[Secure-testing-commits] r9343 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed Jul 16 09:14:15 UTC 2008 

Author: joeyh
Date: 2008-07-16 09:14:14 +0000 (Wed, 16 Jul 2008)
New Revision: 9343

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-07-16 02:55:22 UTC (rev 9342)
+++ data/CVE/list	2008-07-16 09:14:14 UTC (rev 9343)
@@ -1,3 +1,139 @@
+CVE-2008-3186 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog ...)
+	TODO: check
+CVE-2008-3185 (SQL injection vulnerability in index.php in Relative Real Estate ...)
+	TODO: check
+CVE-2008-3184 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin ...)
+	TODO: check
+CVE-2008-3183 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2008-3182 (Stack-based buffer overflow in DAP.exe in Download Accelerator Plus ...)
+	TODO: check
+CVE-2008-3181 (Unrestricted file upload vulnerability in upload.php in ContentNow CMS ...)
+	TODO: check
+CVE-2008-3180 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2008-3179 (Directory traversal vulnerability in website.php in Web 2 Business ...)
+	TODO: check
+CVE-2008-3178 (Unrestricted file upload vulnerability in upload_pictures.php in ...)
+	TODO: check
+CVE-2008-3177 (Sophos virus detection engine 2.75 on Linux and Unix, as used in ...)
+	TODO: check
+CVE-2008-3176
+	RESERVED
+CVE-2008-3175
+	RESERVED
+CVE-2008-3174
+	RESERVED
+CVE-2008-3173 (Microsoft Internet Explorer allows web sites to set cookies for ...)
+	TODO: check
+CVE-2008-3172 (Opera allows web sites to set cookies for country-specific top-level ...)
+	TODO: check
+CVE-2008-3171 (Apple Safari sends Referer headers containing https URLs to different ...)
+	TODO: check
+CVE-2008-3170 (Apple Safari allows web sites to set cookies for country-specific ...)
+	TODO: check
+CVE-2008-3169 (Multiple heap-based buffer overflows in Empire Server before 4.3.15 ...)
+	TODO: check
+CVE-2008-3168 (The files utility in Empire Server before 4.3.15 discloses the world ...)
+	TODO: check
+CVE-2008-3167 (Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin ...)
+	TODO: check
+CVE-2008-3166 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2008-3165 (Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a ...)
+	TODO: check
+CVE-2008-3164 (Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, ...)
+	TODO: check
+CVE-2008-3163 (Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 ...)
+	TODO: check
+CVE-2008-3162 (Stack-based buffer overflow in the str_read_packet function in ...)
+	TODO: check
+CVE-2008-3161 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2008-3160 (Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before ...)
+	TODO: check
+CVE-2008-3159 (Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory ...)
+	TODO: check
+CVE-2008-3158 (Unspecified vulnerability in NWFS.SYS in Novell Client for Windows ...)
+	TODO: check
+CVE-2008-3157 (Nortel SIP Multimedia PC Client 4.x MCS5100 and MCS5200 does not limit ...)
+	TODO: check
+CVE-2008-3156 (The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan ...)
+	TODO: check
+CVE-2008-3155 (Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in ...)
+	TODO: check
+CVE-2008-3154 (SQL injection vulnerability in index.php in WebBlizzard CMS allows ...)
+	TODO: check
+CVE-2008-3153 (SQL injection vulnerability in Triton CMS Pro allows remote attackers ...)
+	TODO: check
+CVE-2008-3152 (SQL injection vulnerability in directory.php in SmartPPC and SmartPPC ...)
+	TODO: check
+CVE-2008-3151 (SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke ...)
+	TODO: check
+CVE-2008-3150 (Directory traversal vulnerability in index.php in Neutrino Atomic ...)
+	TODO: check
+CVE-2008-3149 (The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote ...)
+	TODO: check
+CVE-2008-3148 (Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f ...)
+	TODO: check
+CVE-2008-3147 (WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) ...)
