thr3ads.net - Secure testing commits - [Secure-testing-commits] r12905

If this information is useful, please help other people find it:
Share via:
Nico Golde
2009-Sep-30 16:41 UTC
[Secure-testing-commits] r12905 - data/CVE

Author: nion
Date: 2009-09-30 16:41:49 +0000 (Wed, 30 Sep 2009)
New Revision: 12905

Modified:
   data/CVE/list
Log:
- NFUs
- new kernel issue (CVE-2009-3280)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-09-30 07:18:37 UTC (rev 12904)
+++ data/CVE/list	2009-09-30 16:41:49 UTC (rev 12905)
@@ -2,35 +2,35 @@
 	- xen-tools <unfixed> (low; bug #548909)
 	TODO: request CVE id
 CVE-2009-3446 (SQL injection vulnerability in the MyRemote Video Gallery
(com_mytube) ...)
-	TODO: check
+	NOT-FOR-US: com_mytube component for Joomla!
 CVE-2009-3445 (Unspecified vulnerability in Code-Crafters Ability Mail Server
before ...)
-	TODO: check
+	NOT-FOR-US: Ability Mail Server
 CVE-2009-3444 (Cross-site scripting (XSS) vulnerability in email.php in e107
0.7.16 ...)
-	TODO: check
+	NOT-FOR-US: e107
 CVE-2009-3443 (SQL injection vulnerability in the Fastball (com_fastball)
component ...)
-	TODO: check
+	NOT-FOR-US: com_fastball component for Joomla!
 CVE-2009-3442 (The Meta tags (aka Nodewords) module before 6.x-1.1 for Drupal
does ...)
-	TODO: check
+	NOT-FOR-US: Nodewords module for Drupal
 CVE-2009-3441 (Open Source Security Information Management (OSSIM) before 2.1.2
...)
-	TODO: check
+	NOT-FOR-US: Open Source Security Information Management
 CVE-2009-3440 (Cross-site scripting (XSS) vulnerability in Open Source Security
...)
-	TODO: check
+	NOT-FOR-US: Open Source Security Information Management
 CVE-2009-3439 (Multiple SQL injection vulnerabilities in Open Source Security
...)
-	TODO: check
+	NOT-FOR-US: Open Source Security Information Management
 CVE-2009-3438 (SQL injection vulnerability in the JoomlaFacebook (com_facebook)
...)
-	TODO: check
+	NOT-FOR-US: com_facebook component for Joomla!
 CVE-2009-3437 (Cross-site scripting (XSS) vulnerability in the live preview
feature ...)
-	TODO: check
+	NOT-FOR-US: Markdown Preview module for Drupal
 CVE-2009-3436 (Multiple SQL injection vulnerabilities in forum.asp in
MaxWebPortal ...)
-	TODO: check
+	NOT-FOR-US: MaxWebPortal
 CVE-2009-3435 (Cross-site scripting (XSS) vulnerability in the variable editor
in the ...)
-	TODO: check
+	NOT-FOR-US: Devel module for Drupal
 CVE-2009-3434 (SQL injection vulnerability in the Tupinambis (com_tupinambis)
...)
-	TODO: check
+	NOT-FOR-US: com_tupinambis for Mambo and Joomla!
 CVE-2009-3433 (Unspecified vulnerability in clsetup in the configuration
utility in ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris Cluster
 CVE-2009-3432 (Unspecified vulnerability in xscreensaver in Sun Solaris 10, and
...)
-	TODO: check
+	NOT-FOR-US: Sun OpenSolaris xscreensaver
 CVE-2009-3431 (Stack consumption vulnerability in Adobe Acrobat 9.1.1 allows
remote ...)
 	NOT-FOR-US: Adobe Acrobat
 CVE-2009-3430 (SQL injection vulnerability in login.php in Allomani Mobile 2.5
allows ...)
@@ -345,7 +345,8 @@
 CVE-2009-3281
 	RESERVED
 CVE-2009-3280 (Integer signedness error in the find_ie function in ...)
-	TODO: check
+	- linux-2.6 <unfixed> (medium)
+	- linux-2.6.24 <removed>
 CVE-2009-3279 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613,
3.1.0 ...)
 	NOT-FOR-US: QNAP TS-239 Pro and TS-639
 CVE-2009-3278 (The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613,
3.1.0 ...)
Secure testing commits - Sep 2009 - r12905 - data/CVE

[Secure-testing-commits] r12905 - data/CVE
