Author: derevko-guest Date: 2009-06-16 06:27:14 +0000 (Tue, 16 Jun 2009) New Revision: 12134 Modified: data/CVE/list Log: - NFUs - New xulrunner and libpng issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-06-15 21:14:13 UTC (rev 12133) +++ data/CVE/list 2009-06-16 06:27:14 UTC (rev 12134) @@ -23,31 +23,33 @@ CVE-2009-2045 RESERVED CVE-2009-2044 (Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to ...) - TODO: check + - xulrunner <unfixed> (low) + TODO: check when MFSA is issued CVE-2009-2043 (nsViewManager.cpp in Mozilla Firefox 3.0.2 through 3.0.10 allows ...) - TODO: check + TODO: check when MFSA is issued + - xulrunner <unfixed> (low) CVE-2009-2042 (libpng before 1.2.37 does not properly parse 1-bit interlaced images ...) - TODO: check + - libpng 1.2.37-1 (low) CVE-2009-2041 (Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab ...) - TODO: check + NOT-FOR-US: activeCollab CVE-2009-2040 (admin/options.php in Grestul 1.2 does not properly restrict access, ...) - TODO: check + NOT-FOR-US: Grestul CVE-2009-2039 (Unspecified vulnerability in the Luottokunta module before 1.3 for ...) - TODO: check + NOT-FOR-US: Luottokunta module for osCommerce CVE-2009-2038 (Unspecified vulnerability in the Finnish Bank Payment module 2.2 for ...) - TODO: check + NOT-FOR-US: Finnish Bank Payment module 2.2 for osCommerce CVE-2009-2037 (Multiple directory traversal vulnerabilities in Online Grades & ...) - TODO: check + NOT-FOR-US: Online Grades CVE-2009-2036 (SQL injection vulnerability in index.php in Open Biller 0.1 allows ...) - TODO: check + NOT-FOR-US: Open Biller CVE-2009-2035 (Unspecified vulnerability in Services 6.x before 6.x-0.14, a module ...) TODO: check CVE-2009-2034 (SQL injection vulnerability in writemessage.php in Yogurt 0.3, when ...) - TODO: check + NOT-FOR-US: Yogurt CVE-2009-2033 (Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 ...) - TODO: check + NOT-FOR-US: Yogurt CVE-2009-2032 (Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, ...) - TODO: check + NOT-FOR-US: PDshopPro CVE-2009-XXXX [git-daemon Parameter Parsing Infinite Loop Denial of Service] - git-core <unfixed> (medium; bug #532935) [etch] - git-core <not-affected> (Vulnerable code not present)