+	TODO: check
+CVE-2008-3146
+	RESERVED
+CVE-2008-3144
+	RESERVED
+CVE-2008-3143
+	RESERVED
+CVE-2008-3142
+	RESERVED
+CVE-2008-3136 (SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x ...)
+	TODO: check
+CVE-2008-3135 (Soldner Secret Wars 33724 and earlier allows remote attackers to cause ...)
+	TODO: check
+CVE-2008-3134 (Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 ...)
+	TODO: check
+CVE-2008-3133 (SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, ...)
+	TODO: check
+CVE-2008-3132 (SQL injection vulnerability in the beamospetition (com_beamospetition) ...)
+	TODO: check
+CVE-2008-3131 (SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when ...)
+	TODO: check
+CVE-2008-3130 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+	TODO: check
+CVE-2008-3129 (Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta ...)
+	TODO: check
+CVE-2008-3128 (Directory traversal vulnerability in search.php in Pivot 1.40.5 allows ...)
+	TODO: check
+CVE-2008-3127 (PHP remote file inclusion vulnerability in hioxBannerRotate.php in ...)
+	TODO: check
+CVE-2008-3126 (Multiple stack-based buffer overflows in the ServerView web interface ...)
+	TODO: check
+CVE-2008-3125 (SQL injection vulnerability in index.php in Mole Group Lastminute ...)
+	TODO: check
+CVE-2008-3124 (SQL injection vulnerability in index.php in Mole Group Hotel Script ...)
+	TODO: check
+CVE-2008-3123 (SQL injection vulnerability in index.php in Mole Group Real Estate ...)
+	TODO: check
+CVE-2008-3122 (Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) ...)
+	TODO: check
+CVE-2008-3121 (Multiple cross-site scripting (XSS) vulnerabilities in Xerox ...)
+	TODO: check
+CVE-2008-3120 (Directory traversal vulnerability in user_portal.php in Dokeos 1.8.5, ...)
+	TODO: check
+CVE-2008-3119 (SQL injection vulnerability in index.php in DreamPics Builder allows ...)
+	TODO: check
+CVE-2008-3118 (SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier ...)
+	TODO: check
+CVE-2008-3117 (Unrestricted file upload vulnerability in update_profile.php in ...)
+	TODO: check
+CVE-2008-3116 (Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou ...)
+	TODO: check
+CVE-2003-1561 (Opera, probably before 7.50, sends Referer headers containing https:// ...)
+	TODO: check
+CVE-2003-1560 (Netscape 4 sends Referer headers containing https:// URLs in requests ...)
+	TODO: check
+CVE-2003-1559 (Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, ...)
+	TODO: check
 CVE-2008-XXXX [buffer overflow in XAUTHORITY handling in op]
 	- op <not-affected> (not configured with xauth support)
 CVE-2008-XXXX [several issues in last upstream announcement]
@@ -7,6 +143,7 @@
 	NOTE: Upstream advisory states that drupal5 is only affected to a few of the issues
 	NOTE: drupal-4.7 is not mentioned as vulnerable
 CVE-2008-3145 [DoS via injecting a series of malformed packets]
+	RESERVED
 	- wireshark <unfixed> (low)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-04.html
 CVE-2008-3115 (Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and ...)
@@ -574,19 +711,19 @@
 	- gaim 1:2.0.0+fake.1
 	NOTE: gaim is now a transitional package depending on pidgin with its own source package
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=453764
-CVE-2008-3137 [GSM SMS dissector in wireshark allows a DoS]
+CVE-2008-3137 (The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through ...)
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3138 [The (1) PANA and (2) KISMET dissectors in Wireshark allow a DoS]
+CVE-2008-3138 (The (1) PANA and (2) KISMET dissectors in Wireshark (formerly ...)
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3139 [The RTMPT dissector in Wireshark allows a DoS]
+CVE-2008-3139 (The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through ...)
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3140 [The syslog dissector in Wireshark allows a DoS]
+CVE-2008-3140 (The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows ...)
