[Secure-testing-commits] r15586 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Mon Nov 15 21:16:37 UTC 2010
Author: federico-guest
Date: 2010-11-15 21:16:37 +0000 (Mon, 15 Nov 2010)
New Revision: 15586
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-11-15 21:14:37 UTC (rev 15585)
+++ data/CVE/list 2010-11-15 21:16:37 UTC (rev 15586)
@@ -160,15 +160,15 @@
CVE-2010-4156 (The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through ...)
TODO: check
CVE-2010-4155 (Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 ...)
- TODO: check
+ NOT-FOR-US: eXV2 CMS
CVE-2010-4154 (Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager ...)
TODO: check
CVE-2010-4153 (Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably ...)
- TODO: check
+ NOT-FOR-US: CrossFTP
CVE-2010-4152 (SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, ...)
- TODO: check
+ NOT-FOR-US: 4site CMS
CVE-2010-4151 (SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly ...)
- TODO: check
+ NOT-FOR-US: DeluxeBB
CVE-2010-4150
RESERVED
CVE-2009-5015 (The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 ...)
@@ -309,9 +309,9 @@
CVE-2010-4093
RESERVED
CVE-2010-4092 (Use-after-free vulnerability in an unspecified compatibility component ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4091 (The EScript.api plugin in Adobe Acrobat Reader 9.4.0, 8.1.7, and ...)
- TODO: check
+ NOT-FOR-US: Adobe Acrobat Reader
CVE-2010-4090 (Adobe Shockwave Player before 11.5.9.615 allows attackers to execute ...)
NOT-FOR-US: Adobe Shockwave Player
CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers ...)
@@ -523,7 +523,7 @@
CVE-2010-4007 (Oracle Mojarra uses an encrypted View State without a Message ...)
NOT-FOR-US: Oracle Mojarra
CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN Links ...)
- TODO: check
+ NOT-FOR-US: WSN Links
CVE-2010-4005 (The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and ...)
TODO: check
CVE-2010-4004
@@ -637,7 +637,7 @@
CVE-2010-3963
RESERVED
CVE-2010-3962 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-3961
RESERVED
CVE-2010-3960
@@ -689,7 +689,7 @@
CVE-2010-3937
RESERVED
CVE-2010-3936 (Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Forefront Unified Access Gateway
CVE-2010-3935
RESERVED
CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device Software ...)
@@ -729,13 +729,13 @@
CVE-2010-3917
RESERVED
CVE-2010-3916 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
- TODO: check
+ NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government
CVE-2010-3915 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...)
- TODO: check
+ NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government
CVE-2010-3914 (Untrusted search path vulnerability in VIM Development Group GVim ...)
TODO: check
CVE-2010-3913 (CRLF injection vulnerability in TransWARE Active! mail 6 build ...)
- TODO: check
+ NOT-FOR-US: TransWARE Active! mail
CVE-2010-3912
RESERVED
CVE-2010-3911
@@ -1368,45 +1368,45 @@
CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player before ...)
NOT-FOR-US: Adobe Shockwave
CVE-2010-3652 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3651
RESERVED
CVE-2010-3650 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3649 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3648 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3647 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3646 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3645 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3644 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3643 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3642 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3641 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3640 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3639 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3638 (Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3637 (An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3636 (Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Player
CVE-2010-3635 (Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Media Server
CVE-2010-3634 (Unspecified vulnerability in the edge process in Adobe Flash Media ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Media Server
CVE-2010-3633 (Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash Media Server
CVE-2010-3632 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
NOT-FOR-US: Adobe Reader and Acrobat
CVE-2010-3631 (Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x ...)
@@ -2211,15 +2211,15 @@
CVE-2010-3338
RESERVED
CVE-2010-3337 (Untrusted search path vulnerability in Microsoft Office 2007 SP2 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office 2007 SP2
CVE-2010-3336 (Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office XP SP3
CVE-2010-3335 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office XP SP3
CVE-2010-3334 (Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office XP SP3
CVE-2010-3333 (Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Office
CVE-2010-3332 (Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, ...)
NOT-FOR-US: Microsoft .NET Framework
CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle ...)
@@ -3054,9 +3054,9 @@
CVE-2010-3041
RESERVED
CVE-2010-3040 (Multiple stack-based buffer overflows in agent.exe in Setup Manager in ...)
- TODO: check
+ NOT-FOR-US: Cisco Intelligent Contact Manager
CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2010-3038
RESERVED
CVE-2010-3037
@@ -3910,11 +3910,11 @@
CVE-2010-2735
RESERVED
CVE-2010-2734 (Cross-site scripting (XSS) vulnerability in the mobile portal in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Forefront Unified Access Gateway
CVE-2010-2733 (Cross-site scripting (XSS) vulnerability in the Web Monitor in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Forefront Unified Access Gateway
CVE-2010-2732 (Open redirect vulnerability in the web interface in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft Forefront Unified Access Gateway
CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information Services ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-2730 (Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, ...)
@@ -4161,9 +4161,9 @@
CVE-2010-2637 (IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not ...)
TODO: check
CVE-2010-2636 (Multiple cross-site scripting (XSS) vulnerabilities in sample store ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Commerce
CVE-2010-2635 (SQL injection vulnerability in IBM WebSphere Commerce 6.0 before ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Commerce
CVE-2010-2634 (RSA enVision before 3.7 SP1 allows remote authenticated users to cause ...)
NOT-FOR-US: RSA enVision
CVE-2010-2633 (Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, ...)
@@ -4306,9 +4306,9 @@
CVE-2010-2595 (The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ...)
- tiff <unfixed> (unimportant)
CVE-2010-2573 (Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, ...)
- TODO: check
+ NOT-FOR-US: Microsoft PowerPoint
CVE-2010-2572 (Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft PowerPoint
CVE-2010-2571
RESERVED
CVE-2010-2570
@@ -9454,13 +9454,13 @@
NOTE: https://bugzilla.samba.org/show_bug.cgi?id=6853
NOTE: Initial DSA released as CVE-2009-3297
CVE-2010-0786 (The Web Services Security component in IBM WebSphere Application ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application
CVE-2010-0785 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2010-0784 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2010-0783 (Cross-site scripting (XSS) vulnerability in the Administrative Console ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2010-0782 (IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows ...)
NOT-FOR-US: IBM WebSphere
CVE-2010-0781 (Unspecified vulnerability in the administrative console in IBM ...)
More information about the Secure-testing-commits
mailing list