Author: derevko-guest
Date: 2009-11-10 11:34:24 +0000 (Tue, 10 Nov 2009)
New Revision: 13265
Modified:
data/CVE/list
Log:
- CVE-2008-5676 fixed in libapache-mod-security 2.5.6-1
- NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-11-10 11:04:28 UTC (rev 13264)
+++ data/CVE/list 2009-11-10 11:34:24 UTC (rev 13265)
@@ -2,19 +2,19 @@
- grub2 <unfixed> (high; bug #555195)
NOTE: fixed in upstream verion 1.97.1
CVE-2009-3905 (Multiple cross-site scripting (XSS) vulnerabilities in e-Courier
CMS ...)
- TODO: check
+ NOT-FOR-US: e-Courier CMS
CVE-2009-3904 (classes/session/cc_admin_session.php in CubeCart 4.3.4 does not
...)
- TODO: check
+ NOT-FOR-US: CubeCart
CVE-2009-3903 (Multiple cross-site scripting (XSS) vulnerabilities in
jspui/index.jsp ...)
- TODO: check
+ NOT-FOR-US: ManageEngine Netflow Analyzer 7.5 build 7500
CVE-2009-3902 (Directory traversal vulnerability in Cherokee Web Server 0.5.4
and ...)
TODO: check
CVE-2009-3901 (Multiple cross-site scripting (XSS) vulnerabilities in e-Courier
CMS ...)
- TODO: check
+ NOT-FOR-US: e-Courier CMS
CVE-2009-3900 (Unspecified vulnerability in the Cluster Management component in
IBM ...)
- TODO: check
+ NOT-FOR-US: IBM PowerHA
CVE-2009-3899 (Memory leak in the Sockets Direct Protocol (SDP) driver in Sun
Solaris ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2009-3898
RESERVED
CVE-2009-3897
@@ -1529,7 +1529,7 @@
CVE-2009-3301
RESERVED
CVE-2009-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the
Identity ...)
- TODO: check
+ NOT-FOR-US: Shibboleth Identity
CVE-2009-3299 (Cross-site scripting (XSS) vulnerability in the resume blocktype
in ...)
{DSA-1924-1}
- mahara 1.1.7-1 (low)
@@ -3921,7 +3921,7 @@
CVE-2009-2686
RESERVED
CVE-2009-2685 (Stack-based buffer overflow in the login form in the management
web ...)
- TODO: check
+ NOT-FOR-US: HP Power Manager
CVE-2009-2684 (Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect
and ...)
NOT-FOR-US: Embedded Web Server in HP printers
CVE-2009-2683 (Unspecified vulnerability in the Sender module in HP Remote
Graphics ...)
@@ -12017,7 +12017,7 @@
CVE-2009-0307 (Cross-site scripting (XSS) vulnerability in the
"Customize Statistics ...)
NOT-FOR-US: Motion (RIM) BlackBerry Enterprise Server
CVE-2009-0306 (Buffer overflow in the IBM Lotus Notes Intellisync ActiveX
control in ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Intellisync ActiveX
CVE-2009-0305 (Multiple stack-based buffer overflows in the Research in Motion
RIM ...)
NOT-FOR-US: ActiveX
CVE-2009-0304 (The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris
before ...)
@@ -13354,8 +13354,7 @@
CVE-2008-5677 (Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2,
and ...)
NOT-FOR-US: Kwalbum
CVE-2008-5676 (Multiple unspecified vulnerabilities in the ModSecurity (aka
...)
- - libapache-mod-security <unfixed>
- TODO: check
+ - libapache-mod-security 2.5.6-1
CVE-2008-5675 (Unspecified vulnerability in IBM WebSphere Portal 6.0 before
6.0.1.5 ...)
NOT-FOR-US: IBM WebSphere Portal
CVE-2008-5674 (Multiple array index errors in the HTTP server in Darkwet
Network ...)