[Secure-testing-commits] r15968 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Jan 25 22:06:59 UTC 2011
Author: jmm
Date: 2011-01-25 22:06:53 +0000 (Tue, 25 Jan 2011)
New Revision: 15968
Modified:
data/CVE/list
Log:
fixup proftpd entry
new glassfish issue
loads of NFUs, mostly Oracle
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-01-25 21:49:15 UTC (rev 15967)
+++ data/CVE/list 2011-01-25 22:06:53 UTC (rev 15968)
@@ -1,5 +1,5 @@
CVE-2011-0640 (The default configuration of udev on Linux does not warn the user ...)
- TODO: check
+ NOTE: Not much that could sensibly be fixed here
CVE-2011-0639 (Apple Mac OS X does not properly warn the user before enabling ...)
NOT-FOR-US: Mac OS X
CVE-2011-0638 (Microsoft Windows does not properly warn the user before enabling ...)
@@ -324,11 +324,11 @@
CVE-2011-0496 (Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ...)
NOT-FOR-US: Sybase EAServer
CVE-2010-4703 (SQL injection vulnerability in default.asp in HotWebScripts HotWeb ...)
- TODO: check
+ NOT-FOR-US: HotWebScripts HotWeb Rentals
CVE-2010-4702 (SQL injection vulnerability in JRadio (com_jradio) component before ...)
- TODO: check
+ NOT-FOR-US: Joomla component
CVE-2010-4701 (Heap-based buffer overflow in the CDrawPoly::Serialize function in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Fax Services Cover Page Editor
CVE-2011-0495 (Stack-based buffer overflow in the ast_uri_encode function in ...)
- asterisk <unfixed> (bug #610487)
CVE-2011-0494 (Directory traversal vulnerability in WebSEAL in IBM Tivoli Access ...)
@@ -562,7 +562,7 @@
CVE-2011-0411
RESERVED
CVE-2011-0410 (CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for ...)
- TODO: check
+ NOT-FOR-US: CollabNet ScrumWorks Basic
CVE-2011-0409
RESERVED
CVE-2011-0408 (pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to ...)
@@ -681,7 +681,7 @@
CVE-2011-0353
RESERVED
CVE-2011-0352 (Buffer overflow in the web-based management interface on the Cisco ...)
- TODO: check
+ NOT-FOR-US: Linksys router
CVE-2011-0351
RESERVED
CVE-2011-0350
@@ -952,8 +952,7 @@
TODO: check
CVE-2010-4652 [buffer overflow when preparing SQL queries]
RESERVED
- - proftpd <unfixed>
- TODO: check
+ - proftpd-dfsg <unfixed>
CVE-2010-4651 [patch directory traversal]
RESERVED
- patch <unfixed> (unimportant)
@@ -1085,9 +1084,9 @@
CVE-2011-0275
RESERVED
CVE-2011-0274 (Cross-site scripting (XSS) vulnerability in HP Business Availability ...)
- TODO: check
+ NOT-FOR-US: HP Business Availability
CVE-2011-0273 (Unspecified vulnerability in HP OpenView Storage Data Protector 6.11 ...)
- TODO: check
+ NOT-FOR-US: HP OpenView Storage Data Protector
CVE-2011-0272 (Unspecified vulnerability in HP LoadRunner 9.52 allows remote ...)
NOT-FOR-US: HP LoadRunner
CVE-2011-0271 (The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and ...)
@@ -2066,7 +2065,7 @@
CVE-2010-4457 (Unspecified vulnerability in Oracle Solaris 11 Express allows remote ...)
NOT-FOR-US: Solaris
CVE-2010-4456 (Unspecified vulnerability in Oracle Sun Java System Communications ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Java System Communications Express
CVE-2010-4455 (Unspecified vulnerability in the Oracle HTTP Server component in ...)
NOT-FOR-US: Oracle Fusion
CVE-2010-4454
@@ -2088,71 +2087,71 @@
CVE-2010-4446 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
NOT-FOR-US: Solaris
CVE-2010-4445 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4444 (Unspecified vulnerability in Oracle Sun Java System Access Manager and ...)
- TODO: check
+ NOT-FOR-US: OpenSSO
CVE-2010-4443 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
NOT-FOR-US: Solaris
CVE-2010-4442 (Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows ...)
NOT-FOR-US: Solaris
CVE-2010-4441 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4440 (Unspecified vulnerability in Oracle 10 and 11 Express allows local ...)
- TODO: check
+ NOT-FOR-US: Oracle Express
CVE-2010-4439 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4438 (Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, ...)
- TODO: check
+ - glassfish <unfixed>
CVE-2010-4437 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
- TODO: check
+ NOT-FOR-US: WebLogic
CVE-2010-4436 (Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0 ...)
- TODO: check
+ NOT-FOR-US: SunMC
CVE-2010-4435 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote ...)
NOT-FOR-US: Solaris
CVE-2010-4434 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4433 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
NOT-FOR-US: Solaris
CVE-2010-4432 (Unspecified vulnerability in the Oracle Transportation Manager ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain
CVE-2010-4431 (Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 ...)
- TODO: check
+ NOT-FOR-US: Oracle Sun Java System Portal Server
CVE-2010-4430 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4429 (Unspecified vulnerability in the Agile Core component in Oracle Supply ...)
- TODO: check
+ NOT-FOR-US: Oracle Supply Chain
CVE-2010-4428 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4427 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
- TODO: check
+ NOT-FOR-US: Oracle BI Publisher
CVE-2010-4426 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4425 (Unspecified vulnerability in the Oracle BI Publisher component in ...)
- TODO: check
+ NOT-FOR-US: Oracle BI Publisher
CVE-2010-4424 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4423 (Unspecified vulnerability in the Cluster Verify Utility component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2010-4422
RESERVED
CVE-2010-4421 (Unspecified vulnerability in the Database Vault component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2010-4420 (Unspecified vulnerability in the Database Vault component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2010-4419 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4418 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
- TODO: check
+ NOT-FOR-US: PeopleSoft
CVE-2010-4417 (Unspecified vulnerability in the Services for Beehive component in ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2010-4416 (Unspecified vulnerability in the Oracle GoldenGate Veridata component ...)
- TODO: check
+ NOT-FOR-US: Oracle Fusion Middleware
CVE-2010-4415 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2010-4414 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local ...)
TODO: check
CVE-2010-4413 (Unspecified vulnerability in the Scheduler Agent component in Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle Database
CVE-2010-4412 (Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta ...)
NOT-FOR-US: pfSense
CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
More information about the Secure-testing-commits
mailing list