FOR-US: bingo!CMS
 CVE-2009-3021 (Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' ...)
-	TODO: check
+	NOT-FOR-US: Site Calendar 'mycaljp' plugin
 CVE-2009-3020 (win32k.sys in Microsoft Windows Server 2003 SP2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows Server
 CVE-2009-3019 (Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and Internet ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2009-3018 (Maxthon Browser 3.0.0.145 Alpha with Ultramode does not properly block ...)
-	TODO: check
+	NOT-FOR-US: Maxthon Browser
 CVE-2009-3017 (Orca Browser 1.2 build 5 does not properly block data: URIs in Refresh ...)
-	TODO: check
+	NOT-FOR-US: Orca Browser
 CVE-2009-3016 (Apple Safari 4.0.3 does not properly block javascript: and data: URIs ...)
-	TODO: check
+	NOT-FOR-US: Apple Safari
 CVE-2009-3015 (QtWeb 3.0 Builds 001 and 003 does not properly block javascript: and ...)
 	TODO: check
 CVE-2009-3014 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; ...)
 	TODO: check
 CVE-2009-3013 (Opera 9.52 and earlier, and 10.00 Beta 3 Build 1699, does not properly ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2009-3012 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre ...)
 	TODO: check
 CVE-2009-3011 (Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and ...)
-	TODO: check
+	NOT-FOR-US: Google Chrome
 CVE-2009-3010 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; ...)
 	TODO: check
 CVE-2009-3009
@@ -61,7 +107,7 @@
 CVE-2009-3005 (Lunascape 5.1.3 and 5.1.4 allows remote attackers to spoof the address ...)
 	NOT-FOR-US: Lunascape
 CVE-2009-3004 (Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof ...)
-	TODO: check
+	NOT-FOR-US: Avant Browser
 CVE-2009-3003 (Microsoft Internet Explorer 6 through 8 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2009-3002 (The Linux kernel before 2.6.31-rc7 does not initialize certain data ...)




More information about the Secure-testing-commits mailing list