[Secure-testing-commits] r15227 - data/CVE
Kees Cook
kees at alioth.debian.org
Sat Aug 28 20:13:56 UTC 2010
Author: kees
Date: 2010-08-28 20:13:55 +0000 (Sat, 28 Aug 2010)
New Revision: 15227
Modified:
data/CVE/list
Log:
NFUs: 87
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-08-28 13:45:39 UTC (rev 15226)
+++ data/CVE/list 2010-08-28 20:13:55 UTC (rev 15227)
@@ -1,3 +1,103 @@
+CVE-2010-3155
+ NOT-FOR-US: Adobe ExtendedScript Toolkit
+CVE-2010-3154
+ NOT-FOR-US: Adobe Extension Manager
+CVE-2010-3153
+ NOT-FOR-US: Adobe InDesign
+CVE-2010-3152
+ NOT-FOR-US: Adobe Illustrator
+CVE-2010-3151
+ NOT-FOR-US: Adobe On Location
+CVE-2010-3150
+ NOT-FOR-US: Adobe Premier Pro
+CVE-2010-3149
+ NOT-FOR-US: Adobe Device Central
+CVE-2010-3148
+ NOT-FOR-US: Microsoft Visio
+CVE-2010-3147
+ NOT-FOR-US: Microsoft Address Book
+CVE-2010-3146
+ NOT-FOR-US: Microsoft Office Groove
+CVE-2010-3145
+ NOT-FOR-US: Microsoft Vista BitLocker
+CVE-2010-3144
+ NOT-FOR-US: Microsoft Internet Connection Signup Wizard
+CVE-2010-3143
+ NOT-FOR-US: Microsoft Windows Contacts
+CVE-2010-3142
+ NOT-FOR-US: Microsoft Office PowerPoint
+CVE-2010-3141
+ NOT-FOR-US: Microsoft Power Point
+CVE-2010-3140
+ NOT-FOR-US: Microsoft Windows Internet Communication Settings
+CVE-2010-3139
+ NOT-FOR-US: Microsoft Windows Progman Group Converter
+CVE-2010-3138
+ NOT-FOR-US: Microsoft Windows Media Player
+CVE-2010-3137
+ NOT-FOR-US: Nullsoft Winamp
+CVE-2010-3136
+ NOT-FOR-US: Skype
+CVE-2010-3135
+ NOT-FOR-US: Cisco Packet Tracer
+CVE-2010-3134
+ NOT-FOR-US: Google Earth
+CVE-2010-3132
+ NOT-FOR-US: Adobe Dreamweaver
+CVE-2010-3130
+ NOT-FOR-US: TechSmith Snagit
+CVE-2010-3129
+ NOT-FOR-US: uTorrent
+CVE-2010-3128
+ NOT-FOR-US: TeamViewer
+CVE-2010-3127
+ NOT-FOR-US: Adobe PhotoShop
+CVE-2010-3126
+ NOT-FOR-US: avast! Free Antivirus version
+CVE-2010-3125
+ NOT-FOR-US: TeamMate Audit Management Software Suite
+CVE-2010-3122
+ NOT-FOR-US: DevonIT thin-client management tool
+CVE-2010-3121
+ NOT-FOR-US: DevonIT thin-client management tool
+CVE-2009-4995
+ NOT-FOR-US: SmarterTools SmarterTrack
+CVE-2009-4994
+ NOT-FOR-US: SmarterTools SmarterTrack
+CVE-2009-4993
+ NOT-FOR-US: LM Starmail Paidmail
+CVE-2009-4992
+ NOT-FOR-US: LM Starmail Paidmail
+CVE-2009-4991
+ NOT-FOR-US: Omnistar Recruiting
+CVE-2009-4990
+ NOT-FOR-US: Webform report module for Drupal
+CVE-2009-4989
+ NOT-FOR-US: AJ Auction Pro OOPD
+CVE-2009-4988
+ NOT-FOR-US: SAP Business One
+CVE-2009-4987
+ NOT-FOR-US: Scripteen Free Image Hosting Script
+CVE-2009-4986
+ NOT-FOR-US: In-Portal
+CVE-2009-4985
+ NOT-FOR-US: Accessories Me PHP Affiliate Script
+CVE-2009-4984
+ NOT-FOR-US: Accessories Me PHP Affiliate Script
+CVE-2009-4983
+ NOT-FOR-US: Silurus Classifieds
+CVE-2009-4982
+ NOT-FOR-US: Irokez CMS
+CVE-2009-4981
+ NOT-FOR-US: Photokorn Gallery
+CVE-2009-4980
+ NOT-FOR-US: Photokorn Gallery
+CVE-2009-4979
+ NOT-FOR-US: Photokorn Gallery
+CVE-2009-4978
+ NOT-FOR-US: MyBackup
+CVE-2009-4977
+ NOT-FOR-US: MyBackup
CVE-2010-3124 [DLL issue and VLC]
- vlc <not-affected> (Windows specific vulnerability)
CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the ...)