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
-CVE-2008-3141 [The RMI dissector in Wireshark allows a DoS]
+CVE-2008-3141 (Unspecified vulnerability in the RMI dissector in Wireshark (formerly ...)
 	- wireshark 1.0.1-1 (low; bug #488834)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2008-03.html
 CVE-2008-XXXX [dnsmasq crash on renewing non-existent lease]
@@ -1146,100 +1283,100 @@
 	RESERVED
 CVE-2008-2623
 	RESERVED
-CVE-2008-2622
-	RESERVED
-CVE-2008-2621
-	RESERVED
-CVE-2008-2620
-	RESERVED
+CVE-2008-2622 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+	TODO: check
+CVE-2008-2621 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+	TODO: check
+CVE-2008-2620 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+	TODO: check
 CVE-2008-2619
 	RESERVED
-CVE-2008-2618
-	RESERVED
-CVE-2008-2617
-	RESERVED
-CVE-2008-2616
-	RESERVED
-CVE-2008-2615
-	RESERVED
-CVE-2008-2614
-	RESERVED
-CVE-2008-2613
-	RESERVED
-CVE-2008-2612
-	RESERVED
-CVE-2008-2611
-	RESERVED
-CVE-2008-2610
-	RESERVED
-CVE-2008-2609
-	RESERVED
-CVE-2008-2608
-	RESERVED
-CVE-2008-2607
-	RESERVED
-CVE-2008-2606
-	RESERVED
-CVE-2008-2605
-	RESERVED
-CVE-2008-2604
-	RESERVED
-CVE-2008-2603
-	RESERVED
-CVE-2008-2602
-	RESERVED
-CVE-2008-2601
-	RESERVED
-CVE-2008-2600
-	RESERVED
-CVE-2008-2599
-	RESERVED
-CVE-2008-2598
-	RESERVED
-CVE-2008-2597
-	RESERVED
-CVE-2008-2596
-	RESERVED
-CVE-2008-2595
-	RESERVED
-CVE-2008-2594
-	RESERVED
-CVE-2008-2593
-	RESERVED
-CVE-2008-2592
-	RESERVED
-CVE-2008-2591
-	RESERVED
-CVE-2008-2590
-	RESERVED
-CVE-2008-2589
-	RESERVED
+CVE-2008-2618 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+	TODO: check
+CVE-2008-2617 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+	TODO: check
+CVE-2008-2616 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+	TODO: check
+CVE-2008-2615 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
+	TODO: check
+CVE-2008-2614 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
+	TODO: check
+CVE-2008-2613 (Unspecified vulnerability in the Database Scheduler component in ...)
+	TODO: check
+CVE-2008-2612 (Unspecified vulnerability in the Hyperion BI Plus component in Oracle ...)
+	TODO: check
+CVE-2008-2611 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
+	TODO: check
+CVE-2008-2610 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
+	TODO: check
+CVE-2008-2609 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+	TODO: check
+CVE-2008-2608 (Unspecified vulnerability in the Data Pump component in Oracle ...)
+	TODO: check
+CVE-2008-2607 (Unspecified vulnerability in the Advanced Queuing component in Oracle ...)
+	TODO: check
+CVE-2008-2606 (Unspecified vulnerability in the Oracle Application Object Library ...)
+	TODO: check
+CVE-2008-2605 (Unspecified vulnerability in the Authentication component in Oracle ...)
+	TODO: check
+CVE-2008-2604 (Unspecified vulnerability in the Authentication component in Oracle ...)
+	TODO: check
+CVE-2008-2603 (Unspecified vulnerability in the Resource Manager component in Oracle ...)
+	TODO: check
+CVE-2008-2602 (Unspecified vulnerability in the Data Pump component in Oracle ...)
+	TODO: check
+CVE-2008-2601 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+	TODO: check
+CVE-2008-2600 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
+	TODO: check
+CVE-2008-2599 (Unspecified vulnerability in the TimesTen Client/Server component in ...)
+	TODO: check
+CVE-2008-2598 (Unspecified vulnerability in the TimesTen Client/Server component in ...)
