[Secure-testing-commits] r2913 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Dec 1 10:25:28 UTC 2005
Author: jmm-guest
Date: 2005-12-01 10:25:23 +0000 (Thu, 01 Dec 2005)
New Revision: 2913
Modified:
data/CVE/list
Log:
otrs CVEfied
inkscape/tmpfile CVEfied
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-01 10:11:15 UTC (rev 2912)
+++ data/CVE/list 2005-12-01 10:25:23 UTC (rev 2913)
@@ -135,61 +135,60 @@
- webmin <unfixed> (bug #341394; medium)
CVE-2005-3911 (Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 ...)
NOT-FOR-US: BosDates
-begin claimed by jmm
CVE-2005-3910 (merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with ...)
- TODO: check
+ NOT-FOR-US: Post Affiliate Pro
CVE-2005-3909 (SQL injection vulnerability in merchants/index.php in Post Affiliate ...)
- TODO: check
+ NOT-FOR-US: Post Affiliate Pro
CVE-2005-3908 (Cross-site scripting (XSS) vulnerability in search.php in ...)
- TODO: check
+ NOT-FOR-US: GhostScripter Amazon Shop
CVE-2005-3907 (Unspecified vulnerability in Java Runtime Environment in Java JDK and ...)
- TODO: check
+ NOT-FOR-US: Sun Java
CVE-2005-3906 (Multiple unspecified vulnerabilities in reflection APIs in Java SDK ...)
- TODO: check
+ NOT-FOR-US: Sun Java
+ TODO: They're speaking of API issues, check whether free JREs are affected
CVE-2005-3905 (Unspecified vulnerability in reflection APIs in Java SDK and JRE ...)
- TODO: check
+ NOT-FOR-US: Sun Java
+ TODO: They're speaking of API issues, check whether free JREs are affected
CVE-2005-3904 (Unspecified vulnerability in Java Management Extensions (JMX) in Java ...)
- TODO: check
+ NOT-FOR-US: Sun Java
CVE-2005-3903
RESERVED
CVE-2005-3902 (Cross-site scripting (XSS) vulnerability in gui/errordocs/index.php in ...)
- TODO: check
+ NOT-FOR-US: Virtual Hosting Control System
CVE-2005-3901 (Macromedia Flash Communication Server MX 1.0 and 1.5 does not ...)
- TODO: check
+ NOT-FOR-US: Flash MX
CVE-2005-3900 (Macromedia Breeze Communication Server and Breeze Live Server does 5.1 ...)
- TODO: check
+ NOT-FOR-US: Macromedia Breeze
CVE-2005-3899 (The automatic update feature in Google Talk allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Google Talk
CVE-2005-3898
REJECTED
- TODO: check
CVE-2005-3897 (Apple Safari 2.0.2 allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2005-3896 (Mozilla allows remote attackers to cause a denial of service (CPU ...)
- TODO: check
+ TODO: File a bug against mozilla
CVE-2005-3895 (Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 ...)
- TODO: check
+ - otrs 2.0.4p01-1 (bug #340352; medium)
CVE-2005-3894 (Multiple cross-site scripting (XSS) vulnerabilities in index.pl in ...)
- TODO: check
+ - otrs 2.0.4p01-1 (bug #340352; medium)
CVE-2005-3893 (Multiple SQL injection vulnerabilities in index.pl in Open Ticket ...)
- TODO: check
+ - otrs 2.0.4p01-1 (bug #340352; medium)
CVE-2005-3892 (Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a ...)
- TODO: check
+ NOT-FOR-US: Gadu-Gadu
CVE-2005-3891 (Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Gadu-Gadu
CVE-2005-3890 (Gadu-Gadu 7.20 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Gadu-Gadu
CVE-2005-3889 (Gadu-Gadu 7.20 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Gadu-Gadu
CVE-2005-3888 (Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Gadu-Gadu
CVE-2005-3887 (Gadu-Gadu 7.20 does not properly handle MS-DOS device names in ...)
- TODO: check
+ NOT-FOR-US: Gadu-Gadu
CVE-2005-3886 (Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and ...)
- TODO: check
+ NOT-FOR-US: Cisco Security Agent
CVE-2005-3885 (The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before ...)
- TODO: check
-end claimed by jmm
+ - inkscape 0.42-1 (bug #321501; low)
CVE-2005-XXXX [drupal: Unspecified XSS]
- drupal 4.5.6-1 (unknown)
CVE-2005-XXXX [drupal: Protect against IE interpretation flaw]
@@ -629,8 +628,6 @@
CVE-2004-2569 (ipmenu 0.0.3 before Debian GNU/Linux ipmenu_0.0.3-5 allows local users ...)
{DSA-907-1}
- ipmenu 0.0.3-5
-CVE-2005-XXXX [Multiple security issues in OTRS]
- - otrs 2.0.4p01-1 (bug #340352; medium)
CVE-2005-XXXX [Unspecified new Real/Helix createProcess() issue, no details yet]
- helix-player <unfixed> (unknown)
NOTE: http://service.real.com/help/faq/security/security111605.html
@@ -4659,8 +4656,6 @@
NOT-FOR-US: Trend Micro InterScan VirusWall
CVE-2005-XXXX [wine: Unsafe use of temporary files in winelauncher]
- wine 0.0.20050830-1 (bug #321470; low)
-CVE-2005-XXXX [inkscape: Unsafe temporary file handling in ps2epsi extension]
- - inkscape 0.42 (bug #321501; low)
CVE-2005-XXXX [DoS to users to prevent usage of showpartial through _hard_ links]
- metamail 2.7-48 (bug #321473; low)
CVE-2005-XXXX [Insecure usage of temporary files in x11perfcomp and other security issues]
More information about the Secure-testing-commits
mailing list