[Secure-testing-commits] r14065 - data/CVE
Kees Cook
kees at alioth.debian.org
Tue Feb 9 16:16:52 UTC 2010
Author: kees
Date: 2010-02-09 16:16:52 +0000 (Tue, 09 Feb 2010)
New Revision: 14065
Modified:
data/CVE/list
Log:
NFUs: 23
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-09 09:14:38 UTC (rev 14064)
+++ data/CVE/list 2010-02-09 16:16:52 UTC (rev 14065)
@@ -1,9 +1,9 @@
CVE-2010-0559 (The default configuration of Oracle OpenSolaris snv_91 through snv_131 ...)
- TODO: check
+ NOT-FOR-US: Oracle OpenSolaris
CVE-2010-0558 (The default configuration of Oracle OpenSolaris snv_77 through snv_131 ...)
- TODO: check
+ NOT-FOR-US: Oracle OpenSolaris
CVE-2010-0557 (IBM Cognos Express 9.0 allows attackers to obtain unspecified access ...)
- TODO: check
+ NOT-FOR-US: IBM Cognos Express
CVE-2010-0556
RESERVED
CVE-2003-1587 (Cross-site scripting (XSS) vulnerability in LoganPro allows remote ...)
@@ -148,7 +148,7 @@
CVE-2010-0497
RESERVED
CVE-2010-0496 (FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for ...)
- TODO: check
+ NOT-FOR-US: Apple iPhone OS
CVE-2010-0495
RESERVED
CVE-2010-0494
@@ -196,17 +196,17 @@
CVE-2010-0473
RESERVED
CVE-2010-0472 (kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 ...)
- TODO: check
+ NOT-FOR-US: IBM DB2
CVE-2010-0471 (SQL injection vulnerability in the comment submission interface ...)
- TODO: check
+ NOT-FOR-US: Enano CMS
CVE-2010-0470 (Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend ...)
- TODO: check
+ NOT-FOR-US: Comtrend
CVE-2010-0469 (SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, ...)
- TODO: check
+ NOT-FOR-US: Files2Links
CVE-2010-0468 (Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in ...)
- TODO: check
+ NOT-FOR-US: PaperThin CommonSpot Content Server
CVE-2010-0467 (Directory traversal vulnerability in the ccNewsletter ...)
- TODO: check
+ NOT-FOR-US: ccNewsletter component for Joomla!
CVE-2010-XXXX [ocsinventory-server: multiple vulnerabilities]
- ocsinventory-server <unfixed> (unimportant)
NOTE: http://www.openwall.com/lists/oss-security/2010/02/01/4
@@ -256,7 +256,7 @@
CVE-2010-0454 (SQL injection vulnerability in cgi/cgilua.exe/sys/start.htm in ...)
NOT-FOR-US: Publique! CMS
CVE-2010-0453 (The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2010-0452
RESERVED
CVE-2010-0451
@@ -276,13 +276,13 @@
CVE-2010-0444
RESERVED
CVE-2010-0443 (Unspecified vulnerability in Record Management Services (RMS) before ...)
- TODO: check
+ NOT-FOR-US: HP OpenVMS
CVE-2010-0441 (Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, ...)
- asterisk 1:1.6.2.2-1
[lenny] - asterisk <not-affected> (Only affects 1.6.x)
[etch] - asterisk <not-affected> (Only affects 1.6.x)
CVE-2010-0440 (Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in ...)
- TODO: check
+ NOT-FOR-US: Cisco Secure Desktop
CVE-2010-0439
RESERVED
CVE-2010-0438 [OTRS SQL injection]
@@ -910,7 +910,7 @@
CVE-2010-0256
RESERVED
CVE-2010-0255 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-0254
RESERVED
CVE-2010-0253
@@ -1082,7 +1082,7 @@
CVE-2010-0186
RESERVED
CVE-2010-0185 (The default configuration of Adobe ColdFusion 9.0 does not restrict ...)
- TODO: check
+ NOT-FOR-US: Adobe ColdFusion
CVE-2010-0184 (The (1) domainutility and (2) domainutilitycmd components in TIBCO ...)
NOT-FOR-US: TIBCO Domain Utility in TIBCO Runtime Agent
CVE-2010-0183
@@ -1994,7 +1994,7 @@
CVE-2010-0039
RESERVED
CVE-2010-0038 (Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for ...)
- TODO: check
+ NOT-FOR-US: Apple iPhone OS
CVE-2010-0037 (Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 ...)
NOT-FOR-US: Apple Mac OS X
CVE-2010-0036 (Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 ...)
@@ -2458,11 +2458,11 @@
CVE-2009-4186 (Stack consumption vulnerability in Apple Safari 4.0.3 on Windows ...)
NOT-FOR-US: Apple Safari
CVE-2009-4185 (Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in ...)
- TODO: check
+ NOT-FOR-US: HP System Management Homepage
CVE-2009-4184 (Unspecified vulnerability in HP Enterprise Cluster Master Toolkit ...)
- TODO: check
+ NOT-FOR-US: HP Enterprise Cluster Master Toolkit
CVE-2009-4183 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2009-4182 (Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a ...)
NOT-FOR-US: HP Web Jetadmin
CVE-2009-4181 (Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network ...)
@@ -5992,7 +5992,7 @@
CVE-2009-3036
RESERVED
CVE-2009-3035 (The web console in Symantec Altiris Notification Server 6.0.x before ...)
- TODO: check
+ NOT-FOR-US: Symantec Altiris Notification Server
CVE-2009-3034
RESERVED
CVE-2009-3033 (Buffer overflow in the RunCmd method in the Altiris eXpress NS Console ...)
@@ -7050,11 +7050,11 @@
CVE-2009-2753
RESERVED
CVE-2009-2752 (IBM WebSphere Commerce 7.0 does not properly encrypt data in a ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Commerce
CVE-2009-2751 (IBM WebSphere Commerce 7.0 uses the same cryptographic key for session ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Commerce
CVE-2009-2750 (IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Service Registry and Repository
CVE-2009-2749 (Feature Pack for Communications Enabled Applications (CEA) before ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2009-2748
More information about the Secure-testing-commits
mailing list