[Secure-testing-commits] r14196 - data/CVE

Kees Cook kees at alioth.debian.org
Sat Mar 6 18:19:18 UTC 2010 

Author: kees
Date: 2010-03-06 18:19:18 +0000 (Sat, 06 Mar 2010)
New Revision: 14196

Modified:
   data/CVE/list
Log:
NFUs: 42

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-03-06 16:08:54 UTC (rev 14195)
+++ data/CVE/list	2010-03-06 18:19:18 UTC (rev 14196)
@@ -1,3 +1,43 @@
+CVE-2010-0935
+	NOT-FOR-US: Perforce Server
+CVE-2010-0934
+	NOT-FOR-US: Perforce Server
+CVE-2010-0933
+	NOT-FOR-US: Perforce Server
+CVE-2010-0932
+	NOT-FOR-US: Perforce Server
+CVE-2010-0931
+	NOT-FOR-US: Perforce Server
+CVE-2010-0930
+	NOT-FOR-US: Perforce Server
+CVE-2010-0929
+	NOT-FOR-US: Perforce Server
+CVE-2010-0927
+	NOT-FOR-US: IBM Lotus Domino
+CVE-2009-4676
+	NOT-FOR-US: JetCast.exe
+CVE-2009-4675
+	NOT-FOR-US: Mole Group Gastro Portal
+CVE-2009-4674
+	NOT-FOR-US: Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket
+CVE-2009-4673
+	NOT-FOR-US: Mole Group Adult Portal Script
+CVE-2009-4672
+	NOT-FOR-US: WP-Lytebox plugin for WordPress
+CVE-2009-4671
+	NOT-FOR-US: RoomPHPlanning
+CVE-2009-4670
+	NOT-FOR-US: RoomPHPlanning
+CVE-2009-4669
+	NOT-FOR-US: RoomPHPlanning
+CVE-2009-4668
+	NOT-FOR-US: JetCast.exe
+CVE-2009-4667
+	NOT-FOR-US: WebMember
+CVE-2009-4666
+	NOT-FOR-US: Webradev Download Protect
+CVE-2009-4665
+	NOT-FOR-US: Cute Editor
 CVE-2010-0925 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 ...)
 	NOT-FOR-US: Apple Safari
 CVE-2010-0924 (cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 ...)
@@ -204,21 +244,21 @@
 CVE-2009-4664 (Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, ...)
 	TODO: check
 CVE-2009-4663 (Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX ...)
-	TODO: check
+	NOT-FOR-US: Quiksoft EasyMail Objects
 CVE-2009-4662 (Cross-site scripting (XSS) vulnerability in the WebAccess component in ...)
-	TODO: check
+	NOT-FOR-US: Novell GroupWise
 CVE-2009-4661 (Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow ...)
-	TODO: check
+	NOT-FOR-US: BigAnt Server
 CVE-2009-4660 (Stack-based buffer overflow in the AntServer Module (AntServer.exe) in ...)
-	TODO: check
+	NOT-FOR-US: BigAnt IM Server
 CVE-2009-4659 (Unspecified vulnerability in MP3-Cutter Ease Audio Cutter 1.20 allows ...)
-	TODO: check
+	NOT-FOR-US: MP3-Cutter Ease Audio Cutter
 CVE-2009-4658 (Xerver 4.32 allows remote authenticated users to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: Xerver
 CVE-2009-4657 (The administrator package for Xerver 4.32 does not require ...)
-	TODO: check
+	NOT-FOR-US: Xerver
 CVE-2009-4656 (Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including ...)
-	TODO: check
+	NOT-FOR-US: E-Soft DJ Studio Pro
 CVE-2010-XXXX [openssl power supply fluctuation fault-based key disclosure]
 	- openssl <unfixed> (low)
 	NOTE: http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf
@@ -346,7 +386,7 @@
 CVE-2010-0767
 	RESERVED
 CVE-2010-0766 (Integer overflow in the Swap4 function in valet4.dll in Luxology Modo ...)
-	TODO: check
+	NOT-FOR-US: Luxology Modo
 CVE-2010-0765 (fipsForum 2.6 stores sensitive information under the web root with ...)
 	NOT-FOR-US: fipsForum
 CVE-2010-0764 (SQL injection vulnerability in index.php in KuwaitPHP eSmile allows ...)
@@ -795,17 +835,17 @@
 CVE-2010-0593
 	RESERVED
 CVE-2010-0592
-	RESERVED
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2010-0591
-	RESERVED
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2010-0590
-	RESERVED
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2010-0589
 	RESERVED
 CVE-2010-0588
-	RESERVED
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2010-0587
-	RESERVED
+	NOT-FOR-US: Cisco Unified Communications Manager
 CVE-2010-0586
 	RESERVED
 CVE-2010-0585
@@ -833,13 +873,13 @@
 CVE-2010-0574
 	RESERVED
 CVE-2010-0573
-	RESERVED
+	NOT-FOR-US: Cisco Digital Media Player
 CVE-2010-0572
-	RESERVED
+	NOT-FOR-US: Cisco Digital Media Manager
 CVE-2010-0571
-	RESERVED
+	NOT-FOR-US: Cisco Digital Media Manager
 CVE-2010-0570
-	RESERVED
+	NOT-FOR-US: Cisco Digital Media Manager
 CVE-2010-0569 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
 	NOT-FOR-US: Cisco
 CVE-2010-0568 (Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security ...)
@@ -1109,7 +1149,7 @@
 CVE-2010-0484
 	RESERVED
 CVE-2010-0483 (VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-0482
 	RESERVED
 CVE-2010-0481
@@ -6967,7 +7007,7 @@
 CVE-2009-3033 (Buffer overflow in the RunCmd method in the Altiris eXpress NS Console ...)
 	NOT-FOR-US: ActiveX
 CVE-2009-3032
-	RESERVED
+	NOT-FOR-US: Autonomy KeyView
 CVE-2009-3031 (Stack-based buffer overflow in the BrowseAndSaveFile method in the ...)
 	NOT-FOR-US: Symantec Altiris Notification Server
 CVE-2009-3030 (Cross-site scripting (XSS) vulnerability in Symantec ...)
@@ -8023,9 +8063,9 @@
 CVE-2009-2755
 	RESERVED
 CVE-2009-2754
-	RESERVED
+	NOT-FOR-US: Informix Storage Manager
 CVE-2009-2753
-	RESERVED
+	NOT-FOR-US: Informix Storage Manager
 CVE-2009-2752 (IBM WebSphere Commerce 7.0 does not properly encrypt data in a ...)
 	NOT-FOR-US: IBM WebSphere Commerce
 CVE-2009-2751 (IBM WebSphere Commerce 7.0 uses the same cryptographic key for session ...)

More information about the Secure-testing-commits mailing list