Author: jamie-guest
Date: 2009-09-01 23:08:31 +0000 (Tue, 01 Sep 2009)
New Revision: 12730
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-09-01 21:14:17 UTC (rev 12729)
+++ data/CVE/list 2009-09-01 23:08:31 UTC (rev 12730)
@@ -1,3 +1,49 @@
+CVE-2009-3038
+ NOT-FOR-US: ActiveX
+CVE-2009-3037
+ NOT-FOR-US: Autonomy KeyView XLS viewer
+CVE-2008-7152
+ NOT-FOR-US: Specimen Image Database
+CVE-2008-7151
+ NOT-FOR-US: Live third-party Drupal module
+CVE-2008-7150
+ NOT-FOR-US: Refine by Taxonomy
+CVE-2008-7149
+ NOT-FOR-US: AgileWiki
+CVE-2008-7148
+ NOT-FOR-US: Synfig Animation Studio
+CVE-2008-7147
+ NOT-FOR-US: IntraLearn Software IntraLearn
+CVE-2008-7146
+ NOT-FOR-US: IntraLearn Software IntraLearn
+CVE-2008-7145
+ NOT-FOR-US: CoronaMatrix phpAddressBook
+CVE-2008-7144
+ NOT-FOR-US: RARLAB WinRAR
+CVE-2008-7143
+ NOT-FOR-US: phpBB 2
+CVE-2008-7142
+ NOT-FOR-US: cPanel
+CVE-2008-7141
+ NOT-FOR-US: @lex Poll
+CVE-2008-7140
+ NOT-FOR-US: @lex Guestbook
+CVE-2008-7139
+ NOT-FOR-US: Eye-Fi
+CVE-2008-7138
+ NOT-FOR-US: Eye-Fi
+CVE-2008-7137
+ NOT-FOR-US: Eye-Fi
+CVE-2008-7136
+ NOT-FOR-US: ICQ Toolbar
+CVE-2008-7135
+ NOT-FOR-US: ICQ Toolbar
+CVE-2008-7134
+ NOT-FOR-US: Chris LaPointe RedGalaxy Download Center
+CVE-2008-7133
+ NOT-FOR-US: onlinetools.org EasyImageCatalogue
+CVE-2008-7132
+ NOT-FOR-US: Nuked-Klan
CVE-2009-3036
RESERVED
CVE-2009-3035
@@ -23,31 +69,31 @@
CVE-2009-3024 (The verify_hostname_of_cert function in the certificate checking
...)
TODO: check
CVE-2009-3023 (Buffer overflow in the FTP server in Microsoft IIS 5.0 and 6.0
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft IIS
CVE-2009-3022 (Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2
and ...)
- TODO: check
+ NOT-FOR-US: bingo!CMS
CVE-2009-3021 (Cross-site scripting (XSS) vulnerability in Site Calendar
''mycaljp'' ...)
- TODO: check
+ NOT-FOR-US: Site Calendar ''mycaljp'' plugin
CVE-2009-3020 (win32k.sys in Microsoft Windows Server 2003 SP2 allows remote
...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Server
CVE-2009-3019 (Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and
Internet ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2009-3018 (Maxthon Browser 3.0.0.145 Alpha with Ultramode does not properly
block ...)
- TODO: check
+ NOT-FOR-US: Maxthon Browser
CVE-2009-3017 (Orca Browser 1.2 build 5 does not properly block data: URIs in
Refresh ...)
- TODO: check
+ NOT-FOR-US: Orca Browser
CVE-2009-3016 (Apple Safari 4.0.3 does not properly block javascript: and data:
URIs ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2009-3015 (QtWeb 3.0 Builds 001 and 003 does not properly block javascript:
and ...)
TODO: check
CVE-2009-3014 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1
pre; ...)
TODO: check
CVE-2009-3013 (Opera 9.52 and earlier, and 10.00 Beta 3 Build 1699, does not
properly ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2009-3012 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1
pre ...)
TODO: check
CVE-2009-3011 (Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37,
and ...)
- TODO: check
+ NOT-FOR-US: Google Chrome
CVE-2009-3010 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1
pre; ...)
TODO: check
CVE-2009-3009
@@ -61,7 +107,7 @@
CVE-2009-3005 (Lunascape 5.1.3 and 5.1.4 allows remote attackers to spoof the
address ...)
NOT-FOR-US: Lunascape
CVE-2009-3004 (Avant Browser 11.7 Builds 35 and 36 allows remote attackers to
spoof ...)
- TODO: check
+ NOT-FOR-US: Avant Browser
CVE-2009-3003 (Microsoft Internet Explorer 6 through 8 allows remote attackers
to ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2009-3002 (The Linux kernel before 2.6.31-rc7 does not initialize certain
data ...)