+	TODO: check
+CVE-2008-2597 (Unspecified vulnerability in the TimesTen Client/Server component in ...)
+	TODO: check
+CVE-2008-2596 (Unspecified vulnerability in the Mobile Application Server component ...)
+	TODO: check
+CVE-2008-2595 (Unspecified vulnerability in the Oracle Internet Directory component ...)
+	TODO: check
+CVE-2008-2594 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+	TODO: check
+CVE-2008-2593 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+	TODO: check
+CVE-2008-2592 (Unspecified vulnerability ...)
+	TODO: check
+CVE-2008-2591 (Unspecified vulnerability in the Oracle Database Vault component in ...)
+	TODO: check
+CVE-2008-2590 (Unspecified vulnerability in the Instance Management component in ...)
+	TODO: check
+CVE-2008-2589 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
+	TODO: check
 CVE-2008-2588
 	RESERVED
-CVE-2008-2587
-	RESERVED
-CVE-2008-2586
-	RESERVED
-CVE-2008-2585
-	RESERVED
+CVE-2008-2587 (Unspecified vulnerability in the Advanced Replication component in ...)
+	TODO: check
+CVE-2008-2586 (Unspecified vulnerability in the Oracle Application Object Library ...)
+	TODO: check
+CVE-2008-2585 (Unspecified vulnerability in the Oracle Report Manager component in ...)
+	TODO: check
 CVE-2008-2584
 	RESERVED
-CVE-2008-2583
-	RESERVED
-CVE-2008-2582
-	RESERVED
-CVE-2008-2581
-	RESERVED
-CVE-2008-2580
-	RESERVED
-CVE-2008-2579
-	RESERVED
-CVE-2008-2578
-	RESERVED
-CVE-2008-2577
-	RESERVED
-CVE-2008-2576
-	RESERVED
+CVE-2008-2583 (Unspecified vulnerability in the sample Discussion Forum Portlet for ...)
+	TODO: check
+CVE-2008-2582 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+	TODO: check
+CVE-2008-2581 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+	TODO: check
+CVE-2008-2580 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+	TODO: check
+CVE-2008-2579 (Unspecified vulnerability in the WebLogic Server Plugins for Apache, ...)
+	TODO: check
+CVE-2008-2578 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+	TODO: check
+CVE-2008-2577 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+	TODO: check
+CVE-2008-2576 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
+	TODO: check
 CVE-2008-2574 (Unrestricted file upload vulnerability in admin/Editor/imgupload.php ...)
 	NOT-FOR-US: FlashBlog
 CVE-2008-2573 (Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote ...)
@@ -1792,10 +1929,10 @@
 	RESERVED
 CVE-2008-2319
 	RESERVED
-CVE-2008-2318
-	RESERVED
-CVE-2008-2317
-	RESERVED
+CVE-2008-2318 (The WOHyperlink implementation in WebObjects in Apple Xcode tools ...)
+	TODO: check
+CVE-2008-2317 (Unspecified vulnerability in WebCore in Safari on Apple iPhone before ...)
+	TODO: check
 CVE-2008-2316
 	RESERVED
 CVE-2008-2315
@@ -1821,10 +1958,10 @@
 	NOT-FOR-US: Windows issue
 CVE-2008-2305
 	RESERVED
-CVE-2008-2304
-	RESERVED
-CVE-2008-2303
-	RESERVED
+CVE-2008-2304 (Buffer overflow in Apple Core Image Fun House 2.0 and earlier in ...)
+	TODO: check
+CVE-2008-2303 (Integer signedness error in Safari on Apple iPhone before 2.0 and iPod ...)
+	TODO: check
 CVE-2008-2301 (SQL injection vulnerability in Kostenloses Linkmanagementscript allows ...)
 	NOT-FOR-US: Kostenloses Linkmanagementscript
 CVE-2008-2300 (Unspecified vulnerability in Citrix Presentation Server 4.5 and ...)
