[Secure-testing-commits] r6235 - data/CVE

fw at alioth.debian.org fw at alioth.debian.org
Sat Aug 4 12:02:45 UTC 2007


Author: fw
Date: 2007-08-04 12:02:45 +0000 (Sat, 04 Aug 2007)
New Revision: 6235

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-08-04 12:02:22 UTC (rev 6234)
+++ data/CVE/list	2007-08-04 12:02:45 UTC (rev 6235)
@@ -1288,15 +1288,15 @@
 CVE-2006-7218 (eZ publish before 3.8.1 does not properly enforce permissions for ...)
 	- ezpublish <not-affected> (Debian's version is too old)
 CVE-2006-7217 (Apache Derby before 10.2.1.6 does not determine schema privilege ...)
-	TODO: check
+	NOT-FOR-US: Apache Derby
 CVE-2006-7216 (Apache Derby before 10.2.1.6 does not determine privilege requirements ...)
-	TODO: check
+	NOT-FOR-US: Apache Derby
 CVE-2006-7215 (The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop ...)
-	TODO: check
+	NOT-FOR-US: Intel processor
 CVE-2005-4859 (mimicboard2 (Mimic2) 086 and earlier stores sensitive information ...)
-	TODO: check
+	NOT-FOR-US: mimicboard2
 CVE-2005-4858 (Multiple cross-site scripting (XSS) vulnerabilities in mimic2.cgi in ...)
-	TODO: check
+	NOT-FOR-US: mimicboard2
 CVE-2005-4857 (eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and ...)
 	- ezpublish <not-affected> (Debian's version is too old)
 CVE-2005-4856 (The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, ...)
@@ -1314,7 +1314,7 @@
 CVE-2005-4850 (eZ publish 3.5 through 3.7 before 20050608 requires both edit and ...)
 	TODO: check
 CVE-2005-4849 (Apache Derby before 10.1.2.1 exposes the (1) user and (2) password ...)
-	TODO: check
+	NOT-FOR-US: Apache Derby
 CVE-2004-2682 (PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which ...)
 	- matrixssl 1.1-1
 CVE-2004-2681 (PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely ...)
@@ -13784,21 +13784,21 @@
 CVE-2006-5279
 	RESERVED
 CVE-2006-5278 (Integer overflow in the Real-Time Information Server (RIS) Data ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2006-5277 (Off-by-one error in the Certificate Trust List (CTL) Provider service ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2006-5276 (Stack-based buffer overflow in the DCE/RPC preprocessor in Snort ...)
 	- snort <not-affected> (snort versions 2.3.x do not contain the DCE RPC preprocessor)
 CVE-2006-5275
 	RESERVED
 CVE-2006-5274 (Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2006-5273 (Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2006-5272 (Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2006-5271 (Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2006-5270 (Integer overflow in the Microsoft Malware Protection Engine ...)
 	NOT-FOR-US: Microsoft
 CVE-2006-5269
@@ -16275,7 +16275,7 @@
 CVE-2006-4184 (SmartLine DeviceLock before 5.73 Build 305 does not properly enforce ...)
 	NOT-FOR-US: SmartLine DeviceLock
 CVE-2006-4183 (Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-4182 (Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions ...)
 	{DSA-1196-1}
 	- clamav 0.88.5-1 (high; bug #393445)




More information about the Secure-testing-commits mailing list