[Secure-testing-commits] r15355 - data/CVE
Federico Ceratto
federico-guest at alioth.debian.org
Mon Sep 20 10:34:42 UTC 2010
Author: federico-guest
Date: 2010-09-20 10:34:37 +0000 (Mon, 20 Sep 2010)
New Revision: 15355
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-20 09:14:55 UTC (rev 15354)
+++ data/CVE/list 2010-09-20 10:34:37 UTC (rev 15355)
@@ -22,27 +22,27 @@
CVE-2010-XXXX [mediatomb directory traversal]
- mediatomb 0.12.0~svn2018-6.1 (medium; bug #580120)
CVE-2010-3428 (SQL injection vulnerability in modules/notes/json.php in Intermesh ...)
- TODO: check
+ NOT-FOR-US: Intermesh Group-Office
CVE-2010-3427 (Multiple cross-site scripting (XSS) vulnerabilities in Open ...)
- TODO: check
+ NOT-FOR-US: Open Classifieds
CVE-2010-3426 (Directory traversal vulnerability in jphone.php in the JPhone ...)
- TODO: check
+ NOT-FOR-US: JPhone for Joomla
CVE-2010-3425 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: SmarterStats
CVE-2010-3424 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Invision Power Board
CVE-2010-3423 (SQL injection vulnerability in the Yr Weatherdata module for Drupal ...)
TODO: check
CVE-2010-3422 (SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 ...)
- TODO: check
+ NOT-FOR-US: JGen for Joomla
CVE-2010-3421 (Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ...)
- TODO: check
+ NOT-FOR-US: ProductCart
CVE-2010-3420 (Cross-site scripting (XSS) vulnerability in Products_Results.php in ...)
- TODO: check
+ NOT-FOR-US: PowerStore
CVE-2010-3419 (Multiple PHP remote file inclusion vulnerabilities in Haudenschilt ...)
TODO: check
CVE-2010-3418 (Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media ...)
- TODO: check
+ NOT-FOR-US: NetArt Media Car Portal
CVE-2010-3417 (Google Chrome before 6.0.472.59 does not prompt the user before ...)
TODO: check
CVE-2010-3416 (Google Chrome before 6.0.472.59 on Linux does not properly implement ...)
@@ -64,13 +64,13 @@
CVE-2010-3408 (Use-after-free vulnerability in Google Chrome before 6.0.472.59 allows ...)
TODO: check
CVE-2010-3407 (Stack-based buffer overflow in the MailCheck821Address function in ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Domino
CVE-2010-3406 (Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM ...)
- TODO: check
+ NOT-FOR-US: AIX 5.3
CVE-2010-3405 (Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, ...)
- TODO: check
+ NOT-FOR-US: AIX 6.1, VIOS
CVE-2010-3404 (Multiple SQL injection vulnerabilities in eshtery CMS (aka ...)
- TODO: check
+ NOT-FOR-US: eshtery CMS
CVE-2010-3403 (Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic ...)
TODO: check
CVE-2010-3402 (Untrusted search path vulnerability in IDM Computer Solutions ...)
@@ -244,13 +244,13 @@
CVE-2010-3321
RESERVED
CVE-2010-3320 (Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before ...)
- TODO: check
+ NOT-FOR-US: IBM Records Manager
CVE-2010-3319 (IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a ...)
- TODO: check
+ NOT-FOR-US: IBM Records Manager
CVE-2010-3318 (IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits ...)
- TODO: check
+ NOT-FOR-US: IBM Records Manager
CVE-2010-3317 (Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) ...)
- TODO: check
+ NOT-FOR-US: IBM Records Manager
CVE-2010-3316
RESERVED
CVE-2010-3315
@@ -1092,7 +1092,7 @@
CVE-2010-3004 (Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on ...)
NOT-FOR-US: HP Operations Agents
CVE-2010-3003 (Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics ...)
- TODO: check
+ NOT-FOR-US: HP Insight Diagnostics Online Edition
CVE-2010-3002 (Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 ...)
NOT-FOR-US: RealPlayer
CVE-2010-3001 (Unspecified vulnerability in an ActiveX control in the Internet ...)
@@ -1884,7 +1884,7 @@
CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys in ...)
NOT-FOR-US: Windows
CVE-2010-2738 (The Uniscribe (aka new Unicode Script Processor) implementation in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-2737
RESERVED
CVE-2010-2736
@@ -1898,13 +1898,13 @@
CVE-2010-2732
RESERVED
CVE-2010-2731 (Unspecified vulnerability in Microsoft Internet Information Services ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-2730 (Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, ...)
- TODO: check
+ NOT-FOR-US: Microsoft IIS
CVE-2010-2729 (The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-2728 (Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, ...)
- TODO: check
+ NOT-FOR-US: Microsoft Outlook
CVE-2010-2727
RESERVED
CVE-2010-2726
@@ -2229,7 +2229,7 @@
CVE-2010-2601
RESERVED
CVE-2010-2600 (Untrusted search path vulnerability in BlackBerry Desktop Software ...)
- TODO: check
+ NOT-FOR-US: BlackBerry Desktop Software
CVE-2010-2599
RESERVED
CVE-2010-2594 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
@@ -2300,7 +2300,7 @@
CVE-2010-2568 (Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 ...)
NOT-FOR-US: Microsoft
CVE-2010-2567 (The RPC client implementation in Microsoft Windows XP SP2 and SP3 and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-2566 (The Secure Channel (aka SChannel) security package in Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2010-2565
@@ -2308,7 +2308,7 @@
CVE-2010-2564 (Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and ...)
NOT-FOR-US: Microsoft
CVE-2010-2563 (The Word 97 text converter in the WordPad Text Converters in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-2562 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for ...)
NOT-FOR-US: Microsoft
CVE-2010-2561 (Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle ...)
@@ -3958,7 +3958,7 @@
CVE-2010-1900 (Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft ...)
NOT-FOR-US: Microsoft Office Word
CVE-2010-1899 (Stack consumption vulnerability in the ASP implementation in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft IIS
CVE-2010-1898 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, ...)
NOT-FOR-US: Microsoft .NET Framework
CVE-2010-1897 (The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP ...)
@@ -3974,7 +3974,7 @@
CVE-2010-1892 (The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-1891 (The Client/Server Runtime Subsystem (aka CSRSS) in the Win32 subsystem ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-1890 (The kernel in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 ...)
NOT-FOR-US: Microsoft Windows
CVE-2010-1889 (Double free vulnerability in the kernel in Microsoft Windows Vista SP1 ...)
@@ -7382,7 +7382,7 @@
CVE-2010-0819 (Unspecified vulnerability in the Windows OpenType Compact Font Format ...)
NOT-FOR-US: Microsoft
CVE-2010-0818 (The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2010-0817 (Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in ...)
NOT-FOR-US: Microsoft SharePoint Server
CVE-2010-0816 (Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, ...)
More information about the Secure-testing-commits
mailing list