Author: derevko-guest Date: 2009-08-21 07:50:25 +0000 (Fri, 21 Aug 2009) New Revision: 12651 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-08-20 21:14:17 UTC (rev 12650) +++ data/CVE/list 2009-08-21 07:50:25 UTC (rev 12651) @@ -39,13 +39,13 @@ CVE-2009-2861 RESERVED CVE-2009-2860 (Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows ...) - TODO: check + NOT-FOR-US: db2jds in IBM DB2 CVE-2009-2859 (IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2009-2858 (Memory leak in the Security component in IBM DB2 8.1 before FP18 on ...) - TODO: check + NOT-FOR-US: IBM DB2 CVE-2009-2857 (The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before ...) - TODO: check + NOT-FOR-US: kernel in Sun Solaris CVE-2009-2856 (Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding ...) NOT-FOR-US: Sun Virtual Desktop Infrastructure CVE-2009-2855 (The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 ...) @@ -62,7 +62,7 @@ NOT-FOR-US: NASA Common Data Format CVE-2009-2845 REJECTED - TODO: check + NOT-FOR-US: duplicate of CVE-2009-2768 CVE-2008-7015 (Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel ...) NOT-FOR-US: Unreal Tournament CVE-2008-7014 (fhttpd 0.4.2 allows remote attackers to cause a denial of service ...) @@ -235,15 +235,15 @@ CVE-2009-2779 (SQL injection vulnerability in index.php in AJ Matrix DNA allows ...) NOT-FOR-US: AJ Matrix DNA CVE-2008-7003 (Multiple SQL injection vulnerabilities in login.php in The Rat CMS ...) - TODO: check + NOT-FOR-US: The Rat CMS CVE-2008-7002 (PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir ...) TODO: check CVE-2008-7001 (Unrestricted file upload vulnerability in the file manager in Creative ...) - TODO: check + NOT-FOR-US: Creative Mind Creator CMS CVE-2008-7000 (PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 ...) TODO: check CVE-2008-6999 (phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote ...) - TODO: check + NOT-FOR-US: phpAuction CVE-2008-6998 (Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in ...) TODO: check CVE-2008-6997 (Google Chrome 0.2.149.27 allows user-assisted remote attackers to ...) @@ -259,35 +259,35 @@ CVE-2008-6992 (GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, ...) NOT-FOR-US: GreenSQL Firewall CVE-2008-6991 (SQL injection vulnerability in public/page.php in Websens CMSbright ...) - TODO: check + NOT-FOR-US: CMSbright CVE-2008-6990 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka ...) - TODO: check + NOT-FOR-US: Easy Photo Gallery CVE-2008-6989 (SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka ...) - TODO: check + NOT-FOR-US: Easy Photo Gallery CVE-2008-6988 (Multiple cross-site scripting (XSS) vulnerabilities in Easy Photo ...) - TODO: check + NOT-FOR-US: Easy Photo Gallery CVE-2008-6987 (Unrestricted file upload vulnerability in eZoneScripts Dating Website ...) - TODO: check + NOT-FOR-US: eZoneScripts Dating Website script CVE-2008-6986 (SQL injection vulnerability in the actionMultipleAddProduct function ...) - TODO: check + NOT-FOR-US: Zen Cart CVE-2008-6985 (Multiple SQL injection vulnerabilities in ...) - TODO: check + NOT-FOR-US: Zen Cart CVE-2008-6984 (Plesk 8.6.0, when short mail login names (SHORTNAMES) are enabled, ...) - TODO: check + NOT-FOR-US: Plesk CVE-2008-6983 (modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers ...) - TODO: check + NOT-FOR-US: devalcms CVE-2008-6982 (Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a ...) - TODO: check + NOT-FOR-US: devalcms CVE-2008-6981 (index.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers ...) - TODO: check + NOT-FOR-US: phpAdultSite CMS CVE-2008-6980 (SQL injection vulnerability in as_archives.php in phpAdultSite CMS, ...) - TODO: check + NOT-FOR-US: phpAdultSite CMS CVE-2008-6979 (Cross-site scripting (XSS) vulnerability in as_archives.php in ...) - TODO: check + NOT-FOR-US: phpAdultSite CMS CVE-2008-6978 (Unrestricted file upload vulnerability in Full Revolution aspWebAlbum ...) - TODO: check + NOT-FOR-US: aspWebAlbum CVE-2008-6977 (Cross-site scripting (XSS) vulnerability in album.asp in Full ...) - TODO: check + NOT-FOR-US: aspWebAlbum CVE-2008-6976 (MicroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows ...) NOT-FOR-US: MicroTik RouterOS CVE-2009-2778 (Cross-site scripting (XSS) vulnerability in visitor/view.php in ...) @@ -413,7 +413,7 @@ CVE-2009-2741 RESERVED CVE-2009-2740 (kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention ...) - TODO: check + NOT-FOR-US: CA Host-Based Intrusion Prevention System (HIPS) CVE-2009-2739 (Cross-site scripting (XSS) vulnerability in FreeNAS before 0.69.2 ...) NOT-FOR-US: FreeNAS CVE-2009-2738 (Cross-site request forgery (CSRF) vulnerability in the WebGUI in ...) @@ -948,7 +948,7 @@ CVE-2009-2628 RESERVED CVE-2009-2627 (The Acer LunchApp (aka AcerCtrls.APlunch) ActiveX control in ...) - TODO: check + NOT-FOR-US: Acer LunchApp CVE-2009-2626 RESERVED CVE-2009-2625 (Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in ...) @@ -2464,7 +2464,7 @@ CVE-2009-2056 RESERVED CVE-2009-2055 (Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Cisco IOS CVE-2009-2054 RESERVED CVE-2009-2053 @@ -7126,7 +7126,7 @@ CVE-2009-0683 RESERVED CVE-2009-0682 (vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before ...) - TODO: check + NOT-FOR-US: CA Internet Security Suite CVE-2009-0681 (PGP Desktop before 9.10 allows local users to (1) cause a denial of ...) NOT-FOR-US: PGP Desktop CVE-2009-0680 (cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows ...)