[Secure-testing-commits] r12779 - data/CVE
Kees Cook
kees at alioth.debian.org
Thu Sep 10 05:35:58 UTC 2009
Author: kees
Date: 2009-09-10 05:35:54 +0000 (Thu, 10 Sep 2009)
New Revision: 12779
Modified:
data/CVE/list
Log:
NFUs: 30, fixed: nasm
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-10 04:01:08 UTC (rev 12778)
+++ data/CVE/list 2009-09-10 05:35:54 UTC (rev 12779)
@@ -1,51 +1,51 @@
CVE-2009-3110 (Race condition in the file transfer functionality in Symantec Altiris ...)
- TODO: check
+ NOT-FOR-US: Symantec Altiris Deployment Solution
CVE-2009-3109 (Unspecified vulnerability in the AClient agent in Symantec Altiris ...)
- TODO: check
+ NOT-FOR-US: Symantec Altiris Deployment Solution
CVE-2009-3108 (The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before ...)
- TODO: check
+ NOT-FOR-US: Symantec Altiris Deployment Solution
CVE-2009-3107 (Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 ...)
- TODO: check
+ NOT-FOR-US: Symantec Altiris Deployment Solution
CVE-2009-3106 (The Servlet Engine/Web Container component in IBM WebSphere ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2009-3105 (Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus iNotes
CVE-2009-3104 (Unspecified vulnerability in Symantec Norton AntiVirus 2005 through ...)
- TODO: check
+ NOT-FOR-US: Symantec Norton AntiVirus
CVE-2009-3103 (Array index error in the SMB2 protocol implementation in srv2.sys in ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2009-3102 (The doHotCopy subroutine in socket-server.pl in Zmanda Recovery ...)
- TODO: check
+ NOT-FOR-US: Zmanda Recovery Manager
CVE-2009-3101 (xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and ...)
TODO: check
CVE-2009-3100 (xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, ...)
TODO: check
CVE-2009-3099 (Unspecified vulnerability in HP OpenView Operations Manager 8.1 on ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Operations Manager
CVE-2009-3098 (Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 ...)
- TODO: check
+ NOT-FOR-US: HP Operations Dashboard
CVE-2009-3097 (Multiple unspecified vulnerabilities in HP Performance Insight 5.3 on ...)
TODO: check
CVE-2009-3096 (Multiple unspecified vulnerabilities in HP Performance Insight 5.3 ...)
- TODO: check
+ NOT-FOR-US: HP Performance Insight
CVE-2009-3095 (The mod_proxy_ftp module in the Apache HTTP Server allows remote ...)
TODO: check
CVE-2009-3094 (The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the ...)
TODO: check
CVE-2009-3093 (Unspecified vulnerability on the ASUS WL-500W wireless router has ...)
- TODO: check
+ NOT-FOR-US: ASUS WL-500W
CVE-2009-3092 (Buffer overflow on the ASUS WL-500W wireless router has unknown impact ...)
- TODO: check
+ NOT-FOR-US: ASUS WL-500W
CVE-2009-3091 (Unspecified vulnerability on the ASUS WL-330gE has unknown impact and ...)
- TODO: check
+ NOT-FOR-US: ASUS WL-330gE
CVE-2009-3090 (Unspecified vulnerability in IBM Tivoli Directory Server (TDS) 6.0 on ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Directory Server
CVE-2009-3089 (IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Directory Server
CVE-2009-3088 (Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server ...)
TODO: check
CVE-2009-3087 (Unspecified vulnerability in nserver.exe in the server in IBM Lotus ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2009-3086 (A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x ...)
TODO: check
CVE-2009-3085 (The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not ...)
@@ -57,9 +57,9 @@
CVE-2008-7185 (GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of ...)
TODO: check
CVE-2008-7184 (Cross-site scripting (XSS) vulnerability in Diigo Toolbar and Diigolet ...)
