Author: nion
Date: 2009-01-28 22:27:48 +0000 (Wed, 28 Jan 2009)
New Revision: 11089
Modified:
data/CVE/list
Log:
new gnumeric issue (CVE-2009-0318)
new nautilus-python issue (CVE-2009-0317)
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-01-28 21:57:47 UTC (rev 11088)
+++ data/CVE/list 2009-01-28 22:27:48 UTC (rev 11089)
@@ -1,7 +1,7 @@
CVE-2009-0318 (Untrusted search path vulnerability in the GObject Python
interpreter ...)
- TODO: check
+ - gnumeric <unfixed> (low; bug #513418)
CVE-2009-0317 (Untrusted search path vulnerability in the Python language
bindings ...)
- TODO: check
+ - nautilus-python <unfixed> (low; bug #513419)
CVE-2009-0316 (Untrusted search path vulnerability in the Python module in vim
allows ...)
TODO: check
CVE-2009-0315 (Untrusted search path vulnerability in the Python module in
xchat ...)
@@ -11,7 +11,7 @@
CVE-2009-0313 (winetricks before 20081223 allows local users to overwrite
arbitrary ...)
TODO: check
CVE-2009-0311 (The Backbone service (ftbackbone.exe) in EMC AutoStart before
5.3 SP2 ...)
- TODO: check
+ NOT-FOR-US: EMC AutoStart
CVE-2009-0310
RESERVED
CVE-2009-0309
@@ -25,33 +25,33 @@
CVE-2009-0305
RESERVED
CVE-2009-0304 (The kernel in Sun Solaris 10 and 11 snv_101b allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2009-0303 (Cross-site scripting (XSS) vulnerability in Web Help Desk
before ...)
- TODO: check
+ NOT-FOR-US: Web Help Desk
CVE-2009-0302 (SQL injection vulnerability in the Downloads 8.0 module for
PHP-Nuke, ...)
- TODO: check
+ NOT-FOR-US: PHP-Nuke
CVE-2009-0301 (Multiple insecure method vulnerabilities in the FlexCell.Grid
ActiveX ...)
- TODO: check
+ NOT-FOR-US: FlexCell Grid Control
CVE-2009-0300
REJECTED
CVE-2009-0299 (SQL injection vulnerability in index.php in Groone GLinks 2.1
allows ...)
- TODO: check
+ NOT-FOR-US: Groone GLinks
CVE-2009-0298 (Heap-based buffer overflow in MW6 Technologies Barcode ActiveX
control ...)
- TODO: check
+ NOT-FOR-US: MW6 Technologies Barcode
CVE-2009-0297 (SQL injection vulnerability in login_check.asp in ClickAuction
allows ...)
- TODO: check
+ NOT-FOR-US: ClickAuction
CVE-2009-0296 (SQL injection vulnerability in shop_display_products.php in
Script ...)
- TODO: check
+ NOT-FOR-US: Script Toko Online
CVE-2009-0295 (SQL injection vulnerability in index.php in Information
Technology ...)
- TODO: check
+ NOT-FOR-US: ITLPoll
CVE-2009-0294 (Multiple PHP remote file inclusion vulnerabilities in WB News
2.0.1, ...)
- TODO: check
+ NOT-FOR-US: WB News
CVE-2009-0293 (SQL injection vulnerability in profile_view.php in Wazzum
Dating ...)
- TODO: check
+ NOT-FOR-US: Wazzum Dating Software
CVE-2009-0292 (SQL injection vulnerability in show_cat2.php in SHOP-INET 4
allows ...)
- TODO: check
+ NOT-FOR-US: SHOP-INET
CVE-2009-0291 (Directory traversal vulnerability in fc.php in OpenX 2.6.3
allows ...)
- TODO: check
+ NOT-FOR-US: OpenX
CVE-2009-0290 (Directory traversal vulnerability in common.php in SIR GNUBoard
...)
TODO: check
CVE-2009-0289 (k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote
attackers to ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
