[Secure-testing-commits] r4281 - data/CVE

Alec Berryman alec-guest at costa.debian.org
Thu Jun 22 20:59:55 UTC 2006 

Author: alec-guest
Date: 2006-06-22 20:59:53 +0000 (Thu, 22 Jun 2006)
New Revision: 4281

Modified:
   data/CVE/list
Log:
NOT-FOR-US


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-06-22 20:57:33 UTC (rev 4280)
+++ data/CVE/list	2006-06-22 20:59:53 UTC (rev 4281)
@@ -147,7 +147,7 @@
 CVE-2006-3011
 	RESERVED
 CVE-2003-1303 (Buffer overflow in the imap_fetch_overview function in the IMAP ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explore
 CVE-2003-1302 (The IMAP functionality in PHP before 4.3.1 allows remote attackers to ...)
 	TODO: check
 CVE-2002-2215 (The imap_header function in the IMAP functionality for PHP before ...)
@@ -580,23 +580,23 @@
 CVE-2006-2806 (The SMTP server in Apache Java Mail Enterprise Server (aka Apache ...)
 	NOT-FOR-US: Apache James
 CVE-2005-2468 (Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and ...)
-	TODO: check
+	NOT-FOR-US: MySQL Eventum
 CVE-2005-2467 (Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum ...)
-	TODO: check
+	NOT-FOR-US: MySQL Eventum
 CVE-2005-2466 (Multiple SQL injection vulnerabilities in the auth_user function in ...)
-	TODO: check
+	NOT-FOR-US: OpenBook 
 CVE-2005-2465 (Cross-site scripting (XSS) vulnerability in pm.php in PCXP/TOPPE CMS ...)
-	TODO: check
+	NOT-FOR-US: PC-EXPERIENCE/TOPPE CMS
 CVE-2005-2464 (login.php in PCXP/TOPPE CMS allows remote attackers to bypass ...)
-	TODO: check
+	NOT-FOR-US: PC-EXPERIENCE/TOPPE CMS
 CVE-2005-2463 (Kayako liveResponse 2.x allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOT-FOR-US: Kayako liveResponse
 CVE-2005-2462 (Kayako liveResponse 2.x, when logging in a user, records the password ...)
-	TODO: check
+	NOT-FOR-US: Kayako liveResponse
 CVE-2005-2461 (Multiple SQL injection vulnerabilities in the calendar feature in ...)
-	TODO: check
+	NOT-FOR-US: Kayako liveResponse
 CVE-2005-2460 (Multiple cross-site scripting (XSS) vulnerabilities in Kayako ...)
-	TODO: check
+	NOT-FOR-US: Kayako liveResponse
 CVE-2006-2842 (** DISPUTED ** ...)
 	- squirrelmail <unfixed> (unimportant)
 	NOTE: Only exploitable with register_globals enabled
@@ -4242,7 +4242,7 @@
 CVE-2006-1314
 	RESERVED
 CVE-2006-1313 (Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on ...)
-	TODO: check
+	NOT-FOR-US: Microsoft JScript
 CVE-2006-1312
 	RESERVED
 CVE-2006-1311
@@ -4532,7 +4532,7 @@
 CVE-2006-1194 (Integer signedness error in the enet_protocol_handle_incoming_commands ...)
 	NOT-FOR-US: Enet lib (Cube, Sauerbraten)
 CVE-2006-1193 (Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Exchange Server
 CVE-2006-1192 (Microsoft Internet Explorer 5.01 through 6 allows remote attackers to ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-1191 (Microsoft Internet Explorer 5.01 through 6 does not always correctly ...)
@@ -4569,7 +4569,7 @@
 CVE-2006-1176
 	RESERVED
 CVE-2006-1175 (The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for ...)
-	TODO: check
+	NOT-FOR-US: WeOnlyDo! SFTP
 CVE-2006-1174 (useradd in shadow-utils before 4.0.3, and possibly other versions ...)
 	- shadow 1:4.0.15-10 (low)
 CVE-2006-1173 (Sendmail before 8.13.7 allows remote attackers to cause a denial of ...)
@@ -8928,14 +8928,14 @@
 CVE-2006-0026
 	RESERVED
 CVE-2006-0025 (Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows Media Player
 CVE-2006-0024 (Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 ...)
 	- flashplugin-nonfree 7.0.61-4 (bug #357038; bug #357105)
 	[sarge] - flashplugin-nonfree <no-dsa> (Only affects proprietary Flash plugin)
 CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and possibly ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0022 (Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft PowerPoint
 CVE-2006-0021 (Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-0020 (An unspecified Microsoft WMF parsing application, as used in Internet ...)
@@ -9914,7 +9914,7 @@
 CVE-2005-3620
 	RESERVED
 CVE-2005-3619 (Cross-site scripting (XSS) vulnerability in the management interface ...)
-	TODO: check
+	NOT-FOR-US: VMware ESX
 CVE-2005-3618
 	RESERVED
 CVE-2005-3617
@@ -16086,7 +16086,7 @@
 CVE-2005-1977
 	RESERVED
 CVE-2005-1976 (Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets ...)
-	TODO: check
+	NOT-FOR-US: Novell NetMail
 CVE-2002-1782 (The default configuration of University of Washington IMAP daemon ...)
 	- uw-imap <unfixed> (bug #315499; low)
 CVE-2002-1781 (Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote ...)

More information about the Secure-testing-commits mailing list