white at alioth.debian.org
2008-Jul-11 11:40 UTC
[Secure-testing-commits] r9305 - data/CVE
Author: white
Date: 2008-07-11 11:40:58 +0000 (Fri, 11 Jul 2008)
New Revision: 9305
Modified:
data/CVE/list
Log:
Some more NFUs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-07-11 10:30:00 UTC (rev 9304)
+++ data/CVE/list 2008-07-11 11:40:58 UTC (rev 9305)
@@ -6980,9 +6980,9 @@
CVE-2008-0108 (Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6
File ...)
NOT-FOR-US: Microsoft Office
CVE-2008-0107 (Integer underflow in Microsoft SQL Server 7.0 SP4, 2000 SP4,
2005 SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft SQL Server
CVE-2008-0106 (Buffer overflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005
SP2, ...)
- TODO: check
+ NOT-FOR-US: Microsoft SQL Server
CVE-2008-0105 (Microsoft Works 6 File Converter, as used in Office 2003 SP2 and
SP3, ...)
NOT-FOR-US: Microsoft Office
CVE-2008-0104 (Unspecified vulnerability in Microsoft Office Publisher 2000,
2002, ...)
@@ -7042,9 +7042,9 @@
CVE-2008-0087 (The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server
2003 SP1 ...)
NOT-FOR-US: Microsoft Windows
CVE-2008-0086 (Buffer overflow in the convert function in Microsoft SQL Server
7.0 ...)
- TODO: check
+ NOT-FOR-US: Microsoft SQL Server
CVE-2008-0085 (Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data
...)
- TODO: check
+ NOT-FOR-US: Microsoft SQL Server
CVE-2008-0084 (Unspecified vulnerability in the TCP/IP support in Microsoft
Windows ...)
NOT-FOR-US: Windows
CVE-2008-0083 (The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll)
...)
@@ -15467,13 +15467,13 @@
CVE-2007-3654 (The display driver allocattr functions in NetBSD 3.0 through
...)
NOT-FOR-US: NetBSD
CVE-2007-3653 (Multiple cross-site scripting (XSS) vulnerabilities in Farsi
Script ...)
- TODO: check
+ NOT-FOR-US: Farsi Script
CVE-2007-3652 (SQL injection vulnerability in class/page.php in Farsi Script
(aka ...)
- TODO: check
+ NOT-FOR-US: Farsi Script
CVE-2007-3651 (class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Farsi Script
CVE-2007-3650 (myWebland myBloggie 2.1.6 allow remote attackers to obtain
sensitive ...)
- TODO: check
+ NOT-FOR-US: myWebland myBloggie
CVE-2007-3649 (Absolute path traversal vulnerability in a certain ActiveX
control in ...)
NOT-FOR-US: Hewlett-Packard (HP) Photo Digital Imaging ActiveX control
CVE-2007-3648 (SQL injection vulnerability in Webmatic before 2.6.2, and
possibly ...)
@@ -19644,7 +19644,7 @@
{DSA-1283-1 DTSA-39-1}
- php5 5.2.0-11 (low)
CVE-2007-1899 (Multiple SQL injection vulnerabilities in myWebland myBloggie
2.1.6 ...)
- TODO: check
+ NOT-FOR-US: myWebland myBloggie
CVE-2007-1898 (formmail.php in Jetbox CMS 2.1 allows remote attackers to send
...)
NOT-FOR-US: Jetbox CMS
CVE-2007-1897 (SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress
2.1.2, ...)
@@ -28486,9 +28486,9 @@
CVE-2006-5267
RESERVED
CVE-2006-5266 (Multiple buffer overflows in Microsoft Dynamics GP (formerly
Great ...)
- TODO: check
+ NOT-FOR-US: Microsoft issue
CVE-2006-5265 (Unspecified vulnerability in Microsoft Dynamics GP (formerly
Great ...)
- TODO: check
+ NOT-FOR-US: Microsoft issue
CVE-2006-5264 (Cross-site scripting (XSS) vulnerability in sql.php in
MysqlDumper ...)
NOT-FOR-US: MysqlDumper
CVE-2006-5263 (Directory traversal vulnerability in templates/header.php3 in
...)