[Secure-testing-commits] r15608 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Sun Nov 21 12:05:33 UTC 2010
Author: federico-guest
Date: 2010-11-21 12:05:24 +0000 (Sun, 21 Nov 2010)
New Revision: 15608
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-11-21 09:42:44 UTC (rev 15607)
+++ data/CVE/list 2010-11-21 12:05:24 UTC (rev 15608)
@@ -37,17 +37,17 @@
CVE-2010-4275
RESERVED
CVE-2010-4274 (reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 ...)
- TODO: check
+ NOT-FOR-US: IBM Systems Director
CVE-2010-4273 (SQL injection vulnerability in imoveis.php in DescargarVista ACC ...)
- TODO: check
+ NOT-FOR-US: DescargarVista ACC
CVE-2010-4272 (SQL injection vulnerability in the Pulse Infotech Sponsor Wall ...)
TODO: check
CVE-2010-4271 (SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows ...)
- TODO: check
+ NOT-FOR-US: ImpressCMS
CVE-2010-4270 (Directory traversal vulnerability in the nBill (com_netinvoice) ...)
TODO: check
CVE-2010-4269 (SQL injection vulnerability in managechat.php in Collabtive 0.65 ...)
- TODO: check
+ NOT-FOR-US: Collabtive
CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall ...)
TODO: check
CVE-2010-4267
@@ -115,15 +115,15 @@
CVE-2010-4235
RESERVED
CVE-2010-4234 (The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz ...)
- TODO: check
+ NOT-FOR-US: Camtron, TecVoz
CVE-2010-4233 (The Linux installation on the Camtron CMNC-200 Full HD IP Camera and ...)
- TODO: check
+ NOT-FOR-US: Camtron, TecVoz
CVE-2010-4232 (The web-based administration interface on the Camtron CMNC-200 Full HD ...)
- TODO: check
+ NOT-FOR-US: Camtron, TecVoz
CVE-2010-4231 (Directory traversal vulnerability in the web-based administration ...)
- TODO: check
+ NOT-FOR-US: Camtron, TecVoz
CVE-2010-4230 (Stack-based buffer overflow in a certain ActiveX control for the ...)
- TODO: check
+ NOT-FOR-US: Camtron, TecVoz
CVE-2010-4229
RESERVED
CVE-2010-4228
@@ -397,7 +397,7 @@
CVE-2010-4108
RESERVED
CVE-2010-4107 (The default configuration of the PJL Access value in the File System ...)
- TODO: check
+ NOT-FOR-US: HP LaserJet
CVE-2010-4106 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
NOT-FOR-US: HP Insight Orchestration
CVE-2010-4105 (Unspecified vulnerability in HP Insight Orchestration before 6.2 ...)
@@ -626,9 +626,9 @@
CVE-2010-4012
RESERVED
CVE-2010-4011 (Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage ...)
- TODO: check
+ NOT-FOR-US: Dovecot in Apple Mac OS X
CVE-2010-4010 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...)
- TODO: check
+ NOT-FOR-US: Apple Type Services
CVE-2010-4009
RESERVED
CVE-2010-4008 (libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, ...)
@@ -718,7 +718,7 @@
CVE-2010-3979 (Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different ...)
NOT-FOR-US: SAP BusinessObjects Enterprise
CVE-2010-3978 (Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data ...)
- TODO: check
+ NOT-FOR-US: Spree
CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
NOT-FOR-US: cForm wordpress plugin
CVE-2010-3976 (Untrusted search path vulnerability in Adobe Flash Player before ...)
@@ -880,25 +880,25 @@
- midori 0.2.7-1.1 (unimportant)
NOTE: Current Midori SSL support is very limited
CVE-2010-3899 (IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3898 (IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3897 (ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3896 (The ESSearchApplication directory tree in IBM OmniFind Enterprise ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3895 (esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3894 (Stack-based buffer overflow in the ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3893 (The administrator interface in IBM OmniFind Enterprise Edition 8.x and ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3892 (Session fixation vulnerability in the login form in the administrator ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3891 (Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3890 (Cross-site scripting (XSS) vulnerability in IBM OmniFind Enterprise ...)
- TODO: check
+ NOT-FOR-US: IBM OmniFind Enterprise Edition
CVE-2010-3889 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-3888 (Unspecified vulnerability in Microsoft Windows on 32-bit platforms ...)
@@ -948,9 +948,9 @@
CVE-2010-3870 (The utf8_decode function in PHP before 5.3.4 does not properly handle ...)
- php5 5.3.3-4 (bug #603751)
CVE-2010-3869 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
- TODO: check
+ NOT-FOR-US: Red Hat Certificate System
CVE-2010-3868 (Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate ...)
- TODO: check
+ NOT-FOR-US: Red Hat Certificate System
CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc ...)
- proftpd-dfsg 1.3.3a-4
[lenny] - proftpd-dfsg <no-dsa> (Minor issue)
@@ -993,7 +993,7 @@
CVE-2010-3853
RESERVED
CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat Conga ...)
- TODO: check
+ NOT-FOR-US: Red Hat Conga
CVE-2010-3851 (libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 ...)
TODO: check
CVE-2010-3850
@@ -1145,37 +1145,37 @@
CVE-2010-3799
RESERVED
CVE-2010-3798 (Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3797 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3796 (Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3793 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3792 (Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3791 (Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3790 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3789 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3786 (QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3785 (Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3784 (The PMPageFormatCreateWithDataRepresentation API in Printing in Apple ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3783 (Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-3782
RESERVED
CVE-2010-3781 (The PL/php add-on 1.4 and earlier for PostgreSQL does not properly ...)
@@ -4275,7 +4275,7 @@
CVE-2010-2639
RESERVED
CVE-2010-2638 (Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere MQ
CVE-2010-2637 (IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not ...)
NOT-FOR-US: IBM WebSphere
CVE-2010-2636 (Multiple cross-site scripting (XSS) vulnerabilities in sample store ...)
@@ -6281,45 +6281,45 @@
- mysql-5.1 5.1.47-1 (bug #582526)
- mysql-dfsg-5.0 <removed>
CVE-2010-1847 (The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1846 (Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1845 (ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1844 (Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1843 (Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1842 (Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1841 (Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1840 (Stack-based buffer overflow in the password-validation functionality ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1839
RESERVED
CVE-2010-1838 (Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1837 (CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1836 (Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1835
RESERVED
CVE-2010-1834 (CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1833 (Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1832 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1831 (Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1830 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1829 (Directory traversal vulnerability in AFP Server in Apple Mac OS X ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1828 (AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1827
RESERVED
CVE-2010-1826
@@ -6397,7 +6397,7 @@
CVE-2010-1804
RESERVED
CVE-2010-1803 (Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1802 (libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly ...)
NOT-FOR-US: Apple Mac OS X
CVE-2010-1801 (Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 ...)
@@ -7793,7 +7793,7 @@
CVE-2010-1379 (Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly ...)
NOT-FOR-US: Apple Mac OS X
CVE-2010-1378 (OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2010-1377 (Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an ...)
NOT-FOR-US: Apple Mac OS X
CVE-2010-1376 (Multiple format string vulnerabilities in Network Authorization in ...)
@@ -11709,7 +11709,7 @@
CVE-2010-0114
RESERVED
CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android ...)
- TODO: check
+ NOT-FOR-US: Symantec Norton Mobile Security application 1.0
CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
NOT-FOR-US: Symantec IM Manager
CVE-2010-0111
More information about the Secure-testing-commits
mailing list