[Secure-testing-commits] r14765 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Fri May 28 21:44:16 UTC 2010
Author: jmm-guest
Date: 2010-05-28 21:44:15 +0000 (Fri, 28 May 2010)
New Revision: 14765
Modified:
data/CVE/list
Log:
new webgui issue
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-05-28 21:38:10 UTC (rev 14764)
+++ data/CVE/list 2010-05-28 21:44:15 UTC (rev 14765)
@@ -1,9 +1,9 @@
CVE-2010-2104 (Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and ...)
- TODO: check
+ NOT-FOR-US: Orbit Downloader
CVE-2010-2103 (Cross-site scripting (XSS) vulnerability in ...)
TODO: check
CVE-2010-2102 (Buffer overflow in Webby Webserver 1.01 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Webby Webserver
CVE-2010-2101 (The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) ...)
- php5 <unfixed> (unimportant)
NOTE: Only triggerable through malicious script
@@ -30,37 +30,37 @@
CVE-2010-2092 (SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier ...)
TODO: check
CVE-2010-2091 (Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 ...)
- TODO: check
+ NOT-FOR-US: Microsoft OWA
CVE-2010-2090 (The npb_protocol_error function in sna V5router64 in IBM ...)
- TODO: check
+ NOT-FOR-US: IBM Communications Server
CVE-2010-2089 (The audioop module in Python 2.7 and 3.2 does not verify the ...)
TODO: check
CVE-2010-2088 (ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted ...)
- TODO: check
+ NOT-FOR-US: Microsoft .NET
CVE-2010-2087 (Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application ...)
- TODO: check
+ NOT-FOR-US: Oracle Mojarra
CVE-2010-2086 (Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application ...)
- TODO: check
+ NOT-FOR-US: Apache MyFaces
CVE-2010-2085 (The default configuration of ASP.NET in Microsoft .NET before 1.1 has ...)
- TODO: check
+ NOT-FOR-US: Microsoft .NET
CVE-2010-2084 (Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property ...)
- TODO: check
+ NOT-FOR-US: Microsoft .NET
CVE-2010-2083 (Microsoft Dynamics GP has a default value of ACCESS for the system ...)
- TODO: check
+ NOT-FOR-US: Microsoft Dynamics GP
CVE-2010-2082 (The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2010-2081
RESERVED
CVE-2010-2080
RESERVED
CVE-2009-4879 (The Identity Server in Novell Access Manager before 3.1 SP1 allows ...)
- TODO: check
+ NOT-FOR-US: Novell Access Manager
CVE-2009-4878 (Unspecified vulnerability in the Administration Console in Novell ...)
- TODO: check
+ NOT-FOR-US: Novell Access Manager
CVE-2009-4877 (Multiple cross-site request forgery (CSRF) vulnerabilities in WebGUI ...)
- TODO: check
+ - webgui 7.7.22-1
CVE-2009-4876 (admin/cikkform.php in Netrix CMS 1.0 allows remote attackers to modify ...)
- TODO: check
+ NOT-FOR-US: Netrix CMS
CVE-2009-4875 (FCKeditor.Java 2.4 allows remote attackers to cause a denial of ...)
TODO: check
CVE-2009-4874 (TalkBack 2.3.14 does not properly restrict access to the edit comment ...)
@@ -68,12 +68,11 @@
CVE-2009-4873 (Stack-based buffer overflow in the HTTP server in Rhino Software ...)
TODO: check
CVE-2010-2079 (DataTrack System 3.5 allows remote attackers to bypass intended ...)
- TODO: check
+ NOT-FOR-US: DataTrack System
CVE-2010-2078 (DataTrack System 3.5 allows remote attackers to list the root ...)
- TODO: check
+ NOT-FOR-US: DataTrack System
CVE-2010-2077
REJECTED
- TODO: check
CVE-2010-2076
RESERVED
CVE-2010-2075
More information about the Secure-testing-commits
mailing list