Author: nion Date: 2009-04-23 19:34:11 +0000 (Thu, 23 Apr 2009) New Revision: 11700 Modified: data/CVE/list Log: NFUs, short note to CVE-2009-1266 Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-04-23 19:05:21 UTC (rev 11699) +++ data/CVE/list 2009-04-23 19:34:11 UTC (rev 11700) @@ -1,45 +1,45 @@ CVE-2009-1357 RESERVED CVE-2009-1356 (Stack-based buffer overflow in Elecard AVC HD Player allows remote ...) - TODO: check + NOT-FOR-US: Elecard AVC HD Player CVE-2009-1355 (Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 ...) - TODO: check + NOT-FOR-US: IBM AIX CVE-2009-1354 (Directory traversal vulnerability in Mongoose 2.4 allows remote ...) - TODO: check + NOT-FOR-US: Mongoose CVE-2009-1353 (Buffer overflow in the http_parse_hex function in libz/misc.c in ...) - TODO: check + NOT-FOR-US: Zervit Webserver CVE-2009-1352 (Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote ...) - TODO: check + NOT-FOR-US: PowerCHM CVE-2009-1351 (Heap-based buffer overflow in Apollo 37zz allows remote attackers to ...) - TODO: check + NOT-FOR-US: Apollo 37zz CVE-2009-1350 (Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client ...) - TODO: check + NOT-FOR-US: Novell NetIdentity Client CVE-2009-1349 (Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 ...) - TODO: check + NOT-FOR-US: C2Net Stronghold CVE-2008-6742 (Foxy P2P software allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Foxy P2P CVE-2008-6741 (SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) ...) - TODO: check + NOT-FOR-US: Simple Machines Forum CVE-2008-6740 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: HoMaP-CMS CVE-2008-6739 (Todd Woolums ASP Download management script 1.03 does not require ...) - TODO: check + NOT-FOR-US: Todd Woolums ASP Download management script CVE-2008-6738 (MyShoutPro 1.2 allows remote attackers to bypass authentication and ...) - TODO: check + NOT-FOR-US: MyShoutPro CVE-2008-6737 (Crysis 1.21 and earlier allows remote attackers to obtain sensitive ...) - TODO: check + NOT-FOR-US: Crysis CVE-2008-6736 (Flat Calendar 1.1 does not properly restrict access to administrative ...) - TODO: check + NOT-FOR-US: Flat Calendar CVE-2008-6735 (Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 ...) - TODO: check + NOT-FOR-US: ThaiQuickCart CVE-2008-6734 (Directory traversal vulnerability in Public/index.php in Keller Web ...) - TODO: check + NOT-FOR-US: Keller Web Admin CMS CVE-2008-6733 (Cross-site scripting (XSS) vulnerability in the error handling page in ...) - TODO: check + NOT-FOR-US: DotNetNuke CVE-2008-6732 (Cross-site scripting (XSS) vulnerability in the Language skin object ...) - TODO: check + NOT-FOR-US: DotNetNuke CVE-2006-7238 (Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2 ...) - TODO: check + NOT-FOR-US: MyShoutPro CVE-2009-1358 (apt-get in apt before 0.7.21 does not check for the correct error code ...) - apt 0.7.21 (bug #433091) CVE-2009-XXXX [amule improper path sanitization] @@ -373,6 +373,7 @@ - wireshark 1.0.7-1 CVE-2009-1266 (Unspecified vulnerability in Wireshark before 1.0.7-0.1-1 has unknown ...) TODO: check + NOTE: is likely getting rejected CVE-2009-1265 (Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux ...) - linux-2.6 <unfixed> CVE-2009-1264 (Frontend User Registration (sr_feuser_register) extension 2.5.20 and ...) @@ -2524,13 +2525,13 @@ CVE-2009-0719 RESERVED CVE-2009-0718 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...) - TODO: check + NOT-FOR-US: HP StorageWorks Storage Mirroring CVE-2009-0717 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...) - TODO: check + NOT-FOR-US: HP StorageWorks Storage Mirroring CVE-2009-0716 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...) - TODO: check + NOT-FOR-US: HP StorageWorks Storage Mirroring CVE-2009-0715 (Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials ...) - TODO: check + NOT-FOR-US: HP Storage Essentials CVE-2009-0714 RESERVED CVE-2009-0713 (Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager ...)