Author: fw
Date: 2007-08-04 12:02:45 +0000 (Sat, 04 Aug 2007)
New Revision: 6235
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-08-04 12:02:22 UTC (rev 6234)
+++ data/CVE/list 2007-08-04 12:02:45 UTC (rev 6235)
@@ -1288,15 +1288,15 @@
CVE-2006-7218 (eZ publish before 3.8.1 does not properly enforce permissions
for ...)
- ezpublish <not-affected> (Debian''s version is too old)
CVE-2006-7217 (Apache Derby before 10.2.1.6 does not determine schema privilege
...)
- TODO: check
+ NOT-FOR-US: Apache Derby
CVE-2006-7216 (Apache Derby before 10.2.1.6 does not determine privilege
requirements ...)
- TODO: check
+ NOT-FOR-US: Apache Derby
CVE-2006-7215 (The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop
...)
- TODO: check
+ NOT-FOR-US: Intel processor
CVE-2005-4859 (mimicboard2 (Mimic2) 086 and earlier stores sensitive
information ...)
- TODO: check
+ NOT-FOR-US: mimicboard2
CVE-2005-4858 (Multiple cross-site scripting (XSS) vulnerabilities in
mimic2.cgi in ...)
- TODO: check
+ NOT-FOR-US: mimicboard2
CVE-2005-4857 (eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3,
and ...)
- ezpublish <not-affected> (Debian''s version is too old)
CVE-2005-4856 (The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before
3.6.5, ...)
@@ -1314,7 +1314,7 @@
CVE-2005-4850 (eZ publish 3.5 through 3.7 before 20050608 requires both edit
and ...)
TODO: check
CVE-2005-4849 (Apache Derby before 10.1.2.1 exposes the (1) user and (2)
password ...)
- TODO: check
+ NOT-FOR-US: Apache Derby
CVE-2004-2682 (PeerSec MatrixSSL before 1.1 does not implement RSA blinding,
which ...)
- matrixssl 1.1-1
CVE-2004-2681 (PeerSec MatrixSSL before 1.1 caches session keys for an
indefinitely ...)
@@ -13784,21 +13784,21 @@
CVE-2006-5279
RESERVED
CVE-2006-5278 (Integer overflow in the Real-Time Information Server (RIS) Data
...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2006-5277 (Off-by-one error in the Certificate Trust List (CTL) Provider
service ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2006-5276 (Stack-based buffer overflow in the DCE/RPC preprocessor in Snort
...)
- snort <not-affected> (snort versions 2.3.x do not contain the DCE RPC
preprocessor)
CVE-2006-5275
RESERVED
CVE-2006-5274 (Integer overflow in McAfee ePolicy Orchestrator 3.5 through
3.6.1, ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2006-5273 (Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5
through ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2006-5272 (Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5
through ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2006-5271 (Integer underflow in McAfee ePolicy Orchestrator 3.5 through
3.6.1, ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2006-5270 (Integer overflow in the Microsoft Malware Protection Engine ...)
NOT-FOR-US: Microsoft
CVE-2006-5269
@@ -16275,7 +16275,7 @@
CVE-2006-4184 (SmartLine DeviceLock before 5.73 Build 305 does not properly
enforce ...)
NOT-FOR-US: SmartLine DeviceLock
CVE-2006-4183 (Heap-based buffer overflow in Microsoft DirectX SDK (February
2006) ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-4182 (Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions
...)
{DSA-1196-1}
- clamav 0.88.5-1 (high; bug #393445)