[Secure-testing-commits] r16032 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Feb 2 20:08:43 UTC 2011 

Author: jmm
Date: 2011-02-02 20:08:36 +0000 (Wed, 02 Feb 2011)
New Revision: 16032

Modified:
   data/CVE/list
Log:
- mediawiki bug
- NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-02-02 07:47:40 UTC (rev 16031)
+++ data/CVE/list	2011-02-02 20:08:36 UTC (rev 16032)
@@ -1,5 +1,5 @@
 CVE-2011-XXXX [mediawiki server-side arbitrary script inclusion vulnerability]
-	- mediawiki <unfixed>
+	- mediawiki <unfixed> (bug #611787)
 CVE-2011-0720
 	RESERVED
 CVE-2011-0719
@@ -650,7 +650,7 @@
 CVE-2011-0451
 	RESERVED
 CVE-2011-0450 (The downloads manager in Opera before 11.01 on Windows does not ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2011-0449
 	RESERVED
 CVE-2011-0448
@@ -1658,7 +1658,7 @@
 CVE-2011-0097
 	RESERVED
 CVE-2011-0096 (The MHTML implementation in Microsoft Windows XP SP2 and SP3, Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft mhtml
 CVE-2011-0095
 	RESERVED
 CVE-2011-0094
@@ -1759,7 +1759,7 @@
 	NOTE: http://www.bugzilla.org/security/3.2.9/
 CVE-2011-0047 [mediawiki CSS injection]
 	RESERVED
-	- mediawiki <unfixed>
+	- mediawiki <unfixed> (bug #611787)
 CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla ...)
 	- bugzilla <unfixed>
 	TODO: check
@@ -2572,7 +2572,7 @@
 CVE-2010-4332 (Pointter PHP Content Management System 1.0 allows remote attackers to ...)
 	NOT-FOR-US: Pointter PHP Content Management System
 CVE-2010-4331 (Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 ...)
-	TODO: check
+	NOT-FOR-US: Seo Panel
 CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse ...)
 	NOT-FOR-US: Pulse CMS Basic
 CVE-2010-4329 (Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton ...)
@@ -2583,9 +2583,9 @@
 CVE-2010-4327
 	RESERVED
 CVE-2010-4326 (Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent ...)
-	TODO: check
+	NOT-FOR-US: Groupwise
 CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in ...)
-	TODO: check
+	NOT-FOR-US: Groupwise
 CVE-2010-4324 (Cross-site scripting (XSS) vulnerability in the Approval Form in the ...)
 	NOT-FOR-US: Novell Identity Manager
 CVE-2010-4323
@@ -3008,7 +3008,7 @@
 	- imagemagick 8:6.6.0.4-3 (low; bug #601824)
 	[lenny] - imagemagick 7:6.3.7.9.dfsg2-1~lenny4
 CVE-2010-4166 (Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 ...)
-	TODO: check
+	NOT-FOR-US: Joomla
 CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel ...)
 	- linux-2.6 2.6.32-28
 CVE-2010-4164 (Multiple integer underflows in the x25_parse_facilities function in ...)
@@ -3578,7 +3578,7 @@
 CVE-2010-3932
 	REJECTED
 CVE-2010-3931 (Cross-site scripting (XSS) vulnerability in multiple Rocomotion ...)
-	TODO: check
+	NOT-FOR-US: Rocomotion
 CVE-2010-3930
 	RESERVED
 CVE-2010-3929
@@ -3586,7 +3586,7 @@
 CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to a ...)
 	NOT-FOR-US: Ruby Version Manager
 CVE-2010-3927 (Untrusted search path vulnerability in Lunascape before 6.4.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Lunascape
 CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in ...)
 	NOT-FOR-US: SGX-SP Final
 CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords, which ...)
@@ -4811,7 +4811,7 @@
 CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local users to ...)
 	NOT-FOR-US: Oracle OpenSolaris
 CVE-2010-3510 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
-	TODO: check
+	NOT-FOR-US: Oracle WebLogic
 CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
 	NOT-FOR-US: Oracle Solaris
 CVE-2010-3508 (Unspecified vulnerability in Oracle Solaris 10 allows local users to ...)
@@ -4821,7 +4821,7 @@
 CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer) ...)
 	NOT-FOR-US: Oracle Explorer
 CVE-2010-3505 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
-	TODO: check
+	NOT-FOR-US: Oracle Supply Chain Products
 CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2010-3503 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows ...)
@@ -6757,11 +6757,11 @@
 CVE-2010-2780
 	RESERVED
 CVE-2010-2779 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
-	TODO: check
+	NOT-FOR-US: GroupWise
 CVE-2010-2778 (Cross-site scripting (XSS) vulnerability in WebAccess in Novell ...)
-	TODO: check
+	NOT-FOR-US: GroupWise
 CVE-2010-2777 (Stack-based buffer overflow in the IMAP server component in GroupWise ...)
-	TODO: check
+	NOT-FOR-US: GroupWise
 CVE-2010-2776
 	RESERVED
 CVE-2010-2775
@@ -6936,7 +6936,7 @@
 CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-2743 (The kernel-mode drivers in Microsoft Windows XP SP3 do not properly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2010-2742 (The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and ...)
@@ -7217,7 +7217,7 @@
 CVE-2010-2633 (Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, ...)
 	NOT-FOR-US: EMC
 CVE-2010-2632 (Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, ...)
-	TODO: check
+	NOT-FOR-US: Solaris FTP server
 CVE-2010-2631 (LibTIFF 3.9.0 ignores tags in certain situations during the first ...)
 	- tiff <unfixed> (unimportant)
 CVE-2010-2630 (The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly ...)
@@ -14752,7 +14752,7 @@
 CVE-2009-4539 (Cross-site scripting (XSS) vulnerability in main.php in SQLiteManager ...)
 	NOT-FOR-US: SQLiteManager
 CVE-2010-0115 (SQL injection vulnerability in login.php in the GUI management console ...)
-	TODO: check
+	NOT-FOR-US: Symantec Web Gateway
 CVE-2010-0114 (fw_charts.php in the reporting module in the Manager (aka SEPM) ...)
 	NOT-FOR-US: Symantec Endpoint Protection
 CVE-2010-0113 (The Symantec Norton Mobile Security application 1.0 Beta for Android ...)
@@ -14760,9 +14760,9 @@
 CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative Interface ...)
 	NOT-FOR-US: Symantec IM Manager
 CVE-2010-0111 (HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel ...)
-	TODO: check
+	NOT-FOR-US: Symantec Intel Alert Handler
 CVE-2010-0110 (Multiple stack-based buffer overflows in Intel Alert Management System ...)
-	TODO: check
+	NOT-FOR-US: Symantec Intel Alert Handler
 CVE-2010-0109
 	RESERVED
 CVE-2010-0108 (Buffer overflow in the cliproxy.objects.1 ActiveX control in the ...)

More information about the Secure-testing-commits mailing list