[Secure-testing-commits] r14687 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Thu May 13 01:51:56 UTC 2010 

Author: gilbert-guest
Date: 2010-05-13 01:51:56 +0000 (Thu, 13 May 2010)
New Revision: 14687

Modified:
   data/CVE/list
Log:
NFUs and new issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-05-12 21:14:23 UTC (rev 14686)
+++ data/CVE/list	2010-05-13 01:51:56 UTC (rev 14687)
@@ -11,23 +11,23 @@
 CVE-2010-1919
 	RESERVED
 CVE-2010-1913 (The default configuration of pluginlicense.ini for the ...)
-	TODO: check
+	NOT-FOR-US: Consona
 CVE-2010-1912 (The SdcWebSecureBase interface in tgctlcm.dll in Consona Live ...)
-	TODO: check
+	NOT-FOR-US: Consona
 CVE-2010-1911 (The site-locking implementation in the SdcWebSecureBase interface in ...)
-	TODO: check
+	NOT-FOR-US: Consona
 CVE-2010-1910 (The Forgot Password implementation in Consona Live Assistance, Dynamic ...)
-	TODO: check
+	NOT-FOR-US: Consona
 CVE-2010-1909 (Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX ...)
-	TODO: check
+	NOT-FOR-US: Consona
 CVE-2010-1908 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...)
-	TODO: check
+	NOT-FOR-US: Consona
 CVE-2010-1907 (The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live ...)
-	TODO: check
+	NOT-FOR-US: ConsonA
 CVE-2010-1906 (tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair ...)
-	TODO: check
+	NOT-FOR-US: Consona
 CVE-2010-1905 (Multiple cross-site scripting (XSS) vulnerabilities in Consona Live ...)
-	TODO: check
+	NOT-FOR-US: Consona
 CVE-2010-1904
 	RESERVED
 CVE-2010-1903
@@ -81,19 +81,19 @@
 CVE-2010-1879
 	RESERVED
 CVE-2010-1878 (Directory traversal vulnerability in the OrgChart (com_orgchart) ...)
-	TODO: check
+	NOT-FOR-US: com_orgchart component for joomla!
 CVE-2010-1877 (SQL injection vulnerability in the JTM Reseller (com_jtm) component ...)
-	TODO: check
+	NOT-FOR-US: com_jtm component for joomla!
 CVE-2010-1876 (SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 ...)
-	TODO: check
+	NOT-FOR-US: AJ Shopping Cart
 CVE-2010-1875 (Directory traversal vulnerability in the Real Estate Property ...)
-	TODO: check
+	NOT-FOR-US: com_properties component for joomla!
 CVE-2010-1874 (SQL injection vulnerability in the Real Estate Property ...)
-	TODO: check
+	NOT-FOR-US: com_properties component for joomla!
 CVE-2010-1873 (SQL injection vulnerability in the Jvehicles (com_jvehicles) component ...)
-	TODO: check
+	NOT-FOR-US: com_jvehicles component for joomla!
 CVE-2010-1872 (Cross-site scripting (XSS) vulnerability in cPlayer.php in FlashCard ...)
-	TODO: check
+	NOT-FOR-US: FlashCard
 CVE-2010-1918 (SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and ...)
 	NOT-FOR-US: EFront ask_chat
 CVE-2010-1917 (Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 ...)
@@ -705,7 +705,7 @@
 CVE-2010-1621
 	RESERVED
 CVE-2010-1620 (Integer overflow in the load_iface function in Tools/gdomap.c in ...)
-	TODO: check
+	- gnustep-base <unfixed>
 CVE-2010-1612 (The IBM WebSphere DataPower XML Accelerator XA35, Low Latency ...)
 	NOT-FOR-US: IBM WebSphere DataPower XML Accelerator
 CVE-2010-1611 (Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 ...)
@@ -1146,7 +1146,7 @@
 CVE-2010-1482
 	RESERVED
 CVE-2010-1481 (Cross-site scripting (XSS) vulnerability in the table feature in ...)
-	TODO: check
+	NOT-FOR-US: PmWiki
 CVE-2010-1480 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...)
 	NOT-FOR-US: component for Joomla!
 CVE-2010-1479 (SQL injection vulnerability in the RokModule (com_rokmodule) component ...)
@@ -3044,9 +3044,9 @@
 CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...)
 	NOT-FOR-US: Microsoft SharePoint Server
 CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Outlook Express, Windows Live Mail, and Windows Mail
 CVE-2010-0815 (VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Office
 CVE-2010-0814
 	RESERVED
 CVE-2010-0813
@@ -3254,7 +3254,7 @@
 	- gnutls26 <not-affected> (Fixed before initial release)
 	- gnutls13 1.2.1-1
 CVE-2010-0730 (The MMIO instruction decoder in the Xen hypervisor in the Linux kernel ...)
-	TODO: check
+	- linux-2.6 <not-affected> (redhat-specific issue in the 2.6.18 xen kernel)
 CVE-2010-0729 (A certain Red Hat patch for the Linux kernel in Red Hat Enterprise ...)
 	- linux-2.6 <not-affected> (vulnerability in redhat-specific patch)
 CVE-2010-0728 (smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is ...)

More information about the Secure-testing-commits mailing list