[Secure-testing-commits] r10095 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Wed Oct 15 19:13:18 UTC 2008
Author: stef-guest
Date: 2008-10-15 19:13:17 +0000 (Wed, 15 Oct 2008)
New Revision: 10095
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-15 15:30:07 UTC (rev 10094)
+++ data/CVE/list 2008-10-15 19:13:17 UTC (rev 10095)
@@ -1,7 +1,7 @@
CVE-2008-4557 (plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 ...)
- TODO: check
+ NOT-FOR-US: CuteNews.ru
CVE-2008-4556 (Stack-based buffer overflow in the adm_build_path function in sadmind ...)
- TODO: check
+ NOT-FOR-US: Sun Solstice AdminSuite
CVE-2008-4555 (Stack-based buffer overflow in the push_subg function in parser.y ...)
TODO: check
CVE-2008-4554
@@ -15,11 +15,11 @@
CVE-2008-4550
RESERVED
CVE-2008-4549 (The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ...)
- TODO: check
+ NOT-FOR-US: ImageShack Toolbar ActiveX control
CVE-2008-4548 (Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control ...)
- TODO: check
+ NOT-FOR-US: PTZCamPanelCtrl ActiveX control
CVE-2008-4547 (Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control ...)
- TODO: check
+ NOT-FOR-US: DVRHOST Web CMS
CVE-2008-4546 (Adobe Flash Player 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10 ...)
TODO: check
CVE-2008-4558 (Array index error in VLC media player 0.9.2 allows remote attackers to ...)
@@ -118,11 +118,11 @@
CVE-2008-4482 (The XML parser in Xerces-C++ before 3.0.0 allows context-dependent ...)
- xerces-c2 <unfixed> (low; bug #502102)
CVE-2008-4480 (Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x ...)
- TODO: check
+ NOT-FOR-US: Novell eDirectory
CVE-2008-4479 (Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 ...)
- TODO: check
+ NOT-FOR-US: Novell eDirectory
CVE-2008-4478 (Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 ...)
- TODO: check
+ NOT-FOR-US: Novell eDirectory
CVE-2008-4473
RESERVED
CVE-2008-4502 (Multiple PHP remote file inclusion vulnerabilities in DataFeedFile ...)
@@ -232,7 +232,7 @@
CVE-2008-4442
RESERVED
CVE-2008-4441 (The Marvell driver for the Linksys WAP4400N Wi-Fi access point with ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2008-4439 (PHP remote file inclusion vulnerability in admin/bin/patch.php in ...)
NOT-FOR-US: MartinWood Datafeed Studio
CVE-2008-4438 (Cross-site scripting (XSS) vulnerability in search.php in Datafeed ...)
@@ -329,13 +329,13 @@
CVE-2008-4401
RESERVED
CVE-2008-4400 (Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup ...)
- TODO: check
+ NOT-FOR-US: CA ARCserve Backup
CVE-2008-4399 (Unspecified vulnerability in the database engine service in ...)
- TODO: check
+ NOT-FOR-US: CA ARCserve Backup
CVE-2008-4398 (Unspecified vulnerability in the tape engine service in asdbapi.dll in ...)
- TODO: check
+ NOT-FOR-US: CA ARCserve Backup
CVE-2008-4397 (Directory traversal vulnerability in the RPC interface (asdbapi.dll) ...)
- TODO: check
+ NOT-FOR-US: CA ARCserve Backup
CVE-2008-4396 (Stack-based buffer overflow in Safer Networking FileAlyzer 1.6.0.0 and ...)
NOT-FOR-US: Safer Networking FileAlyzer
CVE-2008-XXXX [ltp: insecure temp file]
@@ -400,7 +400,7 @@
CVE-2008-4386
RESERVED
CVE-2008-4385 (Husdawg, LLC Systems Requirements Lab 3 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: LLC Systems Requirements Lab
CVE-2008-4384 (Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX ...)
NOT-FOR-US: LPViewer ActiveX
CVE-2008-4383 (Stack-based buffer overflow in the Agranet-Emweb embedded management ...)
@@ -1219,11 +1219,11 @@
CVE-2008-4039 (SQL injection vulnerability in index.php in Spice Classifieds allows ...)
NOT-FOR-US: Spice Classifieds
CVE-2008-4038 (Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2008-4037
RESERVED
CVE-2008-4036 (Integer overflow in Memory Manager in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2008-4035
RESERVED
CVE-2008-4034
@@ -1249,15 +1249,15 @@
CVE-2008-4024
RESERVED
CVE-2008-4023 (Active Directory in Microsoft Windows 2000 SP4 does not properly ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2008-4022
RESERVED
CVE-2008-4021
RESERVED
CVE-2008-4020 (Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2008-4019 (Integer overflow in the REPT function in Microsoft Excel 2000 SP3, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2008-4109 (A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before ...)
