[Secure-testing-commits] r10365 - data/CVE
kees at alioth.debian.org
kees at alioth.debian.org
Tue Nov 11 17:24:24 UTC 2008
Author: kees
Date: 2008-11-11 17:24:22 +0000 (Tue, 11 Nov 2008)
New Revision: 10365
Modified:
data/CVE/list
Log:
NFUs: 20
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-11-11 12:41:29 UTC (rev 10364)
+++ data/CVE/list 2008-11-11 17:24:22 UTC (rev 10365)
@@ -1,3 +1,11 @@
+CVE-2008-5035
+ NOT-FOR-US: IBM Hardware Management Console
+CVE-2008-5026
+ NOT-FOR-US: Microsoft
+CVE-2008-5011
+ NOT-FOR-US: IBM Lotus Quickr
+CVE-2008-5009
+ NOT-FOR-US: Sun Solstice X.25
CVE-2008-5025 [kernel: one more hfsplus issue]
- linux-2.6 <unfixed>
- linux-2.6.24 <unfixed>
@@ -13,23 +21,23 @@
CVE-2008-5005 (Multiple stack-based buffer overflows in (1) University of Washington ...)
TODO: check
CVE-2008-5004 (SQL injection vulnerability in genscode.php in myWebland Bloggie Lite ...)
- TODO: check
+ NOT-FOR-US: myWebland Bloggie Lite
CVE-2008-5003 (SQL injection vulnerability in ndetail.php in Shahrood allows remote ...)
- TODO: check
+ NOT-FOR-US: Shahrood
CVE-2008-5002 (Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ...)
- TODO: check
+ NOT-FOR-US: ActiveX
CVE-2008-5001 (Multiple stack-based buffer overflows in multiple functions in ...)
TODO: check
CVE-2008-5000 (SQL injection vulnerability in admin/includes/news.inc.php in PHPX ...)
- TODO: check
+ NOT-FOR-US: PHPX
CVE-2008-4999 (Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Nortel Networks UNIStim IP Phone
CVE-2008-4997 (** DISPUTED ** ...)
- datafreedom-perl <unfixed> (unimportant; bug #496429)
CVE-2008-4996 (** DISPUTED ** ...)
- initramfs-tools <unfixed> (unimportant; bug #496386)
CVE-2008-4992 (The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and ...)
- TODO: check
+ NOT-FOR-US: Sun System Firmware
CVE-2008-XXXX [ClamAV get_unicode_name() off-by-one buffer overflow]
- clamav <unfixed> (bug #505134)
CVE-2008-4991 (SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and ...)
@@ -124,7 +132,7 @@
CVE-2008-4911 (PHP remote file inclusion vulnerability in read.php in Chattaitaliano ...)
NOT-FOR-US: Chattaitaliano Istant-Replay
CVE-2008-4910 (The BasicService in Sun Java Web Start allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Sun Java Web Start
CVE-2008-4909 (Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and ...)
NOT-FOR-US: CompactCMS
CVE-2008-4908 (maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local ...)
@@ -317,7 +325,7 @@
CVE-2008-4832
RESERVED
CVE-2008-4831 (Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ...)
- TODO: check
+ NOT-FOR-US: Adobe ColdFusion
CVE-2008-4830
RESERVED
CVE-2008-4829
@@ -339,7 +347,7 @@
CVE-2008-4821 (Adobe Flash Player 9.0.124.0 and earlier, when a Mozilla browser is ...)
TODO: check
CVE-2008-4820 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...)
- TODO: check
+ NOT-FOR-US: Flash Player ActiveX control
CVE-2008-4819 (Unspecified vulnerability in Adobe Flash Player 9.0.124.0 and earlier ...)
TODO: check
CVE-2008-4818 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player ...)
@@ -347,7 +355,7 @@
CVE-2008-4817 (The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 ...)
TODO: check
CVE-2008-4816 (Unspecified vulnerability in the Download Manager in Adobe Reader ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader on Windows
CVE-2008-4815 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 ...)
TODO: check
CVE-2008-4814 (Unspecified vulnerability in a JavaScript method in Adobe Reader and ...)
@@ -355,7 +363,7 @@
CVE-2008-4813 (Adobe Reader and Acrobat 8.1.2 and earlier allow remote attackers to ...)
TODO: check
CVE-2008-4812 (Array index error in Adobe Reader and Acrobat, and the Explorer ...)
- TODO: check
+ NOT-FOR-US: Adobe Reader Explorer extension
CVE-2008-4811 (The _expand_quoted_text function in libs/Smarty_Compiler.class.php in ...)
- smarty <unfixed> (bug #504328)
- moodle 1.8.2-2 (bug #504345)
@@ -1253,7 +1261,7 @@
CVE-2008-4415
RESERVED
CVE-2008-4414 (Unspecified vulnerability in the AdvFS showfile command in HP Tru64 ...)
- TODO: check
+ NOT-FOR-US: HP Tru64 UNIX
CVE-2008-4413 (Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 ...)
NOT-FOR-US: HP System Management Homepage
CVE-2008-4412 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...)
@@ -1355,7 +1363,7 @@
CVE-2008-4388
RESERVED
CVE-2008-4387
- RESERVED
+ NOT-FOR-US: ActiveX
CVE-2008-4386
RESERVED
CVE-2008-4385 (Husdawg, LLC Systems Requirements Lab 3 allows remote attackers to ...)
@@ -1609,7 +1617,7 @@
CVE-2008-4282
RESERVED
CVE-2008-4281 (Directory traversal vulnerability in VMWare ESXi 3.5 before ...)
- TODO: check
+ NOT-FOR-US: VMWare ESXi
CVE-2008-4280
RESERVED
CVE-2008-4279 (The CPU hardware emulation for 64-bit guest operating systems in ...)
@@ -2602,9 +2610,9 @@
CVE-2008-3869
RESERVED
CVE-2008-3868 (Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 ...)
- TODO: check
+ NOT-FOR-US: Interact
CVE-2008-3867 (SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 ...)
- TODO: check
+ NOT-FOR-US: Interact
CVE-2008-3866
RESERVED
CVE-2008-3865
More information about the Secure-testing-commits
mailing list