kees at alioth.debian.org
2008-Nov-11 17:24 UTC
[Secure-testing-commits] r10365 - data/CVE
Author: kees Date: 2008-11-11 17:24:22 +0000 (Tue, 11 Nov 2008) New Revision: 10365 Modified: data/CVE/list Log: NFUs: 20 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-11 12:41:29 UTC (rev 10364) +++ data/CVE/list 2008-11-11 17:24:22 UTC (rev 10365) @@ -1,3 +1,11 @@ +CVE-2008-5035 + NOT-FOR-US: IBM Hardware Management Console +CVE-2008-5026 + NOT-FOR-US: Microsoft +CVE-2008-5011 + NOT-FOR-US: IBM Lotus Quickr +CVE-2008-5009 + NOT-FOR-US: Sun Solstice X.25 CVE-2008-5025 [kernel: one more hfsplus issue] - linux-2.6 <unfixed> - linux-2.6.24 <unfixed> @@ -13,23 +21,23 @@ CVE-2008-5005 (Multiple stack-based buffer overflows in (1) University of Washington ...) TODO: check CVE-2008-5004 (SQL injection vulnerability in genscode.php in myWebland Bloggie Lite ...) - TODO: check + NOT-FOR-US: myWebland Bloggie Lite CVE-2008-5003 (SQL injection vulnerability in ndetail.php in Shahrood allows remote ...) - TODO: check + NOT-FOR-US: Shahrood CVE-2008-5002 (Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ...) - TODO: check + NOT-FOR-US: ActiveX CVE-2008-5001 (Multiple stack-based buffer overflows in multiple functions in ...) TODO: check CVE-2008-5000 (SQL injection vulnerability in admin/includes/news.inc.php in PHPX ...) - TODO: check + NOT-FOR-US: PHPX CVE-2008-4999 (Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to ...) - TODO: check + NOT-FOR-US: Nortel Networks UNIStim IP Phone CVE-2008-4997 (** DISPUTED ** ...) - datafreedom-perl <unfixed> (unimportant; bug #496429) CVE-2008-4996 (** DISPUTED ** ...) - initramfs-tools <unfixed> (unimportant; bug #496386) CVE-2008-4992 (The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and ...) - TODO: check + NOT-FOR-US: Sun System Firmware CVE-2008-XXXX [ClamAV get_unicode_name() off-by-one buffer overflow] - clamav <unfixed> (bug #505134) CVE-2008-4991 (SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and ...) @@ -124,7 +132,7 @@ CVE-2008-4911 (PHP remote file inclusion vulnerability in read.php in Chattaitaliano ...) NOT-FOR-US: Chattaitaliano Istant-Replay CVE-2008-4910 (The BasicService in Sun Java Web Start allows remote attackers to ...) - TODO: check + NOT-FOR-US: Sun Java Web Start CVE-2008-4909 (Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and ...) NOT-FOR-US: CompactCMS CVE-2008-4908 (maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local ...) @@ -317,7 +325,7 @@ CVE-2008-4832 RESERVED CVE-2008-4831 (Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ...) - TODO: check + NOT-FOR-US: Adobe ColdFusion CVE-2008-4830 RESERVED CVE-2008-4829 @@ -339,7 +347,7 @@ CVE-2008-4821 (Adobe Flash Player 9.0.124.0 and earlier, when a Mozilla browser is ...) TODO: check CVE-2008-4820 (Unspecified vulnerability in the Flash Player ActiveX control in Adobe ...) - TODO: check + NOT-FOR-US: Flash Player ActiveX control CVE-2008-4819 (Unspecified vulnerability in Adobe Flash Player 9.0.124.0 and earlier ...) TODO: check CVE-2008-4818 (Cross-site scripting (XSS) vulnerability in Adobe Flash Player ...) @@ -347,7 +355,7 @@ CVE-2008-4817 (The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 ...) TODO: check CVE-2008-4816 (Unspecified vulnerability in the Download Manager in Adobe Reader ...) - TODO: check + NOT-FOR-US: Adobe Reader on Windows CVE-2008-4815 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 ...) TODO: check CVE-2008-4814 (Unspecified vulnerability in a JavaScript method in Adobe Reader and ...) @@ -355,7 +363,7 @@ CVE-2008-4813 (Adobe Reader and Acrobat 8.1.2 and earlier allow remote attackers to ...) TODO: check CVE-2008-4812 (Array index error in Adobe Reader and Acrobat, and the Explorer ...) - TODO: check + NOT-FOR-US: Adobe Reader Explorer extension CVE-2008-4811 (The _expand_quoted_text function in libs/Smarty_Compiler.class.php in ...) - smarty <unfixed> (bug #504328) - moodle 1.8.2-2 (bug #504345) @@ -1253,7 +1261,7 @@ CVE-2008-4415 RESERVED CVE-2008-4414 (Unspecified vulnerability in the AdvFS showfile command in HP Tru64 ...) - TODO: check + NOT-FOR-US: HP Tru64 UNIX CVE-2008-4413 (Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 ...) NOT-FOR-US: HP System Management Homepage CVE-2008-4412 (Unspecified vulnerability in HP Systems Insight Manager (SIM) before ...) @@ -1355,7 +1363,7 @@ CVE-2008-4388 RESERVED CVE-2008-4387 - RESERVED + NOT-FOR-US: ActiveX CVE-2008-4386 RESERVED CVE-2008-4385 (Husdawg, LLC Systems Requirements Lab 3 allows remote attackers to ...) @@ -1609,7 +1617,7 @@ CVE-2008-4282 RESERVED CVE-2008-4281 (Directory traversal vulnerability in VMWare ESXi 3.5 before ...) - TODO: check + NOT-FOR-US: VMWare ESXi CVE-2008-4280 RESERVED CVE-2008-4279 (The CPU hardware emulation for 64-bit guest operating systems in ...) @@ -2602,9 +2610,9 @@ CVE-2008-3869 RESERVED CVE-2008-3868 (Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 ...) - TODO: check + NOT-FOR-US: Interact CVE-2008-3867 (SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 ...) - TODO: check + NOT-FOR-US: Interact CVE-2008-3866 RESERVED CVE-2008-3865