thr3ads.net - Secure testing commits - [Secure-testing-commits] r13359

If this information is useful, please help other people find it:
Share via:
Raphael Geissert
2009-Nov-24 04:36 UTC
[Secure-testing-commits] r13359 - data/CVE

Author: geissert
Date: 2009-11-24 04:36:29 +0000 (Tue, 24 Nov 2009)
New Revision: 13359

Modified:
   data/CVE/list
Log:
NFUs, viewvc issues, bugzilla issue


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-11-24 03:50:06 UTC (rev 13358)
+++ data/CVE/list	2009-11-24 04:36:29 UTC (rev 13359)
@@ -456,7 +456,7 @@
 CVE-2009-3843
 	RESERVED
 CVE-2009-3842 (Unspecified vulnerability on the HP Color LaserJet M3530
Multifunction ...)
-	TODO: check
+	NOT-FOR-US: HP Color LaserJet
 CVE-2009-3841 (Unspecified vulnerability in HP Discovery &amp; Dependency
Mapping ...)
 	NOT-FOR-US: HP Discovery & Dependency Mapping
 CVE-2009-3840 (The embedded database engine service (aka ovdbrun.exe) in HP
OpenView ...)
@@ -882,7 +882,7 @@
 CVE-2009-3677
 	RESERVED
 CVE-2009-3676 (The kernel in Microsoft Windows Server 2008 R2 and Windows 7
allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows Server
 CVE-2009-3675
 	RESERVED
 CVE-2009-3674
@@ -1039,8 +1039,10 @@
 	- linux-2.6 <unfixed> (medium)
 	- linux-2.6.24 <removed> (medium)
 CVE-2009-3619 (Unspecified vulnerability in ViewVC 1.0 before 1.0.9 and 1.1
before ...)
+	- viewvc <unfixed>
 	TODO: check
 CVE-2009-3618 (Cross-site scripting (XSS) vulnerability in viewvc.py in ViewVC
1.0 ...)
+	- viewvc <unfixed>
 	TODO: check
 CVE-2009-3617 (Format string vulnerability in the AbstractCommand::onAbort
function ...)
 	- aria2 1.6.2-1 (low)
@@ -1189,7 +1191,7 @@
 CVE-2009-XXXX [phpgroupware unspecified addressbook issue]
 	- phpgroupware 1:0.9.16.012+dfsg-9
 CVE-2009-3566 (McAfee IntruShield Network Security Manager (NSM) before
5.1.11.8.1 ...)
-	TODO: check
+	NOT-FOR-US: McAfee IntruShield Network Security Manager
 CVE-2009-3565 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	TODO: check
 CVE-2009-3564 (puppetmasterd in puppet 0.24.6 does not reset supplementary
groups ...)
@@ -1641,6 +1643,7 @@
 CVE-2009-3387
 	RESERVED
 CVE-2009-3386 (Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through
3.5.1 ...)
+	- bugzilla <unfixed>
 	TODO: check
 CVE-2009-3385
 	RESERVED
@@ -2402,23 +2405,23 @@
 CVE-2009-3136
 	RESERVED
 CVE-2009-3135 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3
and 2003 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2009-3134 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2;
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2009-3133 (Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac,
and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2009-3132 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2;
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2009-3131 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2;
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2009-3130 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3,
Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2009-3129 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2;
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2009-3128 (Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel
Viewer ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2009-3127 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and
2008 for ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2009-3126 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1,
Windows ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2009-3162 (Cross-site scripting (XSS) vulnerability in Multi Website 1.5
allows ...)
@@ -4748,7 +4751,7 @@
 CVE-2009-2524 (Integer underflow in the NTLM authentication feature in the
Local ...)
 	NOT-FOR-US: Microsoft Windows XP 
 CVE-2009-2523 (The License Logging Server (llssrv.exe) in Microsoft Windows
2000 SP4 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows 2000
 CVE-2009-2522
 	RESERVED
 CVE-2009-2521 (Stack consumption vulnerability in the FTP Service in Microsoft
...)
@@ -4766,11 +4769,11 @@
 CVE-2009-2515 (Integer underflow in the kernel in Microsoft Windows 2000 SP4,
XP SP2 ...)
 	NOT-FOR-US: Microsoft Windows 2000
 CVE-2009-2514 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2
and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2009-2513 (The Graphics Device Interface (GDI) in win32k.sys in the kernel
in ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2009-2512 (The Web Services on Devices API (WSDAPI) in Windows Vista Gold,
SP1, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2009-2511 (Integer overflow in the CryptoAPI component in Microsoft Windows
2000 ...)
 	NOT-FOR-US: Microsoft Windows 2000
 CVE-2009-2510 (The CryptoAPI component in Microsoft Windows 2000 SP4, Windows
XP SP2 ...)
@@ -9048,7 +9051,7 @@
 CVE-2009-1128 (Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3
allows ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-1127 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2
and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2009-1126 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and
Server ...)
 	NOT-FOR-US: Microsoft
 CVE-2009-1125 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server
2003 ...)
Secure testing commits - Nov 2009 - r13359 - data/CVE

[Secure-testing-commits] r13359 - data/CVE
