[Secure-testing-commits] r8150 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Wed Feb 13 16:14:47 UTC 2008 

Author: nion
Date: 2008-02-13 16:14:46 +0000 (Wed, 13 Feb 2008)
New Revision: 8150

Modified:
   data/CVE/list
Log:
NFUs
CVE-2008-0728 fixed in clamav 0.92.1~dfsg-1
CVE-2008-0720 webmin has an itp


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-02-13 14:28:23 UTC (rev 8149)
+++ data/CVE/list	2008-02-13 16:14:46 UTC (rev 8150)
@@ -1,41 +1,41 @@
 CVE-2008-0732 (The init script for Apache Geronimo on SUSE Linux follows symlinks ...)
-	TODO: check
+	NOT-FOR-US: Apache Geronimo
 CVE-2008-0731 (The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not ...)
-	TODO: check
+	NOT-FOR-US: SuSE kernel/apparmor
 CVE-2008-0730 (The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris
 CVE-2008-0729 (Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iPhone
 CVE-2008-0728 (libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown ...)
-	TODO: check
+	- clamav 0.92.1~dfsg-1
 CVE-2008-0727
 	RESERVED
 CVE-2008-0726 (Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2008-0725 (Multiple heap-based buffer overflows in the (1) FTP service and (2) ...)
-	TODO: check
+	NOT-FOR-US: Titan FTP Server
 CVE-2008-0724 (The Everything Development Engine in The Everything Development System ...)
-	TODO: check
+	NOT-FOR-US: The Everything Development System
 CVE-2008-0723 (Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews ...)
-	TODO: check
+	NOT-FOR-US: MyNews
 CVE-2008-0722 (Cross-site scripting (XSS) vulnerability in index.php in Pagetool ...)
-	TODO: check
+	NOT-FOR-US: Pagetool
 CVE-2008-0721 (SQL injection vulnerability in index.php in the Sermon (com_sermon) ...)
-	TODO: check
+	NOT-FOR-US: Sermon component for Mambo
 CVE-2008-0720 (Cross-site scripting (XSS) vulnerability in Webmin 1.370 and 1.390 and ...)
-	TODO: check
+	- webmin <itp> (bug #377948)
 CVE-2008-0719 (SQL injection vulnerability in customer_testimonials.php in the ...)
-	TODO: check
+	NOT-FOR-US: osCommerce Online Merchant
 CVE-2008-0718 (Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris
 CVE-2008-0717 (Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Edge Server
 CVE-2008-0716 (The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 ...)
-	TODO: check
+	NOT-FOR-US: Symantec Altiris Notification Server
 CVE-2008-0715 (Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows ...)
-	TODO: check
+	NOT-FOR-US: ACDSee
 CVE-2008-0714 (SQL injection vulnerability in users.php in Mihalism Multi Host allows ...)
-	TODO: check
+	NOT-FOR-US: Mihalism Multi Host
 CVE-2008-0713
 	RESERVED
 CVE-2008-0712
@@ -57,35 +57,35 @@
 CVE-2008-0704
 	RESERVED
 CVE-2008-0703 (Multiple directory traversal vulnerabilities in sflog! 0.96 allow ...)
-	TODO: check
+	NOT-FOR-US: sflog!
 CVE-2008-0702 (Multiple heap-based buffer overflows in Titan FTP Server 6.03 and ...)
-	TODO: check
+	NOT-FOR-US: Titan FTP Server
 CVE-2008-0701 (ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check ...)
-	TODO: check
+	NOT-FOR-US: Magnolia CE
 CVE-2008-0700 (Cross-site scripting (XSS) vulnerability in search.php in Crux ...)
-	TODO: check
+	NOT-FOR-US: CruxCMS
 CVE-2008-0699 (Unspecified vulnerability in SYSPROC.ADMIN_SP_C in IBM DB2 UDB before ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-0698 (Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-0697 (Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-0696 (IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2008-0695 (SQL injection vulnerability in index.php in BookmarkX script 2007 ...)
-	TODO: check
+	NOT-FOR-US: BookmarkX
 CVE-2008-0694 (Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM OS/400 V5R3M0 and V5R4M0
 CVE-2008-0693 (Stack-based buffer overflow in PQCore.exe in Print Manager Plus 2008 ...)
-	TODO: check
+	NOT-FOR-US: Print Manager Plus
 CVE-2008-0692 (SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and ...)
-	TODO: check
+	NOT-FOR-US: iTechBids
 CVE-2008-0691 (Multiple cross-site scripting (XSS) vulnerabilities in admin_panel.php ...)
-	TODO: check
+	NOT-FOR-US: WP-Footnotes plugin for WordPress
 CVE-2008-0690 (SQL injection vulnerability in index.php in the mosDirectory ...)
-	TODO: check
+	NOT-FOR-US: mosDirectory component for Joomla!
 CVE-2008-0689 (SQL injection vulnerability in index.php in the Marketplace ...)
-	TODO: check
+	NOT-FOR-US: Marketplace component for Joomla!
 CVE-2008-0688 (Cross-site scripting (XSS) vulnerability in catalog.php in Smartscript ...)
 	TODO: check
 CVE-2008-0687 (Cross-site scripting (XSS) vulnerability in ...)

More information about the Secure-testing-commits mailing list