Secure testing commits - Jan 2009 - r11062 - data/CVE

Author: jamie-guest
Date: 2009-01-27 17:46:06 +0000 (Tue, 27 Jan 2009)
New Revision: 11062

Modified:
   data/CVE/list
Log:
NOT-FOR-US updates

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-01-27 15:47:15 UTC (rev 11061)
+++ data/CVE/list	2009-01-27 17:46:06 UTC (rev 11062)
@@ -1,3 +1,51 @@
+CVE-2009-0278
+	NOT-FOR-US: Sun Java System Application Server (AS)
+CVE-2009-0277
+	NOT-FOR-US: OpenSolaris
+CVE-2009-0275
+	NOT-FOR-US: Ryneezy phoSheezy
+CVE-2009-0271
+	NOT-FOR-US: Fujitsu SystemcastWizard Lite
+CVE-2009-0270
+	NOT-FOR-US: Fujitsu SystemcastWizard Lite
+CVE-2009-0268
+	NOT-FOR-US: Sun Solaris
+CVE-2009-0267
+	NOT-FOR-US: Sun Solaris
+CVE-2009-0266
+	NOT-FOR-US: Triologic Media Player
+CVE-2009-0264
+	NOT-FOR-US: Fujitsu SystemcastWizard Lite
+CVE-2008-5981
+	NOT-FOR-US: PacPoll
+CVE-2008-5980
+	NOT-FOR-US: Ocean12 Mailing List Manager Gold
+CVE-2008-5979
+	NOT-FOR-US: Ocean12 Mailing List Manager Gold
+CVE-2008-5978
+	NOT-FOR-US: Ocean12 Mailing List Manager Gold
+CVE-2008-5977
+	NOT-FOR-US: PHP JOBWEBSITE PRO
+CVE-2008-5976
+	NOT-FOR-US: PHP JOBWEBSITE PRO
+CVE-2008-5975
+	NOT-FOR-US: Active Price Comparison
+CVE-2008-5974
+	NOT-FOR-US: Active Price Comparison
+CVE-2008-5973
+	NOT-FOR-US: Active Web Mail
+CVE-2008-5972
+	NOT-FOR-US: Active Business Directory
+CVE-2008-5971
+	NOT-FOR-US: i-Net Solution Orkut Clone
+CVE-2008-5970
+	NOT-FOR-US: i-Net Solution Orkut Clone
+CVE-2008-5969
+	NOT-FOR-US: Sunbyte e-Flower
+CVE-2008-5966
+	NOT-FOR-US: Globsy
+CVE-2008-5965
+	NOT-FOR-US: LokiCMS
 CVE-2009-0263 (Multiple buffer overflows in Winamp 5.541 and earlier allow
remote ...)
 	NOT-FOR-US: Winamp
 CVE-2009-0262 (Stack-based buffer overflow in Triologic Media Player 7 and
8.0.0.0 ...)
@@ -1307,7 +1355,7 @@
 CVE-2009-0027
 	RESERVED
 CVE-2009-0026 (Multiple cross-site scripting (XSS) vulnerabilities in Apache
...)
-	TODO: check
+	NOT-FOR-US: Apache Jackrabbit
 CVE-2009-0025 (BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly
check ...)
 	{DSA-1703-1}
 	- bind9 <unfixed> (low; bug #511936)
@@ -2235,7 +2283,7 @@
 CVE-2008-5261
 	RESERVED
 CVE-2008-5260
-	RESERVED
+	NOT-FOR-US: ActiveX
 CVE-2008-5259
 	RESERVED
 CVE-2008-5258
@@ -5713,7 +5761,7 @@
 CVE-2008-3821 (Multiple cross-site scripting (XSS) vulnerabilities in the HTTP
server ...)
 	NOT-FOR-US: Cisco IOS
 CVE-2008-3820 (Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS
Event ...)
-	TODO: check
+	NOT-FOR-US: Cisco Security Manager
 CVE-2008-3819 (dnsserver in Cisco Application Control Engine Global Site
Selector ...)
 	NOT-FOR-US: Cisco Application Control Engine Global Site Selector (GSS)
 CVE-2008-3818 (Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600
with ...)
@@ -9218,9 +9266,9 @@
 CVE-2008-2369 (manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has
a ...)
 	NOT-FOR-US: Red Hat Network Satellite Server
 CVE-2008-2368 (Red Hat Certificate System 7.2 stores passwords in cleartext in
the ...)
-	TODO: check
+	NOT-FOR-US: Red Hat Certificate System
 CVE-2008-2367 (Red Hat Certificate System 7.2 uses world-readable permissions
for ...)
-	TODO: check
+	NOT-FOR-US: Red Hat Certificate System
 CVE-2008-2366 (Untrusted search path vulnerability in a certain Red Hat build
script ...)
 	- openoffice.org <not-affected> (RedHat-specific packaging flaw)
 CVE-2008-2365 (Race condition in the ptrace and utrace support in the Linux
kernel ...)