thr3ads.net - Secure testing commits - [Secure-testing-commits] r18864

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2012-Apr-07 12:54 UTC

[Secure-testing-commits] r18864 - data/CVE

Author: jmm
Date: 2012-04-07 12:54:50 +0000 (Sat, 07 Apr 2012)
New Revision: 18864

Modified:
   data/CVE/list
Log:
new inspircd issue
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-04-07 09:59:30 UTC (rev 18863)
+++ data/CVE/list	2012-04-07 12:54:50 UTC (rev 18864)
@@ -309,11 +309,11 @@
 CVE-2012-2056
 	RESERVED
 CVE-2008-7311 (The session cookie store implementation in Spree 0.2.0 uses a
...)
-	TODO: check
+	NOT-FOR-US: Spree
 CVE-2008-7310 (Spree 0.2.0 does not properly restrict the use of a hash to
provide ...)
-	TODO: check
+	NOT-FOR-US: Spree
 CVE-2008-7309 (Insoshi before 20080920 does not properly restrict the use of a
hash ...)
-	TODO: check
+	NOT-FOR-US: Insoshi
 CVE-2012-2055 (GitHub Enterprise before 20120304 does not properly restrict the
use ...)
 	NOT-FOR-US: GitHub Enterprise
 CVE-2012-2054 (Redmine before 1.3.2 does not properly restrict the use of a
hash to ...)
@@ -770,7 +770,7 @@
 CVE-2012-1837 (The (1) webreports, (2) post/create-role, and (3)
post/update-role ...)
 	NOT-FOR-US: Tivoli
 CVE-2012-1836 (Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might
allow ...)
-	TODO: check
+	- inspircd <unfixed>
 CVE-2012-1835
 	RESERVED
 CVE-2012-1834
@@ -1839,11 +1839,11 @@
 CVE-2012-1338
 	RESERVED
 CVE-2012-1337 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player
T27 L ...)
-	TODO: check
+	NOT-FOR-US: Cisco WebEx
 CVE-2012-1336 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player
T27 L ...)
-	TODO: check
+	NOT-FOR-US: Cisco WebEx
 CVE-2012-1335 (Buffer overflow in the Cisco WebEx Recording Format (WRF) player
T27 L ...)
-	TODO: check
+	NOT-FOR-US: Cisco WebEx
 CVE-2012-1334
 	RESERVED
 CVE-2012-1333
@@ -2486,7 +2486,7 @@
 	{DSA-2443-1}
 	- linux-2.6 3.2.10-1
 CVE-2012-1089 (Directory traversal vulnerability in Apache Wicket 1.4.x before
1.4.20 ...)
-	TODO: check
+	NOT-FOR-US: Apache Wicket
 CVE-2012-1088
 	RESERVED
 CVE-2012-1087 (Cross-site scripting (XSS) vulnerability in the Post data
records to ...)
@@ -3183,7 +3183,6 @@
 CVE-2012-0810
 	RESERVED
 	- linux-2.6 <unfixed>
-	TODO: check
 CVE-2012-0809 (Format string vulnerability in the sudo_debug function in Sudo
1.8.0 ...)
 	- sudo 1.8.3p2-1 (bug #657985)
 	[squeeze] - sudo <not-affected> (Vulnerable code not present)

Secure testing commits - Apr 2012 - r18864 - data/CVE

[Secure-testing-commits] r18864 - data/CVE