Author: stef-guest
Date: 2007-01-24 19:14:50 +0100 (Wed, 24 Jan 2007)
New Revision: 5345
Modified:
data/CVE/list
Log:
some NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-01-24 18:02:39 UTC (rev 5344)
+++ data/CVE/list 2007-01-24 18:14:50 UTC (rev 5345)
@@ -3260,9 +3260,9 @@
CVE-2006-5965 (PassGo SSO Plus 2.1.0.32, and probably earlier versions, uses
insecure ...)
NOT-FOR-US: PassGo SSO Plus
CVE-2006-5964 (choShilA.bpl in PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221
allows local ...)
- TODO: check
+ NOT-FOR-US: PentaZip
CVE-2006-5963 (Directory traversal vulnerability in PentaZip 8.5.1.190 and
PentaSuite-PRO ...)
- TODO: check
+ NOT-FOR-US: PentaZip
CVE-2006-5962 (Multiple SQL injection vulnerabilities in Hpecs Shopping Cart
allow ...)
NOT-FOR-US: Hpecs Shopping Cart
CVE-2006-5961 (Buffer overflow in Mercury Mail Transport System 4.01b for
Windows has ...)
@@ -3457,7 +3457,7 @@
NOTE: http://secunia.com/advisories/23230/
CVE-2006-5872 (Unspecified vulnerability in login.pl in SQL Ledger before
2.6.21 ...)
{DSA-1239-1}
- TODO: check
+ - sql-ledger 2.6.21-1
CVE-2006-5871 (smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before
...)
{DSA-1237 DSA-1233}
- linux-2.6 <not-affected> (Current Linux versions already implement
intended behaviour)
@@ -3487,9 +3487,9 @@
CVE-2006-5859
RESERVED
CVE-2006-5858 (Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on
Microsoft ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2006-5857 (Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted
remote ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2006-5856 (Stack-based buffer overflow in the Adobe Download Manager before
2.2 ...)
NOT-FOR-US: Adobe Download Manager
CVE-2006-5855 (Multiple buffer overflows in IBM Tivoli Storage Manager (TSM)
before 5.2.9 ...)
@@ -4999,9 +4999,9 @@
CVE-2006-5173 (Linux kernel does not properly save or restore EFLAGS during a
context ...)
- linux-2.6 2.6.18-1
CVE-2006-5172 (Stack-based buffer overflow in the RPC interface in Mediasvr.exe
in ...)
- TODO: check
+ NOT-FOR-US: Computer Associates (CA) Brightstor
CVE-2006-5171 (Stack-based buffer overflow in the RPC interface in Mediasvr.exe
in ...)
- TODO: check
+ NOT-FOR-US: Computer Associates (CA) Brightstor
CVE-2006-5170 (pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core
3 and ...)
{DSA-1203-1}
- libpam-ldap 180-1.2 (bug #392984; medium)
@@ -7423,9 +7423,9 @@
CVE-2006-4099 (Business Objects Crystal Enterprise 9 and 10 generates
predictable ...)
NOT-FOR-US: Business Objects
CVE-2006-4098 (Stack-based buffer overflow in the CSRadius service in Cisco
Secure Access ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2006-4097 (Multiple unspecified vulnerabilities in the CSRadius service in
Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2006-4096 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote
attackers to ...)
{DSA-1172-1}
- bind <not-affected> (Not vulnerable according to CERT advisory)
@@ -8979,7 +8979,7 @@
RESERVED
CVE-2006-3432
REJECTED
- TODO: check
+ NOTE: duplicate of CVE-2007-0028
CVE-2006-3431 (Buffer overflow in certain Asian language versions of Microsoft
Excel ...)
NOT-FOR-US: Microsoft Excel
CVE-2006-3430 (SQL injection vulnerability in checkprofile.asp in (1) PatchLink
...)
@@ -14074,7 +14074,7 @@
CVE-2006-1306 (Microsoft Excel 2000 through 2004 allows user-assisted attackers
to ...)
NOT-FOR-US: Microsoft
CVE-2006-1305 (Microsoft Outlook 2000, 2002, and 2003 allows user-assisted
remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-1304 (Buffer overflow in Microsoft Excel 2000 through 2003 allows ...)
NOT-FOR-US: Microsoft
CVE-2006-1303 (Multiple unspecified vulnerabilities in Microsoft Internet
Explorer ...)