[Secure-testing-commits] r15717 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Sat Dec 18 23:22:59 UTC 2010
Author: federico-guest
Date: 2010-12-18 23:22:58 +0000 (Sat, 18 Dec 2010)
New Revision: 15717
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-12-18 11:39:03 UTC (rev 15716)
+++ data/CVE/list 2010-12-18 23:22:58 UTC (rev 15717)
@@ -5,35 +5,35 @@
CVE-2010-4554
RESERVED
CVE-2010-4553 (An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4552 (Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4551 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4550 (IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4549 (IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4548 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4547 (IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4546 (IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4545 (IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-4544 (Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2009-5036 (traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2009-5035 (The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2009-5034 (IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2009-5033 (IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2009-5032 (The encrypted e-mail feature in IBM Lotus Notes Traveler before ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2010-XXXX [TYPO3-SA-2010-022]
- typo3-src 4.3.9+dfsg1-1
CVE-2011-0045
@@ -140,7 +140,7 @@
CVE-2010-4516 (Multiple cross-site scripting (XSS) vulnerabilities in the JXtended ...)
TODO: check
CVE-2010-4515 (Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, ...)
- TODO: check
+ NOT-FOR-US: Citrix Web Interface
CVE-2010-4514 (Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx ...)
TODO: check
CVE-2010-4513 (Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS ...)
@@ -525,23 +525,23 @@
CVE-2010-4384 (Array index error in RealNetworks RealPlayer 11.0 through 11.1, ...)
TODO: check
CVE-2010-4383 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-4382 (Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-4381 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-4380 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-4379 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-4378 (The drv2.dll (aka RV20 decompression) module in RealNetworks ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-4377 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-4376 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-4375 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-4374 (The in_mkv plugin in Winamp before 5.6 allows remote attackers to ...)
NOT-FOR-US: Winamp
CVE-2010-4373 (The in_mp4 plugin in Winamp before 5.6 allows remote attackers to ...)
@@ -1214,9 +1214,9 @@
CVE-2010-4110
RESERVED
CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application ...)
- TODO: check
+ NOT-FOR-US: HP Palm webOS
CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support ...)
- TODO: check
+ NOT-FOR-US: HP-UX
CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...)
NOT-FOR-US: HP LaserJet
CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
@@ -1565,67 +1565,67 @@
CVE-2010-3968
RESERVED
CVE-2010-3967 (Untrusted search path vulnerability in Microsoft Windows Movie Maker ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3966 (Untrusted search path vulnerability in Microsoft Windows Server 2008 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3965 (Untrusted search path vulnerability in Windows Media Encoder 9 on ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3964 (Unrestricted file upload vulnerability in the Document Conversions ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office SharePoint Server
CVE-2010-3963 (Buffer overflow in the Routing and Remote Access NDProxy component in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-3961 (The Consent User Interface (UI) in Microsoft Windows Vista SP1 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3960 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3959 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3958
RESERVED
CVE-2010-3957 (Double free vulnerability in the OpenType Font (OTF) driver in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3956 (The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...)
- TODO: check
+ NOT-FOR-US: Microsoft Publisher
CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Publisher
CVE-2010-3953
RESERVED
CVE-2010-3952 (The FlashPix image converter in the graphics filters in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics filters in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2010-3948
RESERVED
CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the graphics ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics filters ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics filters in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2010-3944 (win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3943 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3942 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3941 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3940 (Double free vulnerability in win32k.sys in the kernel-mode drivers in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3939 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3938
RESERVED
CVE-2010-3937 (Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Exchange Server
CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft ...)
NOT-FOR-US: Forefront Unified Access Gateway
CVE-2010-3935
@@ -3254,27 +3254,27 @@
CVE-2010-3349 (Ardour 2.8.11 places a zero-length directory name in the ...)
- ardour 1:2.8.11-2 (low; bug #598282)
CVE-2010-3348 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-3347
RESERVED
CVE-2010-3346 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-3344
RESERVED
CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-3341
RESERVED
CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle objects ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-3339
RESERVED
CVE-2010-3338 (The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and ...)
NOT-FOR-US: Microsoft Office 2007 SP2
CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac ...)
@@ -4202,11 +4202,11 @@
CVE-2010-3000 (Multiple integer overflows in the ParseKnownType function in ...)
NOT-FOR-US: RealPlayer
CVE-2010-2999 (Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-2998 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 and ...)
NOT-FOR-US: RealNetworks RealPlayer
CVE-2010-2997 (Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-2996 (Array index error in RealNetworks RealPlayer 11.0 through 11.1 on ...)
NOT-FOR-US: RealPlayer
CVE-2010-2991 (The IICAClient interface in the ICAClient library in the ICA Client ...)
@@ -4966,7 +4966,7 @@
CVE-2010-2743
RESERVED
CVE-2010-2742 (The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
@@ -5353,7 +5353,7 @@
CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not ...)
NOT-FOR-US: MailEnable
CVE-2010-2579 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
NOT-FOR-US: RealNetworks RealPlayer
CVE-2010-2577 (Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow ...)
@@ -5382,11 +5382,11 @@
CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
NOT-FOR-US: Microsoft PowerPoint
CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter DLL) in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Publisher
CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter ...)
- TODO: check
+ NOT-FOR-US: Microsoft Publisher
CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher ...)
- TODO: check
+ NOT-FOR-US: Microsoft Publisher
CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 ...)
NOT-FOR-US: Microsoft
CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and SP3 and ...)
@@ -11299,7 +11299,7 @@
CVE-2010-0531 (Apple iTunes before 9.1 allows remote attackers to cause a denial of ...)
NOT-FOR-US: Apple iTunes
CVE-2010-0530 (Apple QuickTime before 7.6.9 on Windows sets weak permissions for the ...)
- TODO: check
+ NOT-FOR-US: QuickTime
CVE-2010-0529 (Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before ...)
NOT-FOR-US: Apple QuickTime
CVE-2010-0528 (Apple QuickTime before 7.6.6 on Windows allows remote attackers to ...)
@@ -12565,7 +12565,7 @@
CVE-2010-0126 (Heap-based buffer overflow in an unspecified library in Autonomy ...)
NOT-FOR-US: Autonomy KeyView
CVE-2010-0125 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-0124 (Employee Timeclock Software 0.99 places the database password on the ...)
NOT-FOR-US: Employee Timeclock Software
CVE-2010-0123 (The database backup implementation in Employee Timeclock Software 0.99 ...)
@@ -12573,7 +12573,7 @@
CVE-2010-0122 (Multiple SQL injection vulnerabilities in Employee Timeclock Software ...)
NOT-FOR-US: Employee Timeclock Software
CVE-2010-0121 (The cook codec in RealNetworks RealPlayer 11.0 through 11.1, ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2010-0120 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through ...)
NOT-FOR-US: RealPlayer
CVE-2010-0119 (Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, ...)
More information about the Secure-testing-commits
mailing list