Author: jmw
Date: 2011-01-12 22:17:10 +0000 (Wed, 12 Jan 2011)
New Revision: 15837
Modified:
data/CVE/list
Log:
NFUs
Mark Piwik issues with ITP bug #560933
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-01-12 22:02:45 UTC (rev 15836)
+++ data/CVE/list 2011-01-12 22:17:10 UTC (rev 15837)
@@ -1,5 +1,5 @@
CVE-2011-0423 (The PolyVision RoomWizard with firmware 3.2.3 has a default
password ...)
- TODO: check
+ NOT-FOR-US: PolyVision RoomWizard
CVE-2011-0422
RESERVED
CVE-2011-0421
@@ -33,25 +33,25 @@
CVE-2011-0407 (SQL injection vulnerability in the store function in ...)
TODO: check
CVE-2011-0406 (Heap-based buffer overflow in HistorySvr.exe in WellinTech
KingView ...)
- TODO: check
+ NOT-FOR-US: WellinTech KingView
CVE-2011-0405 (Directory traversal vulnerability in module.php in PhpGedView
4.2.3 ...)
TODO: check
CVE-2011-0404 (Stack-based buffer overflow in NetSupport Manager Agent for
Linux ...)
TODO: check
CVE-2011-0403 (Untrusted search path vulnerability in ImgBurn.exe in [VENDOR]
ImgBurn ...)
- TODO: check
+ NOT-FOR-US: ImgBurn
CVE-2011-0402 (dpkg-source in dpkg before 1.14.31 and 1.15.x allows
user-assisted ...)
TODO: check
CVE-2011-0401 (Piwik before 1.1 does not properly limit the number of files
stored ...)
- TODO: check
+ - piwik <itp> (bug #506933)
CVE-2011-0400 (Cookie.php in Piwik before 1.1 does not set the secure flag for
the ...)
- TODO: check
+ - piwik <itp> (bug #506933)
CVE-2011-0399 (Piwik before 1.1 does not prevent the rendering of the login
form ...)
- TODO: check
+ - piwik <itp> (bug #506933)
CVE-2011-0398 (The Piwik_Common::getIP function in Piwik before 1.1 does not
properly ...)
- TODO: check
+ - piwik <itp> (bug #506933)
CVE-2010-4693 (Multiple cross-site scripting (XSS) vulnerabilities in
Coppermine ...)
- TODO: check
+ NOT-FOR-US: Coppermine Photo Gallery
CVE-2011-0397
RESERVED
CVE-2011-0396
@@ -213,11 +213,11 @@
CVE-2011-0317
RESERVED
CVE-2011-0316 (The Administrative Console component in IBM WebSphere
Application ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2011-0315 (Cross-site scripting (XSS) vulnerability in the Servlet Engine
/ Web ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere Application Server
CVE-2011-0314 (Heap-based buffer overflow in IBM WebSphere MQ 6.0 before
6.0.2.11 and ...)
- TODO: check
+ NOT-FOR-US: IBM WebSphere MQ
CVE-2011-0313
RESERVED
CVE-2011-0312
@@ -1171,9 +1171,9 @@
CVE-2011-0028
RESERVED
CVE-2011-0027 (Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Data Access Components
CVE-2011-0026 (Buffer overflow in an ODBC API in Microsoft Data Access
Components ...)
- TODO: check
+ NOT-FOR-US: Microsoft Data Access Components
CVE-2010-XXXX [ircd-ratbox password disclosure?]
- ircd-ratbox 3.0.6.dfsg-2
TODO: check
@@ -1352,9 +1352,9 @@
- linux-2.6 2.6.32-30
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
CVE-2011-0005 (Cross-site scripting (XSS) vulnerability in the com_search
module for ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2011-0004 (Multiple cross-site scripting (XSS) vulnerabilities in Piwik
before ...)
- TODO: check
+ - piwik <itp> (bug #506933)
CVE-2011-0003 (MediaWiki before 1.16.1, when user or site JavaScript or CSS is
...)
{DTSA-207-1}
- mediawiki <unfixed>
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
