thr3ads.net - Secure testing commits - [Secure-testing-commits] r3388

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2006-Jan-29 20:56 UTC

[Secure-testing-commits] r3388 - data/CVE

Author: jmm-guest
Date: 2006-01-29 20:55:51 +0000 (Sun, 29 Jan 2006)
New Revision: 3388

Modified:
   data/CVE/list
Log:
another no-dsa
two suspected helix issues were only present in real player
  (at the time of research the vendor information wasn''t
   complete)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-01-29 20:42:11 UTC (rev 3387)
+++ data/CVE/list	2006-01-29 20:55:51 UTC (rev 3388)
@@ -9028,9 +9028,11 @@
 	{DSA-737-1 DTSA-3-1}
 	- clamav 0.86.1-1 (bug #318756; medium)
 CVE-2005-2055 (RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and
RealOne ...)
-	- helix-player 1.0.5-1 (bug #316276; high)
+	- helix-player 1.0.5-1 (bug #316276; unknown)
 CVE-2005-2054 (Unknown vulnerability in RealPlayer 10 and 10.5
(6.0.12.1040-1069) and ...)
-	- helix-player 1.0.5-1 (bug #316276; unknown)
+	NOT-FOR-US: Real Player
+	NOTE: This didn''t affected Helix, although the changelog claimed so,
see
+	NOTE: http://service.real.com/help/faq/security/050623_player/EN/
 CVE-2002-1986 (Perception LiteServe 2.0 through 2.0.1 allows remote attackers
to ...)
 	NOT-FOR-US: Perception LiteServe
 CVE-2002-1985 (iSMTP 5.0.1 allows remote attackers to cause a denial of service
via a ...)
@@ -9456,7 +9458,9 @@
 CVE-2005-2053 (Just another flat file (JAF) CMS before 3.0 Final allows remote
...)
 	NOT-FOR-US: JAF CMS
 CVE-2005-2052 (Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and
10.5 ...)
-	- helix-player 1.0.5-1 (bug #316276; high)
+	NOT-FOR-US: Real Player
+	NOTE: This didn''t affected Helix, although the changelog claimed so,
see
+	NOTE: http://service.real.com/help/faq/security/050623_player/EN/
 CVE-2005-2051 (Buffer overflow in the VERITAS Backup Exec Web Administration
Console ...)
 	NOT-FOR-US: BEWAC
 CVE-2005-2050 (Unknown vulnerability in Tor before 0.1.0.10 allows remote
attackers ...)
@@ -13547,7 +13551,7 @@
 	[sarge] - kernel-source-2.6.8 <not-affected> (Not vulnerable, see
#306137)
 CVE-2005-0866 (cdrecord before 4:2.0, when DEBUG is enabled, allows local users
to ...)
 	- cdrtools 4:2.01+01a01-4 (bug #291376; low)
-	NOTE: Sarge and Woody affected
+	- cdrtools <no-dsa> (Only exploitable in rare debugging mode)
 CVE-2004-1771 (Scalable OGo (SOGo) 1.0 allows remote authenticated users to
bypass ...)
 	NOT-FOR-US: Scalable OGo (SOGo)
 CVE-2002-1628 (Directory traversal vulnerability in vote.cgi for Mike Spice
Mike''s ...)

Secure testing commits - Jan 2006 - r3388 - data/CVE

[Secure-testing-commits] r3388 - data/CVE