Author: kees Date: 2009-08-01 00:17:55 +0000 (Sat, 01 Aug 2009) New Revision: 12456 Modified: data/CVE/list Log: NFUs: 26 Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-07-31 23:20:21 UTC (rev 12455) +++ data/CVE/list 2009-08-01 00:17:55 UTC (rev 12456) @@ -5,30 +5,30 @@ CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote ...) TODO: check CVE-2009-2650 (Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0 ...) - TODO: check + NOT-FOR-US: Sorcerer Software MultiMedia Jukebox CVE-2009-2649 (The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev ...) - TODO: check + NOT-FOR-US: FreeBSD CVE-2009-2648 (FlashDen Guestbook allows remote attackers to obtain configuration ...) - TODO: check + NOT-FOR-US: FlashDen Guestbook CVE-2009-2647 (Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky ...) - TODO: check + NOT-FOR-US: Kaspersky Anti-Virus CVE-2009-2646 (Multiple unspecified vulnerabilities in the PDF distiller in the ...) - TODO: check + NOT-FOR-US: Research In Motion (RIM) BlackBerry Enterprise Server (BES) CVE-2009-2645 REJECTED - TODO: check + NOT-FOR-US: ** REJECT ** CVE-2009-2644 (Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and ...) - TODO: check + NOT-FOR-US: Sun Solaris CVE-2008-6883 (SQL injection vulnerability in the Live Chat (com_livechat) component ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2008-6882 (Live Chat (com_livechat) component 1.0 for Joomla! allows remote ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2008-6881 (Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2008-6880 (SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes ...) - TODO: check + NOT-FOR-US: EasySiteNetwork Free Jokes Website CVE-2008-6879 (Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, ...) - TODO: check + NOT-FOR-US: Apache Roller CVE-2009-XXXX [python-django directory traversal in test webserver] - python-django 1.1-1 (low; bug #539134) [etch] - python-django <no-dsa> (Minor issue) @@ -374,11 +374,11 @@ CVE-2009-2496 RESERVED CVE-2009-2495 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...) - TODO: check + NOT-FOR-US: Microsoft Visual Studio .NET CVE-2009-2494 RESERVED CVE-2009-2493 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...) - TODO: check + NOT-FOR-US: Microsoft Visual Studio .NET CVE-2009-2492 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart ...) - movabletype-opensource 4.2.6.1-1 (low; bug #537935) CVE-2009-XXXX [mediawiki: XSS via specialblock] @@ -631,7 +631,7 @@ CVE-2009-2411 RESERVED CVE-2009-2410 (The local_handler_callback function in ...) - TODO: check + NOT-FOR-US: sssd CVE-2009-2409 (The NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 ...) TODO: check CVE-2009-2408 (Mozilla Firefox before 3.5 and NSS before 3.12.3 do not properly ...) @@ -1553,7 +1553,7 @@ CVE-2009-2050 RESERVED CVE-2009-2049 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through ...) - TODO: check + NOT-FOR-US: Cisco IOS CVE-2009-2048 (Cross-site scripting (XSS) vulnerability in the Administration ...) NOT-FOR-US: Cisco CVE-2009-2047 (Directory traversal vulnerability in the Administration interface in ...) @@ -1871,11 +1871,11 @@ CVE-2009-1920 RESERVED CVE-2009-1919 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2009-1918 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2009-1917 (Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2009-1916 (dig.php in GScripts.net DNS Tools allows remote attackers to execute ...) NOT-FOR-US: GScripts.net DNS Tools CVE-2009-1915 (Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ...) @@ -3277,7 +3277,7 @@ CVE-2009-1427 RESERVED CVE-2009-1426 (Unspecified vulnerability on HP ProLiant DL and ML 100 Series G5, G5p, ...) - TODO: check + NOT-FOR-US: HP ProLiant CVE-2009-1425 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...) NOT-FOR-US: HP ProCurve CVE-2009-1424 (Unspecified vulnerability in HP ProCurve Threat Management Services zl ...) @@ -4454,15 +4454,15 @@ - xulrunner 1.9.0.8-1 - kompozer 1:0.8~alpha2+dfsg+svn129-1 CVE-2009-1168 (Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through ...) - TODO: check + NOT-FOR-US: Cisco IOS CVE-2009-1167 (Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) ...) - TODO: check + NOT-FOR-US: Cisco Wireless LAN Controller CVE-2009-1166 (The administrative web interface on the Cisco Wireless LAN Controller ...) - TODO: check + NOT-FOR-US: Cisco Wireless LAN Controller CVE-2009-1165 (Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x ...) - TODO: check + NOT-FOR-US: Cisco Wireless LAN Controller CVE-2009-1164 (The administrative web interface on the Cisco Wireless LAN Controller ...) - TODO: check + NOT-FOR-US: Cisco Wireless LAN Controller CVE-2009-1163 (Memory leak on the Cisco Physical Access Gateway with software before ...) NOT-FOR-US: Cisco CVE-2009-1162 (Cross-site scripting (XSS) vulnerability in the Spam Quarantine login ...) @@ -5277,7 +5277,7 @@ CVE-2009-0902 RESERVED CVE-2009-0901 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 ...) - TODO: check + NOT-FOR-US: Microsoft Visual Studio .NET CVE-2009-0900 RESERVED CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 ...)