atomo64-guest at alioth.debian.org
2008-Dec-15 21:29 UTC
[Secure-testing-commits] r10701 - data/CVE
Author: atomo64-guest Date: 2008-12-15 21:29:28 +0000 (Mon, 15 Dec 2008) New Revision: 10701 Modified: data/CVE/list Log: NFUs, and php issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-12-15 21:14:10 UTC (rev 10700) +++ data/CVE/list 2008-12-15 21:29:28 UTC (rev 10701) @@ -1,77 +1,78 @@ CVE-2008-5556 (** DISPUTED ** ...) TODO: check CVE-2008-5555 (Microsoft Internet Explorer 8.0 Beta 2 relies on the ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2008-5554 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 does not ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2008-5553 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 disables ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2008-5552 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2008-5551 (The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2008-5550 (Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp ...) TODO: check CVE-2008-5549 (Unspecified vulnerability in the Sun Java Web Console components in ...) TODO: check CVE-2008-5548 (VirusBuster 4.5.11.0, when Internet Explorer 6 or 7 is used, allows ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2008-5547 (HAURI ViRobot 2008.12.4.1499 and possibly 2008.9.12.1375, when ...) - TODO: check + NOT-FOR-US: HAURI ViRobot CVE-2008-5546 (VirusBlokAda VBA32 3.12.8.5, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: VirusBlokAda VBA32 CVE-2008-5545 (Trend Micro VSAPI 8.700.0.1004 in Trend Micro AntiVirus, when Internet ...) - TODO: check + NOT-FOR-US: Trend Micro VSAPI CVE-2008-5544 (Hacksoft The Hacker 6.3.1.2.174 and possibly 6.3.0.9.081, when ...) - TODO: check + NOT-FOR-US: Hacksoft The Hacker CVE-2008-5543 (Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: ymantec AntiVirus CVE-2008-5542 (Sunbelt VIPRE 3.1.1832.2 and possibly 3.1.1633.1, when Internet ...) - TODO: check + NOT-FOR-US: Sunbelt VIPRE CVE-2008-5541 (Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: Sophos Anti-Virus CVE-2008-5540 (Secure Computing Secure Web Gateway (aka Webwasher), when Internet ...) - TODO: check + NOT-FOR-US: Webwasher CVE-2008-5539 (RISING Antivirus 21.06.31.00 and possibly 20.61.42.00, when Internet ...) - TODO: check + NOT-FOR-US: RISING Antivirus CVE-2008-5538 (Prevx Prevx1 2, when Internet Explorer 6 or 7 is used, allows remote ...) - TODO: check + NOT-FOR-US: Prevx Prevx1 2 CVE-2008-5537 (PC Tools AntiVirus 4.4.2.0, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: PC Tools AntiVirus CVE-2008-5536 (Panda Antivirus 9.0.0.4, when Internet Explorer 6 or 7 is used, allows ...) - TODO: check + NOT-FOR-US: Panda Antivirus CVE-2008-5535 (Norman Antivirus 5.80.02, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: Norman Antivirus CVE-2008-5534 (ESET NOD32 Antivirus 3662 and possibly 3440, when Internet Explorer 6 ...) - TODO: check + NOT-FOR-US: ESET NOD32 Antivirus CVE-2008-5533 (K7AntiVirus 7.10.541 and possibly 7.10.454, when Internet Explorer 6 ...) - TODO: check + NOT-FOR-US: K7AntiVirus CVE-2008-5532 (Ikarus Virus Utilities T3.1.1.45.0 and possibly T3.1.1.34.0, when ...) - TODO: check + NOT-FOR-US: Ikarus Virus Utilities CVE-2008-5531 (Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: Fortinet Antivirus CVE-2008-5530 (Ewido Security Suite 4.0, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: Ewido Security Suite CVE-2008-5529 (CA eTrust Antivirus 31.6.6086, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: CA eTrust Antivirus CVE-2008-5528 (Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows ...) - TODO: check + NOT-FOR-US: Aladdin eSafe CVE-2008-5527 (ESET Smart Security, when Internet Explorer 6 or 7 is used, allows ...) - TODO: check + NOT-FOR-US: ESET Smart Security CVE-2008-5526 (DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: DrWeb Anti-virus CVE-2008-5525 (ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is ...) TODO: check + NOTE: CVE claims it only happens when Internet Explorer 6 or 7 is used, but ClamAV doesn''t have any special code for IE CVE-2008-5524 (CAT-QuickHeal 10.00 and possibly 9.50, when Internet Explorer 6 or 7 ...) - TODO: check + NOT-FOR-US: CAT-QuickHeal CVE-2008-5523 (avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: avast! antivirus CVE-2008-5522 (AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, ...) - TODO: check + NOT-FOR-US: AVG Anti-Virus CVE-2008-5521 (Avira AntiVir 7.9.0.36 and possibly 7.8.1.28, when Internet Explorer 6 ...) - TODO: check + NOT-FOR-US: Avira AntiVir CVE-2008-5520 (AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0, when Internet Explorer ...) - TODO: check + NOT-FOR-US: AhnLab V3 CVE-2008-5519 RESERVED CVE-2008-5518 @@ -114,8 +115,11 @@ RESERVED CVE-2008-5499 RESERVED -CVE-2008-5498 +CVE-2008-5498 [segfault and potential security issue in php5''s bundled libgd''s imagerotate] RESERVED + - php5 <not-affected> (php5 links to the shared lib) + - libgd2 <not-affected> (code is specific to php''s libgd) + NOTE: http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027.2.547.2.1361 CVE-2008-5497 (BandSite CMS 1.1.4 allows remote attackers to bypass authentication ...) TODO: check CVE-2008-5496 (SQL injection vulnerability in showcategory.php in PozScripts Business ...)