- TODO: check
+ NOT-FOR-US: Diigo Toolbar and Diigolet
CVE-2008-7183 (PHP remote file inclusion vulnerability in eva/index.php in EVA CMS ...)
- TODO: check
+ NOT-FOR-US: EVA CMS
CVE-2009-XXXX [viewvc: XSS and illegal characters while printing name-value pairs]
- viewvc <unfixed> (low; bug #545779)
NOTE: CVE id has been requested
@@ -102,7 +102,7 @@
CVE-2008-7178 (Directory traversal vulnerability in Uploader module 1.1 for XOOPS ...)
NOT-FOR-US: XOOPS
CVE-2008-7177 (Buffer overflow in the listing module in Netwide Assembler (NASM) ...)
- NOT-FOR-US: Netwide Assembler
+ - nasm 2.03.01-1 (low)
CVE-2008-7176 (Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow ...)
NOT-FOR-US: Facil CMS
CVE-2008-7175 (Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in ...)
@@ -1858,7 +1858,7 @@
CVE-2009-2629
RESERVED
CVE-2009-2628 (The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 ...)
- TODO: check
+ NOT-FOR-US: VMware Movie Decoder
CVE-2009-2627 (Insecure method vulnerability in the Acer LunchApp (aka ...)
NOT-FOR-US: Acer LunchApp
CVE-2009-2626
@@ -2132,7 +2132,7 @@
CVE-2009-2520
RESERVED
CVE-2009-2519 (The DHTML Editing Component ActiveX control in Microsoft Windows 2000 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2009-2518
RESERVED
CVE-2009-2517
@@ -2172,9 +2172,9 @@
CVE-2009-2500
RESERVED
CVE-2009-2499 (Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Media Format Runtime
CVE-2009-2498 (Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Media Format Runtime
CVE-2009-2497
RESERVED
CVE-2009-2496 (Heap-based buffer overflow in the Office Web Components ActiveX ...)
@@ -3712,9 +3712,9 @@
CVE-2009-1927
RESERVED
CVE-2009-1926 (Microsoft Windows 2000 SP4, Server 2003 SP2, Vista Gold, SP1, and SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2009-1925 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Vista Gold
CVE-2009-1924 (Integer overflow in the Windows Internet Name Service (WINS) component ...)
NOT-FOR-US: Microsoft Windows
CVE-2009-1923 (Heap-based buffer overflow in the Windows Internet Name Service (WINS) ...)
@@ -3724,7 +3724,7 @@
CVE-2009-1921
RESERVED
CVE-2009-1920 (The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2009-1919 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2009-1918 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 ...)
@@ -6380,7 +6380,7 @@
CVE-2009-1133 (Heap-based buffer overflow in Microsoft Remote Desktop Connection ...)
NOT-FOR-US: Microsoft
CVE-2009-1132 (Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Vista Gold
CVE-2009-1131 (Multiple stack-based buffer overflows in Microsoft Office PowerPoint ...)
NOT-FOR-US: Microsoft
CVE-2009-1130 (Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and ...)
@@ -8506,7 +8506,7 @@
CVE-2009-0628 (Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 ...)
NOT-FOR-US: Cisco IOS
CVE-2009-0627 (Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when ...)
- TODO: check
+ NOT-FOR-US: Cisco NX-OS
CVE-2009-0626 (The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote ...)
NOT-FOR-US: Cisco IOS
CVE-2009-0625 (Unspecified vulnerability in Cisco ACE Application Control Engine ...)
@@ -10069,7 +10069,7 @@
{DSA-1880-1}
- openoffice.org 1:3.1.1~ooo310m15-1
CVE-2009-0199 (Heap-based buffer overflow in the VMnc media codec in vmnc.dll in ...)
- TODO: check
+ NOT-FOR-US: VMware Movie Decoder
CVE-2009-0198 (Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and ...)
NOT-FOR-US: Adobe Reader
CVE-2009-0197 (Integer overflow in the FORMATS Plugin before 4.23 for IrfanView ...)
More information about the Secure-testing-commits
mailing list