Author: nion
Date: 2009-04-29 18:38:27 +0000 (Wed, 29 Apr 2009)
New Revision: 11743
Modified:
data/CVE/list
Log:
- NFUs
- cveified amule
- chrome present as chromium itp
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-29 09:14:19 UTC (rev 11742)
+++ data/CVE/list 2009-04-29 18:38:27 UTC (rev 11743)
@@ -1,33 +1,31 @@
CVE-2009-1449 (Stack-based buffer overflow in PortableApps CoolPlayer Portable
(aka ...)
- TODO: check
+ NOT-FOR-US: CoolPlayer
CVE-2009-1448 (Cross-site scripting (XSS) vulnerability in apricot.php in
LovPop.net ...)
- TODO: check
+ NOT-FOR-US: LovPop.net
CVE-2009-1447 (Unrestricted file upload vulnerability in
admin/editor/image.php in ...)
- TODO: check
+ NOT-FOR-US: e-cart.biz Free Shopping Car
CVE-2009-1446 (Unrestricted file upload vulnerability in upload.php in
Elkagroup ...)
- TODO: check
+ NOT-FOR-US: Elkagroup Image Gallery
CVE-2009-1445 (Multiple directory traversal vulnerabilities in WebPortal CMS
0.8-beta ...)
- TODO: check
+ NOT-FOR-US: WebPortal CMS
CVE-2009-1444 (PHP remote file inclusion vulnerability in indexk.php in
WebPortal CMS ...)
- TODO: check
+ NOT-FOR-US: WebPortal CMS
CVE-2009-1443 (Multiple unspecified vulnerabilities in the Server component in
OCS ...)
- TODO: check
+ NOT-FOR-US: OCS Inventory NG
CVE-2009-1442
RESERVED
CVE-2009-1441
RESERVED
-CVE-2009-1440 (Incomplete blacklist vulnerability in DownloadListCtrl.cpp in
amule ...)
- TODO: check
CVE-2009-1439 (Buffer overflow in fs/cifs/connect.c in CIFS in the Linux
kernel ...)
TODO: check
CVE-2009-1438 (Integer overflow in the CSoundFile::ReadMed function ...)
TODO: check
CVE-2009-1437 (Stack-based buffer overflow in PortableApps CoolPlayer Portable
(aka ...)
- TODO: check
+ NOT-FOR-US: CoolPlayer
CVE-2009-1436 (The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and ...)
TODO: check
CVE-2009-1435 (NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0
SP1 ...)
- TODO: check
+ NOT-FOR-US: Trend Micro OfficeScan
CVE-2009-1434
RESERVED
CVE-2008-6756 (ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for ...)
@@ -39,7 +37,7 @@
CVE-2008-6753 (SQL injection vulnerability in SilverStripe before 2.2.2 allows
remote ...)
TODO: check
CVE-2009-1433 (SQL injection vulnerability in File::find (filesystem/File.php)
in ...)
- TODO: check
+ NOT-FOR-US: SilverStripe
CVE-2009-1432
RESERVED
CVE-2009-1431
@@ -77,11 +75,11 @@
CVE-2009-1415
RESERVED
CVE-2009-1414 (Google Chrome 2.0.x lets modifications to the global object
persist ...)
- TODO: check
+ - chromium <itp> (bug #520324)
CVE-2009-1413 (Google Chrome 1.0.x does not cancel timeouts upon a page
transition, ...)
- TODO: check
+ - chromium <itp> (bug #520324)
CVE-2009-1412 (Argument injection vulnerability in the chromehtml: protocol
handler ...)
- TODO: check
+ - chromium <itp> (bug #520324)
CVE-2009-XXXX [iodine: DoS against iodined triggerable by authenticated users]
- iodine <unfixed> (low)
[lenny] - iodine <no-dsa> (Maintainer will fix it in next stable point
update)
@@ -262,9 +260,8 @@
CVE-2009-1358 (apt-get in apt before 0.7.21 does not check for the correct
error code ...)
{DSA-1779-1}
- apt 0.7.21 (bug #433091)
-CVE-2009-XXXX [amule improper path sanitization]
+CVE-2009-1440 (Incomplete blacklist vulnerability in DownloadListCtrl.cpp in
amule ...)
- amule <unfixed> (low; bug #525078)
- NOTE: CVE id requested
CVE-2009-1348
RESERVED
CVE-2009-1347 (Multiple SQL injection vulnerabilities in stats/index.php in
chCounter ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
