[Secure-testing-commits] r4761 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Sun Sep 24 20:41:34 UTC 2006
Author: stef-guest
Date: 2006-09-24 20:41:32 +0000 (Sun, 24 Sep 2006)
New Revision: 4761
Modified:
data/CVE/list
Log:
some more NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-09-24 20:32:21 UTC (rev 4760)
+++ data/CVE/list 2006-09-24 20:41:32 UTC (rev 4761)
@@ -266,7 +266,7 @@
CVE-2006-4793 (Multiple SQL injection vulnerabilities in icerik.asp in TualBLOG 1.0 ...)
NOT-FOR-US: TualBLOG
CVE-2004-2665 (Unspecified vulnerability in the Address and Routing Parameter Area ...)
- TODO: check
+ NOT-FOR-US: HP-UX
CVE-2006-XXXX [linux-ftpd allows chdir to disallowed directories]
- linux-ftpd 0.17-22 (low; bug #384454)
CVE-2006-XXXX [linux-ftpd does not check return code of setuid]
@@ -3198,11 +3198,11 @@
CVE-2006-3510 (The Remote Data Service Object (RDS.DataControl) in Microsoft Internet ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2006-3509 (Integer overflow in the API for the AirPort wireless driver on Apple ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2006-3508 (Heap-based buffer overflow in the AirPort wireless driver on Apple Mac ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2006-3507 (Multiple stack-based buffer overflows in the AirPort wireless driver ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2006-3506 (Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and ...)
NOT-FOR-US: Mac OS X
CVE-2006-3505 (WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to ...)
@@ -3320,7 +3320,7 @@
CVE-2006-3455
RESERVED
CVE-2006-3454 (Multiple format string vulnerabilities in Symantec AntiVirus Corporate ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2006-3453 (Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers ...)
NOT-FOR-US: Adobe acrobat
CVE-2006-3452 (Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure ...)
@@ -3344,7 +3344,7 @@
CVE-2006-3443 (Untrusted search path vulnerability in Winlogon in Microsoft Windows ...)
NOT-FOR-US: Microsoft
CVE-2006-3442 (Unspecified vulnerability in Pragmatic General Multicast (PGM) in ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-3441 (Buffer overflow in the DNS Client service in Microsoft Windows 2000 ...)
NOT-FOR-US: Microsoft
CVE-2006-3440 (Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP ...)
@@ -5108,6 +5108,7 @@
NOTE: application error
- php5 5.1.6-1 (low)
CVE-2006-2658 (Directory traversal vulnerability in the xsp component in mod_mono in ...)
+ NOTE: maybe this is the same as apache mod_mono?
TODO: check
CVE-2006-2657
REJECTED
@@ -5520,7 +5521,7 @@
CVE-2006-2483 (PHP remote file inclusion vulnerability in cart_content.php in ...)
NOT-FOR-US: Squirrelcart
CVE-2006-2482 (Heap-based buffer overflow in ZipTV for Delphi 7 2006.1.26 and for C++ ...)
- TODO: check
+ NOT-FOR-US: ZipTV
CVE-2006-2481 (VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 ...)
NOT-FOR-US: VMware ESX
CVE-2006-2480 (Format string vulnerability in Dia 0.94 allows user-assisted ...)
@@ -13133,7 +13134,7 @@
CVE-2006-0033 (Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office ...)
NOT-FOR-US: Microsoft
CVE-2006-0032 (Cross-site scripting (XSS) vulnerability in the Indexing Service in ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-0031 (Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, ...)
NOT-FOR-US: Microsoft
CVE-2006-0030 (Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in ...)
@@ -13961,7 +13962,7 @@
CVE-2006-0002 (Unspecified vulnerability in Microsoft Outlook 2000 through 2003, ...)
NOT-FOR-US: Microsoft
CVE-2006-0001 (Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2005-3714 (The network interface for Apple AirPort Express 6.x before Firmware ...)
NOT-FOR-US: Apple AirPort
CVE-2005-3713 (Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows ...)
More information about the Secure-testing-commits
mailing list