thr3ads.net - Secure testing commits - [Secure-testing-commits] r11983

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2009-May-28 06:57 UTC

[Secure-testing-commits] r11983 - data/CVE

Author: derevko-guest
Date: 2009-05-28 06:57:46 +0000 (Thu, 28 May 2009)
New Revision: 11983

Modified:
   data/CVE/list
Log:
NFUs
CVE-2009-1195 is disclosed in RHSA-2009-1075, apache2 is affected.


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-05-27 21:14:12 UTC (rev 11982)
+++ data/CVE/list	2009-05-28 06:57:46 UTC (rev 11983)
@@ -3,7 +3,7 @@
 CVE-2009-1797
 	RESERVED
 CVE-2009-1796 (Cross-site scripting (XSS) vulnerability in Sun Java System
Portal ...)
-	TODO: check
+	NOT-FOR-US: Sun Java System Portal Server
 CVE-2009-1795
 	RESERVED
 CVE-2009-1794
@@ -13,11 +13,11 @@
 CVE-2009-1792
 	RESERVED
 CVE-2009-1790 (Cross-site scripting (XSS) vulnerability in CGI RESCUE Trees
before ...)
-	TODO: check
+	NOT-FOR-US: CGI Rescue Trees
 CVE-2009-1787 (Multiple SQL injection vulnerabilities in PHP Dir Submit (aka
...)
-	TODO: check
+	NOT-FOR-US: PHP Dir Submit
 CVE-2009-1786 (The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local
users ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX libc
 CVE-2009-1785 (Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual
Desktop ...)
 	NOT-FOR-US: Ulteo Open Virtual Desktop
 CVE-2009-1784 (The AVG parsing engine 8.5 323, as used in multiple AVG
anti-virus ...)
@@ -85,7 +85,7 @@
 	[lenny] - transmission <not-affected> (Vulnerable code not present, the
web interface was introduced in 1.30)
 	[etch] - transmission <not-affected> (Vulnerable code not present, the
web interface was introduced in 1.30)
 CVE-2009-1754 (The PackageManagerService class in ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2009-1752 (exJune Office Message System 1 does not properly restrict access
to ...)
 	NOT-FOR-US: exJune Office Message System
 CVE-2009-1751 (SQL injection vulnerability in list_list.php in Realty Webware
...)
@@ -353,11 +353,11 @@
 	[etch] - kdebase <not-affected> (vulnerability introduced in konqueror
4)
 	[lenny] - kdebase <not-affected> (vulnerability introduced in konqueror
4)
 CVE-2009-1636 (Multiple buffer overflows in the Internet Agent (aka GWIA)
component ...)
-	TODO: check
+	NOT-FOR-US: Novell GroupWise
 CVE-2009-1635 (Multiple cross-site scripting (XSS) vulnerabilities in the
WebAccess ...)
 	NOT-FOR-US: Novell GroupWise
 CVE-2009-1634 (The WebAccess component in Novell GroupWise 7.x before 7.03 HP3
and ...)
-	TODO: check
+	NOT-FOR-US: Novell GroupWise
 CVE-2009-1633 [CIFS Unicode issue]
 	RESERVED
 	- linux-2.6 <unfixed>
@@ -1971,8 +1971,9 @@
 	RESERVED
 CVE-2009-1196
 	RESERVED
-CVE-2009-1195
+CVE-2009-1195 [apache2: Apache HTTP Server AllowOverride Options Security
Bypass]
 	RESERVED
+	- apache2 <unfixed> (low; bug #530834)
 CVE-2009-1194 (Integer overflow in the pango_glyph_string_set_size function in
...)
 	{DSA-1798-1}
 	- pango1.0 1.24.0-2 (medium; bug #527474)

Secure testing commits - May 2009 - r11983 - data/CVE

[Secure-testing-commits] r11983 - data/CVE