[Secure-testing-commits] r14839 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Wed Jun 9 21:30:55 UTC 2010
Author: jmm-guest
Date: 2010-06-09 21:30:55 +0000 (Wed, 09 Jun 2010)
New Revision: 14839
Modified:
data/CVE/list
Log:
- another rpm CVE ID
- microsoft patch day
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-09 21:26:56 UTC (rev 14838)
+++ data/CVE/list 2010-06-09 21:30:55 UTC (rev 14839)
@@ -385,7 +385,8 @@
NOTE: Package description reads: "Beanstalkd is meant to be ran in a trusted network,
NOTE: "as it has no authorisation/authentication mechanisms". So this is likely a non-issue
CVE-2010-2059 (lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and ...)
- TODO: check
+ - rpm <unfixed> (bug #584257; unimportant)
+ NOTE: Marking as unimportant since rpm isn't used as a package manager
CVE-2010-2058 (setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable ...)
- prewikka <unfixed> (bug #584469)
CVE-2010-2057
@@ -758,9 +759,9 @@
CVE-2010-1881
RESERVED
CVE-2010-1880 (Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1879 (Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1878 (Directory traversal vulnerability in the OrgChart (com_orgchart) ...)
NOT-FOR-US: com_orgchart component for joomla!
CVE-2010-1877 (SQL injection vulnerability in the JTM Reseller (com_jtm) component ...)
@@ -2309,7 +2310,7 @@
CVE-2010-1298 (Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 ...)
NOT-FOR-US: Pulse CMS
CVE-2010-1297 (Unspecified vulnerability in Adobe Flash Player 9.0.x through 9.0.262 ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash
CVE-2010-1296 (Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow ...)
NOT-FOR-US: Adobe Photoshop CS4
CVE-2010-1295
@@ -2378,45 +2379,45 @@
CVE-2010-1265 (SQL injection vulnerability in Adam Corley dcsFlashGames ...)
NOT-FOR-US: dcsFlashGames
CVE-2010-1264 (Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1263 (Unspecified vulnerability in Microsoft Office XP SP3, Office 2003 SP3, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1262 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1261 (The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1260 (The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1259 (Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1258
RESERVED
CVE-2010-1257 (Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1256 (Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1255 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1254 (The installation for Microsoft Open XML File Format Converter for Mac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1253 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2007 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1252 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1251 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1250 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1249 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1248 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1247 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1246 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-1245 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-XXXX [tcpdf code execution via tcpdf tag]
- moodle <not-affected> (Vulnerable code not present)
- phpmyadmin <not-affected> (Vulnerable code not present)
@@ -3773,17 +3774,17 @@
CVE-2010-XXXX [linux-ftpd: null ptr dereference]
- linux-ftpd <not-affected> (Performs proper length checks, see #572813)
CVE-2010-0824 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-0823 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-0822 (Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-0821 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-0820
RESERVED
CVE-2010-0819 (Unspecified vulnerability in the Windows OpenType Compact Font Format ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-0818
RESERVED
CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...)
@@ -3799,7 +3800,7 @@
CVE-2010-0812 (Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-0811 (Unspecified vulnerability in the Microsoft Internet Explorer 8 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-0810 (The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-0809
@@ -4702,9 +4703,9 @@
CVE-2010-0486 (The WinVerifyTrust function in Authenticode Signature Verification ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-0485 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-0484 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2010-0483 (vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-0482 (The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not ...)
More information about the Secure-testing-commits
mailing list