[Secure-testing-commits] r10044 - data/CVE

kees at alioth.debian.org kees at alioth.debian.org
Wed Oct 8 20:21:19 UTC 2008 

Author: kees
Date: 2008-10-08 20:21:18 +0000 (Wed, 08 Oct 2008)
New Revision: 10044

Modified:
   data/CVE/list
Log:
NFUs: 25

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-10-08 20:16:24 UTC (rev 10043)
+++ data/CVE/list	2008-10-08 20:21:18 UTC (rev 10044)
@@ -1,3 +1,25 @@
+CVE-2008-4490
+	NOT-FOR-US: phpAbook
+CVE-2008-4489
+	NOT-FOR-US: Atarone CMS
+CVE-2008-4488
+	NOT-FOR-US: Atarone CMS
+CVE-2008-4487
+	NOT-FOR-US: Atarone CMS
+CVE-2008-4486
+	NOT-FOR-US: SACphp
+CVE-2008-4485
+	NOT-FOR-US: Blue Coat Security Gateway OS
+CVE-2008-4484
+	NOT-FOR-US: Crux Gallery
+CVE-2008-4483
+	NOT-FOR-US: Crux Gallery
+CVE-2008-4481
+	NOT-FOR-US: Redmine
+CVE-2008-4472
+	NOT-FOR-US: LiveUpdate ActiveX
+CVE-2008-4471
+	NOT-FOR-US: DWF Viewer ActiveX
 CVE-2008-4470 (Stack-based buffer overflow in Numark CUE 5.0 rev2 allows ...)
 	NOT-FOR-US: Numark
 CVE-2008-4469 (SQL injection vulnerability in view_cresume.php in Vastal I-Tech ...)
@@ -93,9 +115,9 @@
 CVE-2008-4423 (SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows ...)
 	NOT-FOR-US: Ovidentia
 CVE-2008-4422
-	RESERVED
+	NOT-FOR-US: ** REJECT **
 CVE-2008-4421
-	RESERVED
+	NOT-FOR-US: MetaGauge
 CVE-2008-4420
 	RESERVED
 CVE-2008-4419
@@ -127,7 +149,7 @@
 CVE-2008-4405 (libvirt 0.3.3 relies on files located under subdirectories of ...)
 	TODO: check
 CVE-2008-4404 (The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM ...)
-	TODO: check
+	NOT-FOR-US: IPv6 NDP on IBM zSeries
 CVE-2008-4403 (The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before ...)
 	NOT-FOR-US: Trend Micro OfficeScan
 CVE-2008-4402 (Multiple buffer overflows in CGI modules in the server in Trend Micro ...)
@@ -201,7 +223,7 @@
 CVE-2008-4394
 	RESERVED
 CVE-2008-4393
-	RESERVED
+	NOT-FOR-US: VeriSign Kontiki
 CVE-2008-4392
 	RESERVED
 CVE-2008-4391
@@ -219,7 +241,7 @@
 CVE-2008-4385
 	RESERVED
 CVE-2008-4384
-	RESERVED
+	NOT-FOR-US: LPViewer ActiveX
 CVE-2008-4383 (Stack-based buffer overflow in the Agranet-Emweb embedded management ...)
 	NOT-FOR-US: Agranet-Emweb
 CVE-2008-4382 (Konqueror in KDE 3.5.9 allows remote attackers to cause a denial of ...)
@@ -254,7 +276,7 @@
 CVE-2008-4369 (SQL injection vulnerability in pics.php in Availscript Photo Album ...)
 	NOT-FOR-US: Availscript
 CVE-2008-4368 (The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and ...)
-	TODO: check
+	NOT-FOR-US: Java on OSX
 CVE-2008-4367
 	RESERVED
 CVE-2008-XXXX [liquidsoap: insecure temp file]
@@ -470,7 +492,7 @@
 CVE-2008-4279 (Unspecified vulnerability in the CPU hardware emulation for 64-bit ...)
 	TODO: check
 CVE-2008-4278 (VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows ...)
-	TODO: check
+	NOT-FOR-US: VMWare VirtualCenter
 CVE-2008-4277
 	RESERVED
 CVE-2008-4276
@@ -2109,9 +2131,9 @@
 CVE-2008-3639
 	RESERVED
 CVE-2008-3638 (Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from ...)
-	TODO: check
+	NOT-FOR-US: Mac OSX
 CVE-2008-3637 (The Hash-based Message Authentication Code (HMAC) provider in Java on ...)
-	TODO: check
+	NOT-FOR-US: Mac OSX
 CVE-2008-3636 (Integer overflow in an unspecified third-party driver bundled with ...)
 	NOT-FOR-US: Apple iTunes
 CVE-2008-3635 (Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an ...)
@@ -2300,7 +2322,7 @@
 CVE-2008-3544
 	RESERVED
 CVE-2008-3543
-	RESERVED
+	NOT-FOR-US: HP-UX
 CVE-2008-3542 (Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 ...)
 	NOT-FOR-US: HP Insight Diagnostics
 CVE-2008-3541
@@ -3416,13 +3438,13 @@
 CVE-2008-3064 (Unspecified vulnerability in RealNetworks RealPlayer Enterprise, ...)
 	NOT-FOR-US: RealNetworks RealPlayer Enterprise
 CVE-2008-3063
-	RESERVED
+	NOT-FOR-US: V-webmail
 CVE-2008-3062
 	RESERVED
 CVE-2008-3061
-	RESERVED
+	NOT-FOR-US: V-webmail
 CVE-2008-3060
-	RESERVED
+	NOT-FOR-US: V-webmail
 CVE-2008-3059
 	RESERVED
 CVE-2008-3058
@@ -4758,7 +4780,7 @@
 CVE-2008-2477 (SQL injection vulnerability in index.php in MxBB (aka MX-System) ...)
 	NOT-FOR-US: MxBB (MX-System)
 CVE-2008-2476 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) ...)
-	TODO: check
+	NOT-FOR-US: IPv6 NDP flaw not affecting Linux
 CVE-2008-2475
 	RESERVED
 CVE-2008-2474 (Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit ...)

More information about the Secure-testing-commits mailing list