@@ -2328,7 +2465,7 @@
 CVE-2008-2080 (Stack-based buffer overflow in the Read32s_64 function in ...)
 	NOT-FOR-US: NASA Goddard Space Flight Center Common Data Format (CDF) library
 CVE-2008-2079 (MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, ...)
-	{DSA-1608-1}
+	{DSA-1608-1 DTSA-150-1}
 	- mysql-dfsg-5.0 <unfixed> (low; bug #480292)
 CVE-2008-2078 (Robocode before 1.6.0 allows user-assisted remote attackers to &quot;access ...)
 	- robocode 1.6.0~beta2-1 (low)
@@ -2934,8 +3071,8 @@
 	NOT-FOR-US: Oracle
 CVE-2008-1810
 	RESERVED
-CVE-2008-1809
-	RESERVED
+CVE-2008-1809 (Heap-based buffer overflow in Novell eDirectory 8.7.3 before ...)
+	TODO: check
 CVE-2008-1808 (Multiple off-by-one errors in FreeType2 before 2.3.6 allow ...)
 	{DTSA-139-1}
 	- freetype 2.3.6-1 (low; bug #485841)
@@ -3256,8 +3393,7 @@
 	{DSA-1551-1}
 	- python2.4 2.4.5-2
 	- python2.5 2.5.2-3
-CVE-2008-1678 [apache2 mod_ssl DoS (memory leak)]
-	RESERVED
+CVE-2008-1678 (Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c ...)
 	{DTSA-131-1}
 	- apache2 2.2.8-4
 	[etch] - apache2 <not-affected> (only a problem with openssl 0.9.8f or later)
@@ -3463,12 +3599,12 @@
 	NOT-FOR-US: IBM WebSphere
 CVE-2008-1591 (The pnVarPrepForStore function in PostNuke 0.764 and earlier skips ...)
 	NOT-FOR-US: PostNuke
-CVE-2008-1590
-	RESERVED
-CVE-2008-1589
-	RESERVED
-CVE-2008-1588
-	RESERVED
+CVE-2008-1590 (JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch ...)
+	TODO: check
+CVE-2008-1589 (Safari on Apple iPhone before 2.0 and iPod touch before 2.0 ...)
+	TODO: check
+CVE-2008-1588 (Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows ...)
+	TODO: check
 CVE-2008-1587
 	RESERVED
 CVE-2008-1586
@@ -3778,7 +3914,7 @@
 	RESERVED
 CVE-2008-1455
 	RESERVED
-CVE-2008-1454 (Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, XP SP2 ...)
+CVE-2008-1454 (Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server ...)
 	NOT-FOR-US: Windows issue
 CVE-2008-1453 (The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista ...)
 	NOT-FOR-US: Windows Xp
@@ -7028,9 +7164,9 @@
 	NOT-FOR-US: Microsoft Office
 CVE-2008-0108 (Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File ...)
 	NOT-FOR-US: Microsoft Office
-CVE-2008-0107 (Integer underflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, ...)
+CVE-2008-0107 (Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0106 (Buffer overflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, ...)
+CVE-2008-0106 (Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 ...)
 	NOT-FOR-US: Microsoft SQL Server
 CVE-2008-0105 (Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, ...)
 	NOT-FOR-US: Microsoft Office
@@ -7090,9 +7226,9 @@
 	NOT-FOR-US: Windows
 CVE-2008-0087 (The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2008-0086 (Buffer overflow in the convert function in Microsoft SQL Server 7.0 ...)
+CVE-2008-0086 (Buffer overflow in the convert function in Microsoft SQL Server 2000 ...)
 	NOT-FOR-US: Microsoft SQL Server
-CVE-2008-0085 (Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data ...)
+CVE-2008-0085 (SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine ...)
 	NOT-FOR-US: Microsoft SQL Server
 CVE-2008-0084 (Unspecified vulnerability in the TCP/IP support in Microsoft Windows ...)
 	NOT-FOR-US: Windows

More information about the Secure-testing-commits mailing list