[Secure-testing-commits] r9345 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Jul 16 11:43:28 UTC 2008
Author: nion
Date: 2008-07-16 11:43:27 +0000 (Wed, 16 Jul 2008)
New Revision: 9345
Modified:
data/CVE/list
Log:
NFUs
cveified ffmpeg
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-16 09:33:55 UTC (rev 9344)
+++ data/CVE/list 2008-07-16 11:43:27 UTC (rev 9345)
@@ -1,23 +1,23 @@
CVE-2008-3186 (Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog ...)
- TODO: check
+ NOT-FOR-US: Chipmunk Blog
CVE-2008-3185 (SQL injection vulnerability in index.php in Relative Real Estate ...)
- TODO: check
+ NOT-FOR-US: Relative Real Estate Systems
CVE-2008-3184 (Multiple cross-site scripting (XSS) vulnerabilities in vBulletin ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2008-3183 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: gapicms
CVE-2008-3182 (Stack-based buffer overflow in DAP.exe in Download Accelerator Plus ...)
- TODO: check
+ NOT-FOR-US: Download Accelerator Plus
CVE-2008-3181 (Unrestricted file upload vulnerability in upload.php in ContentNow CMS ...)
- TODO: check
+ NOT-FOR-US: ContentNow CMS
CVE-2008-3180 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: ContentNow CMS
CVE-2008-3179 (Directory traversal vulnerability in website.php in Web 2 Business ...)
- TODO: check
+ NOT-FOR-US: phpDatingClub
CVE-2008-3178 (Unrestricted file upload vulnerability in upload_pictures.php in ...)
- TODO: check
+ NOT-FOR-US: WebXell Editor
CVE-2008-3177 (Sophos virus detection engine 2.75 on Linux and Unix, as used in ...)
- TODO: check
+ NOT-FOR-US: Sophos virus detection engine
CVE-2008-3176
RESERVED
CVE-2008-3175
@@ -25,57 +25,58 @@
CVE-2008-3174
RESERVED
CVE-2008-3173 (Microsoft Internet Explorer allows web sites to set cookies for ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2008-3172 (Opera allows web sites to set cookies for country-specific top-level ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2008-3171 (Apple Safari sends Referer headers containing https URLs to different ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2008-3170 (Apple Safari allows web sites to set cookies for country-specific ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2008-3169 (Multiple heap-based buffer overflows in Empire Server before 4.3.15 ...)
- TODO: check
+ NOT-FOR-US: Empire Server
CVE-2008-3168 (The files utility in Empire Server before 4.3.15 discloses the world ...)
- TODO: check
+ NOT-FOR-US: Empire Server
CVE-2008-3167 (Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin ...)
- TODO: check
+ NOT-FOR-US: BoonEx Dolphin
CVE-2008-3166 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: BoonEx Ray
CVE-2008-3165 (Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a ...)
- TODO: check
+ NOT-FOR-US: fuzzylime
CVE-2008-3164 (Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, ...)
- TODO: check
+ NOT-FOR-US: fuzzylime
CVE-2008-3163 (Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 ...)
- TODO: check
+ NOT-FOR-US: DodosMail
CVE-2008-3162 (Stack-based buffer overflow in the str_read_packet function in ...)
- TODO: check
+ - ffmpeg-debian 0.svn20080206-10 (bug #489965; low)
+ TODO: Check the various embedders in Etch, horray for librification in Lenny
CVE-2008-3161 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: IBM Maximo
CVE-2008-3160 (Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before ...)
- TODO: check
+ NOT-FOR-US: IBM Data ONTAP
CVE-2008-3159 (Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory ...)
- TODO: check
+ NOT-FOR-US: eDirectory
CVE-2008-3158 (Unspecified vulnerability in NWFS.SYS in Novell Client for Windows ...)
- TODO: check
+ NOT-FOR-US: Novell Client for Windows
CVE-2008-3157 (Nortel SIP Multimedia PC Client 4.x MCS5100 and MCS5200 does not limit ...)
- TODO: check
+ NOT-FOR-US: Nortel SIP Multimedia PC Client
CVE-2008-3156 (The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan ...)
- TODO: check
+ NOT-FOR-US: Panda ActiveScan
CVE-2008-3155 (Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in ...)
- TODO: check
+ NOT-FOR-US: Panda ActiveScan
CVE-2008-3154 (SQL injection vulnerability in index.php in WebBlizzard CMS allows ...)
- TODO: check
+ NOT-FOR-US: WebBlizzard CMS
CVE-2008-3153 (SQL injection vulnerability in Triton CMS Pro allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Triton CMS Pro
CVE-2008-3152 (SQL injection vulnerability in directory.php in SmartPPC and SmartPPC ...)
- TODO: check
+ NOT-FOR-US: SmartPPC
CVE-2008-3151 (SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke ...)
- TODO: check
+ NOT-FOR-US: PHP-NUke
CVE-2008-3150 (Directory traversal vulnerability in index.php in Neutrino Atomic ...)
- TODO: check
+ NOT-FOR-US: Neutrino Atomic Edition
CVE-2008-3149 (The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote ...)
- TODO: check
+ NOT-FOR-US: F5 FirePass
CVE-2008-3148 (Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f ...)
- TODO: check
+ NOT-FOR-US: OllyDBG/ImpREC
CVE-2008-3147 (WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) ...)
TODO: check
CVE-2008-3146
@@ -258,11 +259,6 @@
NOT-FOR-US: MyBB
CVE-2008-3069 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB before ...)
NOT-FOR-US: MyBB
-CVE-2008-XXXX [ffmpeg STR demuxer buffer overflow]
- - ffmpeg-debian 0.svn20080206-10 (bug #489965; low)
- NOTE: http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993
- NOTE: CVE id requested
- TODO: Check the various embedders in Etch, horray for librification in Lenny
CVE-2008-3068 (Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, ...)
NOT-FOR-US: Microsoft Crypto API
CVE-2008-3067 (sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when ...)
More information about the Secure-testing-commits
mailing list