@@ -566,45 +666,45 @@
CVE-2010-2883
RESERVED
CVE-2010-2882
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2881
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2880
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2879
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2878
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2877
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2876
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2875
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2874
RESERVED
CVE-2010-2873
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2872
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2871
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2870
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2869
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2868
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2867
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2866
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2865
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2864
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2863
- RESERVED
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-2862 (Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and ...)
NOT-FOR-US: Adobe Reader
CVE-2010-2861 (Multiple directory traversal vulnerabilities in the administrator ...)
@@ -688,13 +788,13 @@
CVE-2010-2841
RESERVED
CVE-2010-2840
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2010-2839
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2010-2838
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2010-2837
- RESERVED
+ NOT-FOR-US: Cisco
CVE-2010-2836
RESERVED
CVE-2010-2835
@@ -785,9 +885,9 @@
CVE-2010-2797
RESERVED
CVE-2010-2796 (Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when ...)
- TODO: check
+ NOT-FOR-US: phpCAS
CVE-2010-2795 (phpCAS before 1.1.2 allows remote authenticated users to hijack ...)
- TODO: check
+ NOT-FOR-US: phpCAS
CVE-2010-2794
RESERVED
CVE-2010-2793
@@ -1033,7 +1133,7 @@
CVE-2010-2712
RESERVED
CVE-2010-2711
- RESERVED
+ NOT-FOR-US: HP MagCloud app
CVE-2010-2710 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
NOT-FOR-US: HP OpenView
CVE-2010-2709 (Stack-based buffer overflow in webappmon.exe in HP OpenView Network ...)
@@ -1878,11 +1978,11 @@
CVE-2010-2363
RESERVED
CVE-2010-2362
- RESERVED
+ NOT-FOR-US: Winny
CVE-2010-2361
- RESERVED
+ NOT-FOR-US: Winny
CVE-2010-2360
- RESERVED
+ NOT-FOR-US: Winny
CVE-2010-2359 (SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com ...)
NOT-FOR-US: eWebquiz
CVE-2010-2358 (PHP remote file inclusion vulnerability in ...)
@@ -2224,7 +2324,7 @@
- libvirt 0.8.3-1 (low)
[lenny] - libvirt <no-dsa> (Minor issue)
CVE-2010-2241 (The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red ...)
- TODO: check
+ NOT-FOR-US: Red Hat Directory Server
CVE-2010-2240 [mm: keep a guard page below a grow-down stack segment]
RESERVED
{DSA-2094-1}
@@ -2631,7 +2731,7 @@
CVE-2010-2077
REJECTED
CVE-2010-2076 (Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before ...)
- TODO: check
+ NOT-FOR-US: Apache CXF
CVE-2010-2075 (UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from ...)
- unrealircd <itp> (bug #515130)
CVE-2010-2074 (istream.c in w3m 0.5.2 and possibly other versions, when ...)
@@ -3312,7 +3412,7 @@
CVE-2010-1809
RESERVED
CVE-2010-1808
- RESERVED
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1807
RESERVED
CVE-2010-1806
@@ -3324,11 +3424,11 @@
CVE-2010-1803
RESERVED
CVE-2010-1802
- RESERVED
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1801
- RESERVED
+ NOT-FOR-US: CoreGraphics
CVE-2010-1800
- RESERVED
+ NOT-FOR-US: CFNetwork
CVE-2010-1799 (Stack-based buffer overflow in the error-logging functionality in ...)
NOT-FOR-US: Apple QuickTime on Windows
CVE-2010-1798
@@ -8426,7 +8526,7 @@
CVE-2010-0135 (Heap-based buffer overflow in the WordPerfect 5.x reader (wosr.dll), ...)
NOT-FOR-US: WordPerfect reader on Windows
CVE-2010-0134 (Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and ...)
- TODO: check
+ NOT-FOR-US: Autonomy KeyView
CVE-2010-0133 (Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 ...)
NOT-FOR-US: SpreadSheet Lotus 123 reader
CVE-2010-0132 (Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 ...)
@@ -8442,7 +8542,7 @@
CVE-2010-0127 (Adobe Shockwave Player before 11.5.7.609 allows remote attackers to ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy ...)
- TODO: check
+ NOT-FOR-US: Autonomy KeyView
CVE-2010-0125
RESERVED
CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the ...)
More information about the Secure-testing-commits
mailing list