[Secure-testing-commits] r14498 - data/CVE

Pedro Ribeiro pedrib-guest at alioth.debian.org
Fri Apr 16 00:29:57 UTC 2010 

Author: pedrib-guest
Date: 2010-04-16 00:29:57 +0000 (Fri, 16 Apr 2010)
New Revision: 14498

Modified:
   data/CVE/list
Log:
several NFUs, cleaned up some solved moin issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-04-15 21:29:17 UTC (rev 14497)
+++ data/CVE/list	2010-04-16 00:29:57 UTC (rev 14498)
@@ -121,7 +121,7 @@
 CVE-2010-1317
 	RESERVED
 CVE-2010-1316 (Multiple stack-based buffer overflows in Tembria Server Monitor before ...)
-	TODO: check
+	NOT-FOR-US: Tembria Server Monitor
 CVE-2010-1315 (Directory traversal vulnerability in weberpcustomer.php in the ...)
 	NOT-FOR-US: Joomla!
 CVE-2010-1314 (Directory traversal vulnerability in the Highslide JS (com_hsconfig) ...)
@@ -306,13 +306,15 @@
 CVE-2010-1242 (Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web ...)
 	NOT-FOR-US: IBM Web Interface for Content Management
 CVE-2010-1241 (Heap-based buffer overflow in the custom heap management system in ...)
-	TODO: check
+	NOT-FOR-US: Acrobat Reader
 CVE-2010-1240 (Adobe Reader 9.3.1 on Windows does not restrict the contents of one ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2010-1239 (Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2010-1238 (MoinMoin 1.7.1 allows remote attackers to bypass the textcha ...)
-	TODO: check
+	- moin 1.9.2-3 (bug #575995; medium)
+	[lenny] - moin 1.7.1-3+lenny4 (bug #575995; medium)
+	NOTE: see http://www.debian.org/security/2010/dsa-2024
 CVE-2009-4764 (Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2007-6735 (NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not ...)
@@ -324,31 +326,31 @@
 CVE-2005-4887 (NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 ...)
 	NOT-FOR-US: Novell NetWare
 CVE-2004-2767 (NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2003-1596 (NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2003-1595 (NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2003-1594 (NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2003-1593 (NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2003-1592 (Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2003-1591 (NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2002-2434 (NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2002-2433 (NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2002-2432 (Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2001-1587 (NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2000-1246 (NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2000-1245 (Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the ...)
-	TODO: check
+	NOT-FOR-US: Novell NetWare
 CVE-2010-1237 (Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to ...)
 	- webkit 1.1.90-1
 	- kdelibs <undetermined>
@@ -584,19 +586,21 @@
 CVE-2010-1143
 	RESERVED
 CVE-2010-1142 (VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; ...)
-	TODO: check
+   NOT-FOR-US: VMware products
 CVE-2010-1141 (VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; ...)
-	TODO: check
+   NOT-FOR-US: VMware products
 CVE-2010-1140 (The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 ...)
-	TODO: check
+   NOT-FOR-US: VMware products
 CVE-2010-1139 (Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware ...)
-	TODO: check
+   NOT-FOR-US: VMware products
 CVE-2010-1138 (The virtual networking stack in VMware Workstation 7.0 before 7.0.1 ...)
-	TODO: check
+   NOT-FOR-US: VMware products
 CVE-2010-1137 (Cross-site scripting (XSS) vulnerability in WebAccess in VMware ...)
 	NOT-FOR-US: VMware Server
 CVE-2009-4762 (MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs ...)
-	TODO: check
+	- moin 1.9.2-1 (bug #569975; medium)
+	[lenny] - moin 1.7.1-3+lenny3 (bug #569975; medium)
+	NOTE: see http://www.debian.org/security/2010/dsa-2014
 CVE-2009-4761 (Stack-based buffer overflow in Mini-stream RM Downloader allows remote ...)
 	NOT-FOR-US: Mini-stream RM Downloader
 CVE-2009-4760 (Winn ASP Guestbook 1.01 Beta stores sensitive information under the ...)

More information about the Secure-testing-commits mailing list