[Secure-testing-commits] r15936 - data/CVE
Jonathan Wiltshire
jmw at alioth.debian.org
Fri Jan 21 22:27:27 UTC 2011
Author: jmw
Date: 2011-01-21 22:27:25 +0000 (Fri, 21 Jan 2011)
New Revision: 15936
Modified:
data/CVE/list
Log:
NFUs
asterisk buffer overflow has CVE and bug
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-01-21 21:14:41 UTC (rev 15935)
+++ data/CVE/list 2011-01-21 22:27:25 UTC (rev 15936)
@@ -229,53 +229,56 @@
CVE-2011-0520
RESERVED
CVE-2011-0519 (SQL injection vulnerability in gallery.php in Gallarific PHP Photo ...)
- TODO: check
+ NOT-FOR-US: Gallarific
CVE-2011-0518 (Directory traversal vulnerability in core/lib/router.php in LotusCMS ...)
- TODO: check
+ NOT-FOR-US: LotusCMS
CVE-2011-0517 (Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and ...)
- TODO: check
+ NOT-FOR-US: Winlog Pro
CVE-2011-0516 (SQL injection vulnerability in mainx_a.php in E-PROMPT C BetMore Site ...)
- TODO: check
+ NOT-FOR-US: BetMore Site Suite
CVE-2011-0515 (KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 ...)
- TODO: check
+ NOT-FOR-US: Kingsoft AntiVirus
CVE-2011-0514 (The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows ...)
- TODO: check
+ NOT-FOR-US: HP Data Protector Manager
CVE-2011-0513 (DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows ...)
- TODO: check
+ NOT-FOR-US: SecurStar DriveCrypt
CVE-2011-0512 (SQL injection vulnerability in team.php in the Teams Structure module ...)
- TODO: check
+ NOT-FOR-US: PHP-Fusion
CVE-2011-0511 (SQL injection vulnerability in the allCineVid component ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2011-0510 (SQL injection vulnerability in cart.php in Advanced Webhost Billing ...)
- TODO: check
+ NOT-FOR-US: Advanced Webhost Billing System
CVE-2011-0509 (Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows ...)
- TODO: check
+ NOT-FOR-US: Vaadin
CVE-2011-0508 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Contao CMS
CVE-2011-0507 (FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 ...)
- TODO: check
+ NOT-FOR-US: Blackmoon FTP
+ NOTE: Windows-only
CVE-2011-0506 (Directory traversal vulnerability in modules/profile/user.php in Ax ...)
- TODO: check
+ NOT-FOR-US: AxDCMS
CVE-2011-0505 (Directory traversal vulnerability in system/system.php in Zwii 2.1.1, ...)
- TODO: check
+ NOT-FOR-US: Zwii
CVE-2011-0504 (Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, ...)
- TODO: check
+ NOT-FOR-US: VaM Shop
CVE-2011-0503 (Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, ...)
- TODO: check
+ NOT-FOR-US: VaM Shop
CVE-2011-0502 (Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly ...)
- TODO: check
+ NOT-FOR-US: Music Animation Machine MIDI Player
+ NOTE: Windows-only
CVE-2011-0501 (Stack-based buffer overflow in Music Animation Machine MIDI Player ...)
- TODO: check
+ NOT-FOR-US: Music Animation Machine MIDI Player
+ NOTE: Windows-only
CVE-2011-0500 (Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and ...)
- TODO: check
+ NOT-FOR-US: VideoSpirit Pro
CVE-2011-0499 (Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier ...)
- TODO: check
+ NOT-FOR-US: VideoSpirit Pro
CVE-2011-0498 (Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, ...)
- TODO: check
+ NOT-FOR-US: Nokia Multimedia Player
CVE-2011-0497 (Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ...)
- TODO: check
+ NOT-FOR-US: Sybase EAServer
CVE-2011-0496 (Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ...)
- TODO: check
+ NOT-FOR-US: Sybase EAServer
CVE-2010-4703 (SQL injection vulnerability in default.asp in HotWebScripts HotWeb ...)
TODO: check
CVE-2010-4702 (SQL injection vulnerability in JRadio (com_jradio) component before ...)
@@ -283,9 +286,9 @@
CVE-2010-4701 (Heap-based buffer overflow in the CDrawPoly::Serialize function in ...)
TODO: check
CVE-2011-0495 (Stack-based buffer overflow in the ast_uri_encode function in ...)
- TODO: check
+ - asterisk <unfixed> (bug #610487)
CVE-2011-0494 (Directory traversal vulnerability in WebSEAL in IBM Tivoli Access ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Access Manager
CVE-2011-0489 (The server components in Objectivity/DB 10.0 do not require ...)
TODO: check
CVE-2011-0488 (Stack-based buffer overflow in NTWebServer.exe in the test web service ...)
More information about the Secure-testing-commits
mailing list