{DSA-1638-1 CVE-2006-5051}
- openssh 1:4.6p1-1 (low)
@@ -1290,83 +1290,83 @@
CVE-2008-4014
RESERVED
CVE-2008-4013 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-4012 (Unspecified vulnerability in the WebLogic Workshop component in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-4011 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-4010 (Unspecified vulnerability in the WebLogic Workshop component in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-4009 (Unspecified vulnerability in the WebLogic Server component in BEA ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-4008 (Unspecified vulnerability in the WebLogic Server Plugins for Apache ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2008-4007
RESERVED
CVE-2008-4006
RESERVED
CVE-2008-4005 (Unspecified vulnerability in the Oracle Application Express component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-4004 (Unspecified vulnerability in the JDE EnterpriseOne Business Service ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-4003 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-4002 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-4001 (Unspecified vulnerability in the PeopleSoft Enterprise Portal ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-4000 (Unspecified vulnerability in the PeopleTools component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3999
RESERVED
CVE-2008-3998 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3997
RESERVED
CVE-2008-3996 (Unspecified vulnerability in the Change Data Capture component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3995 (Unspecified vulnerability in the Change Data Capture component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3994 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3993 (Unspecified vulnerability in the Oracle Applications Framework ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3992 (Unspecified vulnerability in the Oracle Data Mining component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3991 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3990 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3989 (Unspecified vulnerability in the Oracle Data Mining component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3988 (Unspecified vulnerability in the iSupplier Portal component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3987 (Unspecified vulnerability in the Oracle Discoverer Desktop component ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3986 (Unspecified vulnerability in the Oracle Discoverer Administrator ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3985 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3984 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3983 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3982 (Unspecified vulnerability in the Workspace Manager component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3981
RESERVED
CVE-2008-3980 (Unspecified vulnerability in the Upgrade component in Oracle Database ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3979
RESERVED
CVE-2008-3978
RESERVED
CVE-2008-3977 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3976 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3975 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-3974
RESERVED
CVE-2008-3973
@@ -2669,23 +2669,23 @@
CVE-2008-3480 (Stack-based buffer overflow in the Anzio Web Print Object (WePO) ...)
NOT-FOR-US: Anzio Web Print Object
CVE-2008-3479 (The Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2008-3478
RESERVED
CVE-2008-3477 (Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel
CVE-2008-3476 (Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-3475 (Microsoft Internet Explorer 6 does not properly handle errors ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-3474 (Microsoft Internet Explorer 6 and 7 does not properly determine the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-3473 (Microsoft Internet Explorer 6 and 7 does not properly determine the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-3472 (Microsoft Internet Explorer 6 and 7 does not properly determine the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-3471 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-3470
RESERVED
CVE-2008-3469
@@ -2695,11 +2695,11 @@
CVE-2008-3467
RESERVED
CVE-2008-3466 (Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-3465
RESERVED
CVE-2008-3464 (afd.sys in the Ancillary Function Driver (AFD) component in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-3463
RESERVED
CVE-2008-3462
@@ -4672,9 +4672,9 @@
CVE-2008-2626 (SQL injection vulnerability in comment.asp in Battle Blog 1.25 and ...)
NOT-FOR-US: Battle Blog
CVE-2008-2625 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-2624 (Unspecified vulnerability in the Oracle OLAP component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-2623
RESERVED
CVE-2008-2622 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
@@ -4684,7 +4684,7 @@
CVE-2008-2620 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2008-2619 (Unspecified vulnerability in the Oracle Reports Developer component in ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-2618 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
NOT-FOR-US: Oracle PeopleSoft Enterprise
CVE-2008-2617 (Unspecified vulnerability in the PeopleSoft PeopleTools component in ...)
@@ -4746,7 +4746,7 @@
CVE-2008-2589 (Unspecified vulnerability in the Oracle Portal component in Oracle ...)
NOT-FOR-US: Oracle database
CVE-2008-2588 (Unspecified vulnerability in the Oracle JDeveloper component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2008-2587 (Unspecified vulnerability in the Advanced Replication component in ...)
NOT-FOR-US: Oracle database
CVE-2008-2586 (Unspecified vulnerability in the Oracle Application Object Library ...)
@@ -5465,11 +5465,11 @@
CVE-2008-2253 (Unspecified vulnerability in Microsoft Windows Media Player 11 allows ...)
NOT-FOR-US: Microsoft Windows Media Player
CVE-2008-2252 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-2251 (Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-2250 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-2249
RESERVED
CVE-2008-2248 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) ...)
@@ -7362,7 +7362,7 @@
NOTE: already use source port randomization.
NOTE: Marking non-caching stub resolvers as low since these really should be fixed, but are much less vulnerable than a caching server.
CVE-2008-1446 (Integer overflow in the Internet Printing Protocol (IPP) ISAPI ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2008-1445 (Active Directory on Microsoft Windows 2000 Server SP4, XP Professional ...)
NOT-FOR-US: Microsoft Windows
CVE-2008-1444 (Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on ...)
More information about the Secure-testing-commits
mailing list