[Secure-testing-commits] r13796 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Wed Jan 13 05:13:20 UTC 2010
Author: geissert
Date: 2010-01-13 05:13:13 +0000 (Wed, 13 Jan 2010)
New Revision: 13796
Modified:
data/CVE/list
Log:
new acidbase and pidgin issues, mediawiki CVEified, NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-01-13 04:46:35 UTC (rev 13795)
+++ data/CVE/list 2010-01-13 05:13:13 UTC (rev 13796)
@@ -1,11 +1,12 @@
CVE-2010-0277 (slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and ...)
+ - pidgin <unfixed>
TODO: check
CVE-2010-0276 (IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus iNotes
CVE-2010-0275 (Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus iNotes
CVE-2010-0274 (Unspecified vulnerability in the Edit Contact scene in Ultra-light ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus iNotes
CVE-2010-0273 (Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 ...)
TODO: check
CVE-2010-0272 (Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 ...)
@@ -95,43 +96,45 @@
CVE-2010-0230
RESERVED
CVE-2010-0229 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash ...)
- TODO: check
+ NOT-FOR-US: Verbatim Corporate Secure
CVE-2010-0228 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash ...)
- TODO: check
+ NOT-FOR-US: Verbatim Corporate Secure
CVE-2010-0227 (Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash ...)
- TODO: check
+ NOT-FOR-US: Verbatim Corporate Secure
CVE-2010-0226 (SanDisk Cruzer Enterprise USB flash drives do not prevent password ...)
- TODO: check
+ NOT-FOR-US: SanDisk Cruzer Enterprise USB flash drives
CVE-2010-0225 (SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for ...)
- TODO: check
+ NOT-FOR-US: SanDisk Cruzer Enterprise USB flash drives
CVE-2010-0224 (SanDisk Cruzer Enterprise USB flash drives validate passwords with a ...)
- TODO: check
+ NOT-FOR-US: SanDisk Cruzer Enterprise USB flash drives
CVE-2010-0223 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy ...)
- TODO: check
+ NOT-FOR-US: Kingston USB flash drives
CVE-2010-0222 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy ...)
- TODO: check
+ NOT-FOR-US: Kingston USB flash drives
CVE-2010-0221 (Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy ...)
- TODO: check
+ NOT-FOR-US: Kingston USB flash drives
CVE-2010-0220 (The nsObserverList::FillObserverArray function in ...)
TODO: check
CVE-2009-4594 (Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus iNotes
CVE-2009-4593 (The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not ...)
- TODO: check
+ NOT-FOR-US: Bftpd
CVE-2009-4592 (Unspecified vulnerability in base_local_rules.php in Basic Analysis ...)
+ - acidbase 1.4.4-1
TODO: check
CVE-2009-4591 (SQL injection vulnerability in Basic Analysis and Security Engine ...)
+ - acidbase 1.4.4-1
TODO: check
CVE-2009-4590 (Cross-site scripting (XSS) vulnerability in base_local_rules.php in ...)
+ - acidbase 1.4.4-1
TODO: check
-CVE-2009-4589 (Cross-site scripting (XSS) vulnerability in the Special:Block ...)
- TODO: check
CVE-2009-4588 (Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control ...)
- TODO: check
+ NOT-FOR-US: AwingSoft Awakening
CVE-2009-4587 (Cherokee Web Server 0.5.4 allows remote attackers to cause a denial of ...)
TODO: check
+ NOTE: looks like a windows-specific issue
CVE-2009-4586 (Multiple cross-site scripting (XSS) vulnerabilities in index.html in ...)
- TODO: check
+ NOT-FOR-US: Wowd client
CVE-2010-0219
RESERVED
CVE-2010-0218
@@ -7075,7 +7078,7 @@
- movabletype-opensource 4.2.6.1-1 (low; bug #537935)
[lenny] - movabletype-opensource <no-dsa> (Minor information disclosure)
TODO: next point update: [lenny] - movabletype-opensource 4.2.3-1+lenny1
-CVE-2009-XXXX [mediawiki: XSS via specialblock]
+CVE-2009-4589 [mediawiki: XSS via specialblock]
- mediawiki 1:1.15.0-1.1 (low; bug #537634)
- mediawiki1.7 <removed>
[etch] - mediawiki <not-affected> (metapackage)
More information about the Secure-testing-commits
mailing list