[Secure-testing-commits] r15549 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Mon Nov 1 21:04:47 UTC 2010
Author: federico-guest
Date: 2010-11-01 21:04:39 +0000 (Mon, 01 Nov 2010)
New Revision: 15549
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-11-01 20:39:00 UTC (rev 15548)
+++ data/CVE/list 2010-11-01 21:04:39 UTC (rev 15549)
@@ -1,9 +1,9 @@
CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli Provisioning ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli
CVE-2010-XXXX
- weborf 0.12.4-1
CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM console ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli
CVE-2010-4119
RESERVED
CVE-2010-4118
@@ -45,15 +45,15 @@
CVE-2010-4100
RESERVED
CVE-2010-4099 (ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is ...)
- TODO: check
+ NOT-FOR-US: NitroSecurity NitroView
CVE-2010-4098 (monotone before 0.48.1, when configured to allow remote commands, ...)
TODO: check
CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: Aardvark Topsites PHP
CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...)
- TODO: check
+ NOT-FOR-US: Serengeti Systems Incorporated Robo-FTP 3.7.3
CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational Test ...)
- TODO: check
+ NOT-FOR-US: IBM Rational Quality Manager
CVE-2010-4093
RESERVED
CVE-2010-4092
@@ -115,9 +115,9 @@
RESERVED
- otrs2 2.4.9+dfsg1-1
CVE-2010-4070 (Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper ...)
- TODO: check
+ NOT-FOR-US: portmap.exe
CVE-2010-4069 (Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2010-4068 (Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x ...)
TODO: check
CVE-2010-4096 (share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local ...)
@@ -144,15 +144,15 @@
CVE-2010-4058
RESERVED
CVE-2010-4057 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
- TODO: check
+ NOT-FOR-US: IBM solidDB
CVE-2010-4056 (solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform ...)
- TODO: check
+ NOT-FOR-US: IBM solidDB
CVE-2010-4055 (Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 ...)
- TODO: check
+ NOT-FOR-US: IBM solidDB
CVE-2010-4054 (The gs_type2_interpret function in Ghostscript allows remote attackers ...)
- ghostscript <unfixed> (unimportant)
CVE-2010-4053 (Stack-based buffer overflow in an unspecified logging function in ...)
- TODO: check
+ NOT-FOR-US: IBM Informix Dynamic Server
CVE-2010-4052
RESERVED
CVE-2010-4051
@@ -218,19 +218,19 @@
CVE-2010-4030
RESERVED
CVE-2010-4029 (Unspecified vulnerability in HP Storage Essentials before 6.3.0, when ...)
- TODO: check
+ NOT-FOR-US: HP Storage Essentials
CVE-2010-4028 (Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP ...)
- TODO: check
+ NOT-FOR-US: HP LoadRunner
CVE-2010-4027 (Unspecified vulnerability in the camera application in HP Palm webOS ...)
- TODO: check
+ NOT-FOR-US: HP Palm webOS
CVE-2010-4026 (Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 ...)
- TODO: check
+ NOT-FOR-US: HP Palm webOS
CVE-2010-4025 (Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows ...)
- TODO: check
+ NOT-FOR-US: HP Palm webOS
CVE-2010-4024 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: HP Insight Control Power Management
CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control Power ...)
- TODO: check
+ NOT-FOR-US: HP Insight Control Power Management
CVE-2010-4022
RESERVED
CVE-2010-4021
@@ -314,25 +314,25 @@
CVE-2010-3995
RESERVED
CVE-2010-3994 (Cross-site scripting (XSS) vulnerability in HP Version Control ...)
- TODO: check
+ NOT-FOR-US: HP VCRM
CVE-2010-3993 (Unspecified vulnerability in HP Insight Control Server Migration ...)
- TODO: check
+ NOT-FOR-US: HP Insight
CVE-2010-3992 (Unspecified vulnerability in HP Insight Control Server Migration ...)
- TODO: check
+ NOT-FOR-US: HP Insight
CVE-2010-3991 (Cross-site scripting (XSS) vulnerability in HP Insight Control Server ...)
- TODO: check
+ NOT-FOR-US: HP Insight
CVE-2010-3990 (Unspecified vulnerability in HP Virtual Server Environment before 6.2 ...)
- TODO: check
+ NOT-FOR-US: HP Virtual Server Environment
CVE-2010-3989 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
- TODO: check
+ NOT-FOR-US: HP Insight
CVE-2010-3988 (Unspecified vulnerability in HP Insight Control Virtual Machine ...)
- TODO: check
+ NOT-FOR-US: HP Insight
CVE-2010-3987 (Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual ...)
- TODO: check
+ NOT-FOR-US: HP Insight
CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise Manager ...)
- TODO: check
+ NOT-FOR-US: HP VCEM
CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...)
- TODO: check
+ NOT-FOR-US: HP Operations Orchestration
CVE-2010-3984
RESERVED
CVE-2010-3983 (CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote ...)
@@ -953,7 +953,7 @@
{DSA-2121-1}
- typo3-src 4.3.7-1
CVE-2010-3713 (rss.php in UseBB before 1.0.11 does not properly handle forum ...)
- TODO: check
+ NOT-FOR-US: UseBB
CVE-2010-3712 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before ...)
TODO: check
CVE-2010-3711 (libpurple in Pidgin before 2.7.4 does not properly validate the return ...)
@@ -2421,25 +2421,25 @@
- iceape 2.0.7-1
[lenny] - iceape <not-affected> (Only a stub package)
CVE-2010-3165 (Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and ...)
- TODO: check
+ NOT-FOR-US: Yokka NoEditor and others
CVE-2010-3164 (Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and ...)
- TODO: check
+ NOT-FOR-US: Fenrir Sleipnir, Grani
CVE-2010-3163 (Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 ...)
- TODO: check
+ NOT-FOR-US: Fenrir Sleipnir, Grani
CVE-2010-3162 (Untrusted search path vulnerability in Apsaly before 3.74 allows local ...)
- TODO: check
+ NOT-FOR-US: Apsaly
CVE-2010-3161 (Untrusted search path vulnerability in TeraPad before 1.00 allows ...)
- TODO: check
+ NOT-FOR-US: TeraPad
CVE-2010-3160 (Untrusted search path vulnerability in Archive Decoder 1.23 and ...)
- TODO: check
+ NOT-FOR-US: Archive Decoder
CVE-2010-3159 (Untrusted search path vulnerability in Explzh 5.67 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: Explzh
CVE-2010-3158 (Untrusted search path vulnerability in Lhaplus before 1.58 allows ...)
NOT-FOR-US: Lhaplus
CVE-2010-3157 (Untrusted search path vulnerability in XacRett before 50 allows ...)
NOT-FOR-US: XacRett
CVE-2010-3156 (Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows ...)
- TODO: check
+ NOT-FOR-US: K2Editor
CVE-2010-3133 (Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 ...)
- wireshark <not-affected> (Only affects Windows port)
CVE-2010-3131 (Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 ...)
More information about the Secure-testing-commits
mailing list